Tuesday, September 15, 2015

Easy Methods to Remote HMI/SCADA Users for Protecting Plant Operations, and Drive Cost Savings

Currently the Internet is able to bridge the communication machine-to-machine (M2M) with cloud computing system of data collection and sensor networks. In addition to daily necessities at home, this concept is also becoming widely used in the industrial sector. M2M technology is known as the concept of the Internet of Things Industry (IIoT). With this technology we can manage and monitor equipment remotely and fix the problem at the right time, with the cost-effective.
Many solutions to problems in the industry that can do diagnose and even fix the problem of equipment with M2M technology, including remote desktop that allows users to manage the machine / process remotely with support for human-machine interface (HMI). HMI interface is connected to the supervisory control and data acquisition (SCADA) system.

Paths to the Control Network 1
an Engineer’s Perspective

Paths to the Control Network 2
a Corporate IT Manager’s Perspective

Indeed, the use of cloud computing is the risk Cyber attack, but there are many ways to secure remote access and reduce the risk of cyber security one for users of the system HMI / SCADA can use the following methods to help protect your system from cyber attack:

1. Robust built-in security through a Lightweight Directory Access Protocol (LDAP) interface

Lightweight Directory Access Protocol (LDAP) interface for Microsoft's Active Directory server is currently believed to be a system with built-in security that a strong and could be a safety lock your data from unauthorized person. Users who will make access to the network have to go through this access control protocol.

2. Keeping a network secure by Firewalls system

Network traffic outgoing and incoming data into the server control should be under the supervision of the control system. Firewalls can be software-based or hardware could be the key to maintain this network to be safe. This system is designed to analyze the data packets and determine whether they should be allowed to pass or not in accordance with the identification socket layer (SSL) encryption in charge of maintaining the security of some processes such as incoming and outgoing email (i.e., HTTPS), and users who access the network.

3. Isolated remote computer networks by Virtual private networks (VPN)

Connections between computers through a virtual private network (VPN) should be able come in to the network access server but remain in control of the process of identification of the VPN in the system. It can be processed through a router that can make one or more VPN enables a secure connection from the Internet to a computer in the network system.

4. Network packet filtering by Deep Packet Inspection (DPI)

When the user with access to the network control system, Deep Packet Inspection (DPI) will form a network packet filtering that examines the data portion of a packet as it passes through the checkpoint, looking for protocol non-compliance, viruses, spam, intrusions, to ensure that access to the data is indeed legal and does not harm the system. DPI will be supported by the router to filter messages on the application protocol layer (e.g., Modbus TCP or Ethernet / IP)

5. Network into functional areas segmenting using intelligent routers

Layered security system makes the network more secure against cyber attacks. The current method in addition to the architecture of the existing control system, there are additional intelligent router as an additional layer of security. The aim is to isolate control systems from cyber attack.

6. Non-corruptible operating system based HMI/SCADA systems

All controls are made design will certainly need the support of the operating system. Currently the system HMI / SCADA already compatible Windows-based scanning for viruses or other malware with a simple reboot process. Keep in mind that the technician in charge must remain vigilant against outside attacks computing cloud systems, for example with infected USB memory sticks connection to a PC behind a firewall.


Solutions HMI / SCADA is now popularly used in various industries to process data visualization, control, and reporting processes to drive operational improvements. With this interface the user can connect remotely to the system HMI / SCADA to make changes to the machine / process via the internet without the need to turn off the computer first. Easy process and lower cost is the main reason why it could be more popular to be applied in control system industry.
By Kerry L. Sparks, Eaton - www.plantservices.com


Newer Post Older Post Home

You may also like these ebook:

Get Free PLC eBook directly sent to your email,
and email subscription to program-plc.blogspot.com

We hate SPAM. Your information is never sold or shared with anyone.

Your Email Will Be 100% Secured !