Reading the ICS-CERT security alerts on a daily basis can make you despair, even though most of the vulnerabilities and attacks in and on industrial systems aren't actually world-shattering. However, a few of them do stand out - for example when the target is in use extremely often or the vulnerability is fairly easy to exploit.
Another one of those market studies that »unveils« something that's obvious - but there are some interesting and unexpected details. On the face of it, the »Strategic Analysis of Global Machine Safety Market« by Frost&Sullivan states that »with the introduction of stringent safety requirements in developed countries, demand for machine safety solutions is expected to rise significantly« (Really?). More interesting are the implications on developing and emerging markets.
The requirements for Programmable Logic Controllers are increasing continuously, and today's PLCs don't have much in common with their predecessors of a few years ago. The higher complexity brings potential risks that have to be fought off with even more new functions. With the newest member of the S7 family, Siemens tries to bring it all together.
Industrial automation systems can be quite versatile - take them out of the factory and beside a rail track and even Britain’s or Germany’s infamous trains might run like an oiled automation line. In order to prove this hypothesis, a transportation company and an automation expert join forces.
A week ago, security researcher Rubén Santamarta publicly announced details of multiple vulnerabilities affecting the Schneider Electric Quantum PLC Ethernet Module, and coordinated his findings with ICS-CERT. The Quantum Ethernet Module is prone to an authentication-bypass vulnerability.
Every IT specialist worth his salt wouldn’t connect a critical SCADA system to the Internet without the strictest of precautions. It seems that people like that don’t work for critical US infrastructure facilities.
In industrial systems, machines need to be monitored constantly in order to ensure material stability, system security and personnel safety. The Field Device Technology standard (FDT) takes care of vendor-independent parameterization.
Remember Stuxnet, anyone? It never became totally clear who was behind – speculations range from the CIA to Mossad to the flying spaghetti monster; at least two of these might be interested in Stuxnet's main target, Iranian nuclear facilities with neglected Windows installations. Now, parts of Stuxnet's code seem to have been recycled in a different type of malware, a trojan horse.
One of the key issues in automation is safety for personnel and material, not least because a production line not interrupted by accidents usually is more productive than the other kind.
What’s more preferable to visit: CeBIT or embedded world 2011? That may have been a relevant question last week, since both trade shows took place quite at the same time last week. Well, that’s somehow hard to decide: It goes without saying that everything at CeBIT 2011 (1 to 5 March) revolves primarily around bits, bytes and innovative technologies, such as new smartphones and tablet computers.
Recent Comments