Layered Security in Plant Control Environments

2724 Words11 Pages
Layered Security in Plant Control Environments

Ken Miller Senior Consultant
Ensuren Corporation


Plant Controls, Layered Security, Access Control, Computing Environment, Examination, Detection, Prevention, Encryption, Compartmentalization


Process control vendors are migrating their plant control technologies to more open network and operating environments such as Unix, Linux, Windows, Ethernet, and the Internet Protocol. Migrating plant controls to open network and operating environments exposes all layers of the computing environment to unauthorized access. Layered security can be used to enhance the level of security for any computing environment. Layered security incorporates multiple security
…show more content…
Compartmentalization is a technique used to segment network space to better control access and isolate risk of exposure. A variety of security products can be layered into “compartments” to address examination, detection, prevention, and encryption requirements.


A layered security model incorporates security products and “best practices” in all layers of a computing environment. Layered security exponentially increases the cost and difficulty of penetration for an attacker by combining different security products to create a defensive barrier much stronger than the individual components. Thus, layered security decreases the likelihood that the attacker will pursue an organization (2).
Computing environments are comprised of networks, operating systems, applications, and databases (Figure 1). Information security, as a practice, focuses on securing an organizations most important

asset – its data. When you consider that data is the basic underlying component that organizations strive to develop, store, and protect, then an organization should implement a security model that focuses on providing multiple layers of resistance to that data.

There are four basic security functions that should be implemented in a complimentary manner to secure each layer of a computing environment: examination,
Get Access