Networked PLCs and concerns with personnel-safety, and equipment-security

  • Thread starter makariou Christos
  • Start date

makariou Christos

Guest
M
Hi , I am new to this forum. I am trying to introduce into our network a siemens PLC with an ethernet card and eventually expand the netework to encompass most of our PLC's that run the DIII-D machine here at General Atomics into a global control network. Does any one know what are the isuues I should be conserned as far as network security is concerned and ways to avoid problems of hackers bringing the plant down. Is there a standard guideline to follow when a PLC programmer changes the configuration from a stand alone PLC to a destributed network of many PLCs hooked up through a normal computer network to be used in conjuction with UNIX or VMS workstations using TCP/IP? :)
 
Firstly,
General practice from most places I've seen is to segregate control networks from the general 'business' networks. If they need to be joined to exchange information, then a gateway machine communicating with both networks is a good idea.

This method seems fairly good at preventing security, safety and other breaches, and just because everything can communicate TCP/IP doesn't mean it should.

The major problem I found when combining networks was that the control network sends a lot of packets, with little info, that contain real time info. This info cannot be delayed, so the network must be lightly loaded. The business network sends large packets of info, often having delays. Since business info is not particularly time critical, ie my boss can wait a few seconds for that email, this does not matter much. Combine the two, and suddenly you get heaps of calls about the comms dropping out each time you go to print a drawing on the network plotter.

Hope this helps,

Doug
 
You can still using TCP/IP and use a gateway (not a Gateway computer)to join the two networks, besides you do not want to mix the two levels. I have not used Siemens I have used A-B exclusively but Siemens should be comparable in the security options. With A-B you have several options for security using passwords, you can restrict someone to only viewing, no editing or programming etc...
The Siemens provided security should be good enough for the average system. Others on this site are more qualified than I, I am sure they will chip in and give you all you need.
It has been my experience that Level-0 administrators would blow a gasket if Level-0 and Level-1 was even mentioned in the same sentence. (kidding but close)

If you need more detailed information, post again and I will provide some specifics.

Good luck
Roger
 
Last edited:

Similar Topics

P
2 different PC (networked) in 1 RT prof
hi good day!! Can 2 different PC run 1 same runtime? In my main PC (Operation System) the display port already used up and i need more monitor...
Replies
2
Views
625
mk42
M
dcam
Networked PFlex525 Start command issue
This is an issue I see occasionally.The logic tells a drive through Ethernet to start but it does not see the start command at the drive. There is...
Replies
10
Views
2,213
GaryS
G
A
FTV SE 9 Non Networked
Have a button, an FTV native button Need to change the caption of that button based on a analog tag value For the life of me I can find no...
Replies
3
Views
1,737
bright676
B
J
networked lighting contactors
I have an application were I need to shut off 5 lighting circuits in one braker panel and 3 circuits in another panel that is about 5 feet away...
Replies
4
Views
2,662
BryanG
B
D
Mitsubishi PLCs
I'm at a new job as the sole control engineer and trying to piece together where my predecessor left off. One machine I'm trying to get online...
Replies
2
Views
82
parky
P
Back
Top Bottom