AT A GLANCE

• Risk assessment
• Policies and procedures
• Human element
• Strong passwords
• Biometrics
• Access control

Life is not a destination, it is a journey, many major philosophers say. So is security, it appears. As with life, the circumstances surrounding security measures are dynamic. Situations c

'Security threats come from a variety of sources控制工程网版权所有,' says Kim Fenrich, systems product marketing manager, ABB Inc. 'They range from internal accidents to virus and worm infiltrations and external attacks by malicious hackers. Historically, studies have indicated the majority of the incidents were internally generated控制工程网版权所有, but that trend has rapidly shifted to non-directed, automated, externally generated attacks. Corporations must understand that incidents and attacks are possible, and implement security policies, procedures, and processes, in addition to hardware and software devices, to mitigate the risk associated with them.'

Establishing effective safeguards for human-machine interfaces (HMIs), the components with which they interact, and the networks on which they reside require a multi-facetedCONTROL ENGINEERING China版权所有, multi-leveled effort. That effort needs to focus on the 'people' side with policies and processes and on the 'technology' side with hardware and software measures.

A balancing act

'Security is all about risk assessment,' says Roy Kok控制工程网版权所有, director of HMI/SCADA product marketing, GE Fanuc Automation. 'You have to understand your vulnerabilities—and they are a moving target. As you add enhancements or introduce new products into your