Security means protection of technical systems against sabotage, espionage and human error.
Protection functions
To set up secure networks, the SIMATIC S7-1500 automation system offers an integrated security concept:
Overview of protection functions
Protection of confidential configuration data : Protection of confidential CPU configuration data
Integrity protection :The CPUs come with an integrity protection function as standard. This helps to detect possible manipulations:
· To the engineering data on the SIMATIC Memory Card
· To the engineering data during data transfer between TIA Portal and CPU
· To the engineering data during data transfer between HMI system and CPU
· To the encrypted firmware
Know-how protection :Protection against unauthorized access and modifications to algorithms by means of password protection
Copy protection :Protection against duplication of programs by linking individual blocks with the serial number of the original memory card on the SIMATIC memory card
Access protection :Protection against unauthorized configuration changes using authorization levels
Locking the CPU: Protection against unauthorized access by locking the front cover with a seal or a lock
You can find more information about security mechanisms of the SIMATIC automation systems in the Security with SIMATIC S7 controllers document and in the Communication function manual.
Secure Communication
It is becoming increasingly necessary to transfer data to external computers in encrypted form via Intranet or public networks.
SIMATIC S7-1500 CPUs and ET 200 CPUs with firmware version 2.0 and higher support the Internet PKI (RFC 5280) with STEP 7 as of V14. This makes the configuration and the operation of Secure Communication possible, for example:
·Hypertext Transfer Protocol Secure (HTTPS)
·Secure Open User Communication
·Secure Communication with OPC UA
A public key infrastructure (PKI) can issue, distribute and check digital certificates. For S7-1500 CPUs, you create certificates for various applications in the CPU properties in STEP 7, for example: TLS certificates for Secure Open User Communication, Web server certificates, OPC UA certificates.
With STEP 7 and WinCC as of Version V17, SIMATIC S7-1500 CPUs and ET 200 CPUs from firmware version 2.9 support innovated and standardized secure PG/PC and HMI communication – referred to as Secure PG/HMI communication for short.
Communications processors with integrated security functions
For special requirements of your plant, use communications processors with integrated security functions, such as access protection using a firewall, protection against data manipulation using VPN, FTPS, HTTPS, SNMPv3 and secure NTP.
Advantages and customer benefits
The protection functions listed above protect your investments from unauthorized access and manipulation, helping to secure plant availability.
Comments