Header_Security_Landingpage_910x300

Only the combination of functional safety and information security ensures the overall safety of the plant.

Today’s safety-related automation solutions are required not only to provide functional safety, but also to support cyber security. Network cyber attacks on plants are increasing. The interconnection of office IT and automation networks results in an open network architecture, thus increasing security risks within the automation industry. In addition, with cyber security, the completely unpredictable human factor plays a decisive role.

Key factors of safety and security

  • Independant systems from different manufacturers reduce systematic errors
  • Detailed and comprehensible system documentation is required
  • Seperated automation networks and office IT
  • Firewalls to regulate access to networks
  • Robust design of safety controllers as the final level of protection in a concept of multilevel protection
  • Organizational measures, inlcuding training, recovery strategies, password rules, etc.

How we raise barriers against attacks

  • HIMA is focused on safety
  • Security ensured from the beginning of product development process
  • We guarentee security with technical measures on the hardware level, the operating system and network level and the engineering level
  • Achilles Level 1 Security Certificate for the HIMax X-CPU 01 and X-COM 01 according to the test of the cyber specialist Wurldtech
  • Separation of network levels is an important element of successful cyber security strategy and is actively supported by HIMA solutions
  • Required firewall rules of HIMA products already integrated in Tofino firewall   
  • Technical measuers for security: Hardware level

    • In HIMax, the processor and communication modules are separated 
    • Safe operation is ensured even if the communication processor is attacked
    • Separated networks can be operated on a communication or processor module 
    • Access from engineering workstations to the automation network can be suppressed
    • Unused ports on the communication or processor modules are deactivated

     

     

  • Technical measuers for security: Operating System and Network Level

    • HIMA products follow the principle of least privilege. Only the specified automation functionalities are supported. Attacks on IT devices such as CSS (Cross Site Script) are therefore not successful
    • Use of open ethernet standards simplify the integration of firewalls 
    • Use of port mirroring to monitor and analyze networks
    • A key switch may be used to block reloading, forcing and to write data
    • Monitoring program checksums (CRC), e.g., from SCADA, monitoring downloads and reloads, and reporting manipulations

  • Technical measuers for security: Engineering Level

    • SILworX, the software tool developed for HIMax and HIMatrix, reliably protects against manipulation and operating errors.
    • Two-step user management with configurable access rights protects both the project and the safety system.
    • Passwords are replaced within the project and do not require new download procedures or plant recertification.
    • SILworX protects itself by controlling all relevant files using the associated checksums. If the checksums are not correct, code generation is rejected.
    • SILworX offers protection of functional blocks against modification (read only) and blocks access entirely (know-how protection).

Downloads
Training
Cyber Security & Functional Safety

1-day training on Cyber-Security on software and hardware level 

More information

Schedule & registration

Contact

Tel: +49 6202 709 0
Fax: +49 6202 709 107
securityAThima.com
Contact form