+358 20 722 2307
VTT offers security consulting and assessment of industrial automation systems
• information security gap identification and mapping
Industrial automation lags behind in security best practices
Information security is a relatively new topic within the realm of industrial automation. There is no single de-facto standard available for the practical management of automation-related information security.
Events like the Stuxnet worm & PLC rootkit case discovered in July 2010 have raised awareness of the need for information security in the industrial control systems arena.
The lesson learned is that security cannot be assured given ad hoc or limited attention. Real security requires thorough analysis and planning with concrete goals defined to ensure secure ways of working in all operations. Security considerations need to be included in the whole operations lifecycle and also within R&D. Any task, from material and equipment procurement to the disposal and destruction of old systems and materials, requires security attention and systematic management.
Typical focus areas in a security assessment project:
By investing some effort into information security, we can: