Cyber security issues have taken center stage over the last few years, and their visibility seems to increase almost on a daily basis. New IT and industrial Control system platforms are incorporating vastly improved security functions, but the problem for industry is that huge numbers of control systems predate these cyber security effortswww.cechina.cn, and many even predate large-scale deployment of Control Engineering July 2009 Coverthe Internet. Connections to those systems from the outside provide the means for hackers to get in and do all sorts of damage控制工程网版权所有, unless barriers are put in place to keep them out. The question iswww.cechina.cn, can old systems be adequately protected?
　　“Traditionally

www.cechina.cn

, a control system was purchased

CONTROL ENGINEERING China版权所有

, engineeredCONTROL ENGINEERING China版权所有, configured, implemented, and pretty much forgotten about for the next 20 or so years,” says Ernie Rakaczky, principal security architect for Invensys Process Systems. “In many ways that’s still the mindset of the control community控制工程网版权所有, but a lot has happened in the last five or 10 years. Many of those early systems had no capability to be connected to anything else. They were designed to do one thing in life: they open and close a valve or they measure a level, so the cyber world really doesn’t play a role.”
　　The problem iswww.cechina.cn, the world didn’t stay that way. With the growth of information technology in general, the desire to extract information and to provide connectivity to outside users grew too. Rakaczky adds, “At one point, a traditional control system was 100% focused on controlling a process. Now it’s probably 50% control and 50% information exchange. When that started to happen, and we started to move data off the control platform to a historian or plant network or enterprise network控制工程网版权所有, it was time to start adding some best practices, being more cautiouswww.cechina.cn, and putting some functionality in to protect yourselves.”

www.cechina.cn