Skip to main content

Phase 1 - Investigation - Security in OT

· 3 min read
Adrian Littlejohns
Adrian Littlejohns
Industrial Process Control and Automation Enthusiast

Today's Tasks

  1. Make note of connections in NetPro
  2. Could firewalls be employed to improve security
  3. Ready PLC Project for Migration

NetPro Connections

Detailed in repo issue 11 - mfa required.

Security in OT Networks

Meet the Siemens Scalance SC-600

img.png

  1. SCALANCE SC-600 CLI V3.1
  2. SCALANCE SC-600 - Declaration of conformity to IEC 62443-4-2
  3. Industrial Ethernet security SCALANCE SC-600
  4. Understanding and Using Firewall of Industrial Security Appliance SCALANCE S

Network Concepts

img_1.png

  1. Network concepts for Industrial Automation Networks
  2. Central User Management with "User Management Component"(UMC)

Summary

In a word, YES. The article Network concepts for Industrial Automation Networks provided some perfect info and deserves re-reading!!

Ready PLC project for migration

img_2.png

Not what I wanted to see... But, hey... Could be worse!!

Unable to employ slice access?

The Issue In FB169 Network 2,The address is not occupied by a tag.

    T     %LW0

In the block interface LW0 is part of a UDT typed variable. Therefore, been trying to use "slice" access, that is;

    T varName.W0

However, the IDE is adding a % so the attempted symbolic address becomes absolute. Doh!

In researching the problem came across this Difference between standard and optimized block access

Created an issue to Change the S7-300 CPU to S7-1500, which is capable of employing "Optimized Blocks", unlike S7-300/400 CPU's

For another day...

Continuous Integration with TIA Portal

Application Example: CI with TIA Portal