LENZE E94AMHE0094 E94AMHE0094 E94AMHE0094 E94AMHE0094 E94AMHE0094 E94AMHE0094

The system security has its own layer structure within the overall layered
structure of the networks securityA successful implementation of the security strategy into solutions in the
automation systems can only be achieved if all the parties involved cooperate
responsibly. This includes:
• manufacturers (development, system test, security test)
• systems integrator (planning, structure, factory acceptance test)
• owner/operators (operation and administration).
The strategies and their implementation must be supervised and updated
throughout the complete service life of the system (from the beginning of submitting
the offer, planning and design to the migration and de-installation of a system).
The following capabilities make it possible for a protection concept in automation
systems to be effective:
• the use of highly available and system-tested products, which have hardened
and pre-defined security settings, and have been especially designed for
industrial applications,
• a modern configuration, using state-of-the-art technologies and standards and
allows for a system design adapted to the customer's security needs,
• the careful and responsible operation of systems and components in
accordance with the uses defined by the manufacturer. follows the “Defense in Depth” strategy in order to achieve the required
security goals. The approach of this strategy is a multi-layer security model
consisting of the following components:
• Plant Security
• Network security
• System integrityThe advantage of this strategy is the fact that an attacker first has to break through
several security mechanisms to do any damage. The security requirements of each
layer can be taken into account individually.
The solution for plant security
Implementation of an appropriate, comprehensive security management is the
basis for planning and realizing an industrial security solution.
Security management is a process mainly comprising four steps:
• Risk analysis with definition of risk reduction measures: These measures must
be defined for the plant, depending on the threats and risks identified.

Determination of guidelines and coordination of organizational measures.
• Coordination of technical measures.
• A consistent security management process with regular or event-dependent
repetition of risk analysis.
The solution for network security
If controllers or other intelligent devices with no or minimum self-protection are
located in a network segment, a good option to consider is to create a secured
network environment for these devices. One approach to achieve this is by the use
of network security appliances. . Additional security can be provided by
segmenting individual sub-networks, e.g. through a cell protection concept or a
demilitarized zone (DMZ)The security solution was developed particularly for the requirements of
an automation environment, in order to meet the increasing demand of network
security, to reduce the susceptibility to failure of the entire production plant and
thus to increase its availability.In order to maintain the system integrity, it is important to minimize the
vulnerabilities in PC systems and in the control level. meets this
requirement with the following solutions:
• use of antivirus and whitelisting software,
• patch management,
• user authentication for machine or plant operators,
• integrated access protection mechanisms in automation components,
• protection of the program code through know-how protection, copy protection,
and assignment of passwordsThe security mechanisms integrated in PCs and Windows operating systems
generally provide a high level of security. However, these measures are typically