| ANSI/ISA-99 security standards and the Tofino Industrial Security Solution |
|
PRESENTATION SUMMARY: BUILDING INTRINSICALLY SECURE CONTROL AND SAFETY SYSTEMS USING ANSI/ISA-99 SECURITY STANDARDS FOR IMPROVES SECURITY AND RELIABILITYMay, 2009. The ANSI/ISA-99 standard focuses on containing communication in control subs-systems to avoid having issues in one area migrate to another area. Distinct areas of security are recommended, with control networks divided into Zones based on control function, and communication between the Zones controlled by Conduits. Multiple separated zones help to provide “defense in depth”. Tofino Security Appliances (TSAs) act as Conduits to separate control systems into Zones. They have a zero configuration field deployment model and they are completely transparent to the control network on set-up. Once in place, TSAs are easily configured to control communication and traffic between Zones. For example, TSAs can restrict Modbus communications to a list of ‘allowed’ commands defined by your control engineers. Any command that is not on the ‘allowed’ list, or any attempt to access a register or coil that is outside the allowed range, will be blocked and reported. |
| < Prev | Next > |
|---|
