Plant Security Lifecycle Services are a cyber security lifecycle approach to help customers reduce security risks and manage plant security throughout its life.
Security is fundamental for the IIoT.
As IT technology expands into the field of industrial control systems, the security risk increases with new internal and external threats to plant assets (i.e. sensors, motors and other control devices) connected to the network. Yokogawa considers that both IT and OT have converged in today's industrial control system environments and there is an even greater need for a common understanding between all those who support or rely on these systems.
Hence, Yokogawa provides vendor-independent solutions to address the various issues faced by your plant.
Yokogawa has two types of solutions to protect your system.
Yokogawa has host based security which focuses on protecting the “end-points” (workstations and servers) from malicious or accidental actions. The Endpoint Security Service provides a fundamental security service as a first step to protecting your control system against malware infection and cyber-attacks.
For the next step, how to keep secure and manage the network and all endpoints? The Integrated Security Service provides various security solutions from endpoints to the network boundary in your plant to solve the major challenges.
The Yokogawa Security Solution Portfolio is a comprehensive security suite of indispensable solutions for the sustainability and efficiency of your control system.
What kind of technology can protect my plant?
Protecting industrial assets requires a “defense-in-depth” security approach that addresses internal and external security threats. This approach utilizes multiple layers of defense (physical and electronic) at separate industrial levels by applying policies and procedures that address different types of threats. For example, multiple layers of network security protect networked assets, data, and end points, while multiple layers of physical security protect high-value assets. No single technology, product, or methodology can fully secure industrial networks.
The 1st step toward protecting your control system against malware infection and cyber-attack is to incorporate the Endpoint Security Service.
The threat of cyber-attack through unauthorized access or malware infection that targets vulnerable control systems via USB storage devices is increasing on a daily basis. By incorporating the “Endpoint” services on your Windows PCs or Servers, it will protect against such threats and mitigate any risks. Yokogawa Endpoint Security Service will mitigate security risks at the users “Endpoint” and will help to support the sustainability and health of the control system throughout your plant’s lifecycle.
To assume that everything will “probably be OK” may not be adequate as the risk to security increases every day. In order to evaluate the potential security risk objectively we encourage you to adopt the Security Risk Communication with Yokogawa and determine the best solution to fit your needs.
Security Risk Communication
Based on the results of the simple security survey provided by the customer, Yokogawa evaluates the security risk. Upon discussion with the customer, Yokogawa proposes the optimum security countermeasures.
Virus Check Service
Yokogawa Virus Check Service can detect computer viruses without the need for installing antivirus software. By periodically running this virus check, the security of your system can be maintained.
The customer’s biggest concern is the risk of a computer malware infection and would like the reassurance that their system is safe. Yokogawa provides an effective security service in response to the customer’s requests and operational conditions.
AV/OS* Implementation Service
For the prevention of malware such as computer viruses, Yokogawa recommends the installation of antivirus software as well as the Microsoft Security Updates that has been approved by Yokogawa. AV/OS : Antivirus software/ Microsoft Security Updates
Malware Inactivated Service
A permitted program list is created and executed on the customer’s HIS-PC protect against infectious malware by restricting the execution of specific software.
USB Port Lock Service
This service can restrict the use of USB storage device, both physically and theoretically to protect against malware infections.
Software Backup Service
This service is not only used to minimize customer down time during HIS trouble occurrences but also to security data integrity. Yokogawa uses external hard drives to back up the hard drives of the HIS to ensure continuity and reliability of the data backup.
A periodical check and an update is indispensable to maintain or manage security levels, since security levels can deteriorate as time passes.
AV/OS Update Service
This service can periodically update pattern files of antivirus software and Microsoft Security Updates.
Security Effectiveness Service
This service can check implemented security measures during a periodical inspection or shutdown maintenance.
Security Information Service
This service regularly provides antivirus software and Microsoft Security Updates information in association with Yokogawa products.
Yokogawa provides various security solutions from endpoint to network boundary in your plant to solve the major challenges.
Saudi Aramco's operations span the globe and the energy industry. The world leader in crude oil production, Saudi Aramco also owns and operates an extensive network of refining and distribution facilities, and is responsible for gas processing and transportation installations that fuel Saudi Arabia's industrial sector. An array of international subsidiaries and joint ventures deliver crude oil and refined products to customers worldwide.
yi-MAC stands for YOKOGAWA Innovative Main Automation Contractor:
The ability to deliver a full scope of project execution capabilities is becoming more important than ever for automation suppliers that wish to compete on a global scale. Process automation suppliers have always had some degree of project execution capabilities, but only recently have suppliers and end users begun to realize the true economic impact that precise and comprehensive execution capabilities can have on the success of an automation project and on plant lifecycle costs.
The number of incidents involving attempted unauthorised access to computer systems via the internet as reported by CERT (Computer Emergency Response Team) was 137,539 in 2003. Statistics show an exponential increase in the number of reported incidents in the last five years. Although this can be partly explained by the increase in the number of computer systems in the world that are connected to the internet, it is nevertheless an alarming fact.
Yokogawa’s industrial automation (IA) product and service offerings, industry domain knowledge, and VigilantPlant approach – which emphasizes safe, secure, and uninterrupted operations -- provide a solid foundation for an Industrial Internet of Things that specifically addresses the requirements of process automation, particularly for the OT side of the equation. To be able to provide an equally solid foundation for the IT side, Yokogawa is partnering with Cisco Systems and other industry leaders.
This white paper provides an overview of how Yokogawa believes its customers can best prepare for and position themselves to benefit from IIoT-enabled technology and solutions and digitalization in general to emerge as the successful connected industrial enterprises of the future.
Network and system security is now a necessity in process automation industry. YOKOGAWA provides a service lifecycle solution for cyber security to ensure that the security measures and deployments are continuously enhanced, monitored and inspected.
This white paper explains the details of the security design, implementation, operation and validation solutions from the technical perspective.
Initially when control and safety systems moved away from being hardwired and relay-based to computerized systems, vendors and asset owners were more interested in functionality than security. Typically, especially in high risk environments in refineries and off-shore oil installations, the systems were standalone with a dedicated Safety Instrumented System.
Over the last ten years more security solutions have available, and more industrial end users have implemented them to protect their businesses. Today nearly all companies use an anti-virus product installed on their industrial control system (ICS), as well as having their ICS segregated from the business network and the Internet by a firewall.
Harness the Future of Innovation
Highlights of the 2014 Yokogawa Users Conference and Exhibition
September 9 - 11, 2014, Houston, TX
By the editors of CONTROL Magazine
Looking for more information on our people, technology and solutions?