Three Ways to Increase Security in Industrial Communications. (Part IV)

Finally, the third way we propose to increase security in industrial communications is the fortification of the servers that centralize industrial communications.

It is known that more and more servers are being configured dedicated to centralizing industrial communications. In fact, the irruption and widespread adaptation of the specification/technology has extended this practice to different industrial environments and sectors. These servers, which are deployed in both traditional and virtualized formats, must be physically and logically protected. Their alteration, attack, or malfunction would affect the visibility of the plant and the processes.

To logically fortify these servers, you can choose one of the following non-exclusive options: Use procedures that allow servers to be fault-tolerant (through redundant architectures that provide high availability) and/or incorporate specific solutions that help increase the availability of these servers.

If we delve into the specific solutions, it happens that, usually, no type of antimalware solution has been installed on these dedicated industrial communication servers because the OPC server manufacturer does not recommend and/or support it, they are critical and, on many occasions, cannot be stopped or restarted to perform updates and/or are isolated without network access. In these cases, it is necessary to incorporate specific solutions that help increase the availability of these servers, taking into account the circumstances described. Among them, we highlight the following: The use of malware scanning tools performed manually and non-invasively (without installing agents) and/or the installation of specific software that allows “whitelisting” or “lockdown” of applications.