Vendors in the past did not worry about adding security to the PLC, and very likely did not worry about secure coding or other areas of the security development lifecycle.
With the entire world connected, we should worry about vulnerabilities while PLC’s are insecure by design. Poor protocol stacks that cause crashes and unnecessary software increasing the attack service create vulnerability. The traditional approach of perimeter hardening by physically separating control systems and outside communications infrastructure is no longer adequate. Today’s interconnected control systems have the potential to exchange information across the world. These industrial internet systems require comprehensive security capabilities to meet evolving cyber security threats.
GE has developed the CPE400 CPU in the RX3i family which is secure by design, incorporating technologies such as Trusted Platform Module (TPM). This is a secure, trusted and measured boot to enable that hardware root of trust. A Centralized configuration allows patches and updates to be executed from a central location. A broad suite of cyber-security technology and tools helps prevent unauthorized updates, while built-in security protocols help protect against man-in-the middle and denial of service attacks.
For more information about securing your control system with the Rx3i platform please contact your local Gescan Automation Specialist.