实施安全计划
横河的安全计划从生命周期的角度出发,提供灵活的网络安全服务和解决方案,以降低客户ICS环境中的网络风险。该计划结合了数十年来在工业自动化领域的专业知识、网络安全架构设计的范例、以及工厂运营知识,以确保安全可靠的运营,这对我们的客户和横河而言都是重要任务。
-
网络安全意识和培训
尽管有非常好的网络防御,但由于缺乏网络安全知识和意识,人为错误导致了许多网络事件。
-
网络安全风险评估
采用基于风险的方法可以让您在复杂的操作环境中评估安全决策的优缺点。
-
网络安全政策和程序
网络安全政策和程序是定义组织安全目标和阐明实现这些目标的工作流程的基础。
-
网络安全业务案例
开发业务案例时,重要的问题是:“应该在网络安全上投入多少资金,才能达到可接受的风险水平?”
-
网络安全设计和实施
精心设计且轻松实施的安全对策,是降低网络风险、延长工厂正常运行时间的关键措施之一。
-
网络安全管理服务
及时实施安全更新和安全性能的持续监控,能有效解决维持工厂安全的挑战。
详细介绍
目录
客户面临的挑战
近期,FM Global针对财富500强企业中的200位商界精英进行了一项调查,发现其中84%的人将针对工业控制系统进行的网络攻击列为其业务的“主要关注点”。参考 FM Global survey
十多年来,网络安全已经成为工业设施、流程工厂和其他重要资产(如传感器、电机和其他控制设备)整体风险管理中的一个重要因素。我们的客户对工业物联网(IIoT)、云计算和工业4.0转型运营带来的潜在收益已经有了广泛的了解,例如行业创新、更好的产品、更智能的服务和更高的工作效率。与此同时,针对安全和业务连续性的网络安全风险问题,对客户安全开启数字化世界也提出了挑战
我们的解决方案
横河始终支持我们的客户实现以可持续发展战略为要点的网络安全生命周期管理。
IT和OT已经融合到当今的工业控制系统环境中,支持或使用这些系统的所有人员能够达成共识尤为重要。因此,横河为客户整个组织(从公司层面到工厂站点)提供了完整的工业安全计划。
提供安全计划服务
横河的综合安全计划提供一系列安全服务,支持客户的安全之旅,实现理想的网络风险管理。请访问以下网页以获取详细的解决方案和服务。该计划共有六个阶段,可连续进行“计划-行动-检查-执行”周期
客户获得的收益
横河的网络安全生命周期管理是一个安全组件,是实现控制系统的可持续性和效率的解决方案。
- 安全计划将调整并提高工厂的关键要素——人员、流程和技术的能力,以降低网络安全风险。克服缩小这三个关键要素之间差距的挑战。
- 已制定的安全路线图将支持公司制定中长期计划,以制定如何为工厂执行安全计划,如何实施应对措施实现公司目标,使利益相关者都了解安全之旅。
- 安全计划涉及很多员工,带来了更有效的组织团队。在日常安全绩效方面帮助员工做出更好的成绩。
- 安全计划遵循安全标准IEC 62443(工业控制系统安全的标准),统一执行。因此,无论客户在任何地方,横河的团队都可以进行支持,并交付同等的服务。
参考
Saudi Aramco's operations span the globe and the energy industry. The world leader in crude oil production, Saudi Aramco also owns and operates an extensive network of refining and distribution facilities, and is responsible for gas processing and transportation installations that fuel Saudi Arabia's industrial sector. An array of international subsidiaries and joint ventures deliver crude oil and refined products to customers worldwide.
This white paper provides an overview of how Yokogawa believes its customers can best prepare for and position themselves to benefit from IIoT-enabled technology and solutions and digitalization in general to emerge as the successful connected industrial enterprises of the future.
yi-MAC stands for YOKOGAWA Innovative Main Automation Contractor:
- Full control of scope and schedule across packages
- Realization of customer expectation
- Single point of responsibility
- Providing fully integrated solutions
The ability to deliver a full scope of project execution capabilities is becoming more important than ever for automation suppliers that wish to compete on a global scale. Process automation suppliers have always had some degree of project execution capabilities, but only recently have suppliers and end users begun to realize the true economic impact that precise and comprehensive execution capabilities can have on the success of an automation project and on plant lifecycle costs.
The number of incidents involving attempted unauthorised access to computer systems via the internet as reported by CERT (Computer Emergency Response Team) was 137,539 in 2003. Statistics show an exponential increase in the number of reported incidents in the last five years. Although this can be partly explained by the increase in the number of computer systems in the world that are connected to the internet, it is nevertheless an alarming fact.
Yokogawa’s industrial automation (IA) product and service offerings, industry domain knowledge, and VigilantPlant approach – which emphasizes safe, secure, and uninterrupted operations -- provide a solid foundation for an Industrial Internet of Things that specifically addresses the requirements of process automation, particularly for the OT side of the equation. To be able to provide an equally solid foundation for the IT side, Yokogawa is partnering with Cisco Systems and other industry leaders.
Network and system security is now a necessity in process automation industry. YOKOGAWA provides a service lifecycle solution for cyber security to ensure that the security measures and deployments are continuously enhanced, monitored and inspected.
This white paper explains the details of the security design, implementation, operation and validation solutions from the technical perspective.
Initially when control and safety systems moved away from being hardwired and relay-based to computerized systems, vendors and asset owners were more interested in functionality than security. Typically, especially in high risk environments in refineries and off-shore oil installations, the systems were standalone with a dedicated Safety Instrumented System.
Over the last ten years more security solutions have available, and more industrial end users have implemented them to protect their businesses. Today nearly all companies use an anti-virus product installed on their industrial control system (ICS), as well as having their ICS segregated from the business network and the Internet by a firewall.
Harness the Future of Innovation
Highlights of the 2014 Yokogawa Users Conference and Exhibition
September 9 - 11, 2014, Houston, TX
By the editors of CONTROL Magazine
下载
宣传彩页
- 生命周期性能关注服务 (3.8 MB)
- Cyber Security for Industrial Control Systems (3.0 MB)
想要了解更多的信息,技术&解决方案?
联系我们