Smart phones help key operators stay up to date on process and maintenance information, but should personal or company-supplied devices be employed?

Smart phones can be an asset on the plant floor, letting operators look at current plant data and make intelligent decisions. But, should personal devices be checked at the door, and are they a potential risk for cyberattacks? (NIST has been working on a way to make these devices more secure than they have been. Check out NIST’s Special Publication (second draft) entitled “Derived Personal Identify Verification (PIV) Credentials.”).

Steve Pflantz, CRB: Cell phones can connect to your facility network, and therefore, are a risk. Their connection to your network needs to be controlled and monitored just like any other wireless device access. If you are going to allow access via personal smart phones, the same level of control and use policy needs to apply just like company-provided phones.

Scott McCausland, Process and Data Automation: This is a touchy subject due to the popularity and convenience that immediate access to information can provide. By the nature of the device being "always connected," it does pose a security risk. It is hard to argue, with a security mindset, that anything different than "check phones at the door" can provide the similar results.

Larry Grate, PREMIER System Integrators: To the individual it would be the convenience of not carrying two devices if the corporate policy forbids personal use. These types of devices are increasingly becoming necessary to troubleshoot and maintain ICS equipment, and many vendors are putting strategies together to leverage the prevalence of these devices. Anything you allow on your network that you don’t control is a potential threat. Having a policy for what you will allow on your network considering your threat environment is critical. Segmentation of your networks, including wireless networks, is critical to your overall security posture.

Ragnar Schierholz, ABB: Most people don’t have anti-virus on their mobile phones, and it is a possibility to target engineers of plants, getting them to download malicious files and click links from their mobile phones.

Targets can easily be found on websites such as LinkedIn. For this reason, it is a significant possibility that an engineer who has an infected phone could then give an attacker access to a control system if this phone is connected to the plant’s Wi-Fi system, or the user charges the phone on industrial devices using the USB port.

It is essential to educate employees on the possibility of this type of attack vector. USB port blockers can be used as a deterrent for connecting phones into industrial devices. The control to put in place is detection. Industrial devices should be monitored so that an alert is created when an industrial devices configuration has been changed.

Stefan Woronka, Siemens: Well, the answer is not easy as everyone depends on their personal phones. In the beginning it may make sense to show the impact of misbehavior such as charging the phone on a PC/HMI. By this, the level of awareness is raised. For more critical parts of the production a complete lockdown procedure may be required.

For more information on cybersecurity, visit “How processors can guard against cyberattacks, FE, October, 2018.

Wayne Labs has more than 30 years of editorial experience in industrial automation. He served as senior technical editor for I&CS/Control Solutions magazine for 18 years where he covered software, control system hardware and sensors/transmitters. Labs ran his own consulting business and contributed feature articles to Electronic Design, Control, Control Design, Industrial Networking and Food Engineering magazines. Before joining Food Engineering, he served as a senior technical editor for Omega Engineering Inc. Labs also worked in wireless systems and served as a field engineer for GE’s Mobile Communications Division and as a systems engineer for Bucks County Emergency Services. In addition to writing technical feature articles, Wayne covers FE’s Engineering R&D section.

You must login or register in order to post a comment.

This provocative multifaceted presentation will delve into the technology affecting food manufacturing and how companies have put it to work for them. More importantly, this session will share how to implement it and make it work for you.

Overcoming the Perfect Storm With Flexibility, Innovation, and State-Of-The-Art Technology

Building a new state-of-the-art Fresh Pack Vegetable Manufacturing Facility that would efficiently meet the evolving external regulatory landscape for frozen vegetables as the FDA evolves the industry to more of a ready-to-eat (RTE) standard which requires additional food safety-related design and practices.

Products

Food Process Engineering and Technology, 3E

Combining scientific depth with practical usefulness, this book serves as a tool for graduate students as well as practicing food engineers, technologists and researchers looking for the latest information on transformation and preservation processes as well as process control and plant hygiene topics.

See More Products

Cybersecurity

Smart phones on the plant floor: How secure are they?

Smart phones help key operators stay up to date on process and maintenance information, but should personal or company-supplied devices be employed?

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest food and beverage manufacturing markets.

Cybersecurity

Smart phones on the plant floor: How secure are they?

Smart phones help key operators stay up to date on process and maintenance information, but should personal or company-supplied devices be employed?

Share This Story

Report Abusive Comment

Related Articles

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest food and beverage manufacturing markets.