ServiTecno Tieghi Aggiungere Video Al Telecontrollo Per Telecontrollo2009 R2
Sicurezza Industrie4.0 - E M Tieghi templ Assintel_short
1. Industrie4.0: Security e Business
Continuity nella fabbrica digitalizzata.
Proteggiamo da incidenti cyber i Sistemi
di controllo e automazione
Andrea Zapparoli Manzoni – Coordinatore GdL Security Assintel
Enzo M. Tieghi - ServiTecno – Socio Assintel
etieghi@servitecno.it
3. 3
ANSI/ISA95 Functional Hierarchy www.isa.org
Level 4
Level 1
Level 2
Level 3
Business Planning
& Logistics
Plant Production Scheduling,
Operational Management, etc
Manufacturing
Operations Management
Dispatching Production, Detailed Production
Scheduling, Reliability Assurance, ...
Batch
Control
Discrete
Control
Continuous
Control
1 - Sensing the production process,
manipulating the production process
2 - Monitoring, supervisory control and
automated control of the production process
3 - Work flow / recipe control to produce the
desired end products. Maintaining records
and optimizing the production process.
Time Frame
Days, Shifts, hours, minutes, seconds
4 - Establishing the basic plant schedule -
production, material use, delivery, and
shipping. Determining inventory levels.
Time Frame
Months, weeks, days
Level 0 0 - The actual production process
Level 4
Level 1
Level 2
Level 3
Business Planning
& Logistics
Plant Production Scheduling,
Operational Management, etc
Manufacturing
Operations Management
Dispatching Production, Detailed Production
Scheduling, Reliability Assurance, ...
Batch
Control
Discrete
Control
Continuous
Control
1 - Sensing the production process,
manipulating the production process
2 - Monitoring, supervisory control and
automated control of the production process
3 - Work flow / recipe control to produce the
desired end products. Maintaining records
and optimizing the production process.
Time Frame
Days, Shifts, hours, minutes, seconds
4 - Establishing the basic plant schedule -
production, material use, delivery, and
shipping. Determining inventory levels.
Time Frame
Months, weeks, days
Level 0 0 - The actual production process
4. Sicurezza Impianti, Security
oltre alla safety (EN ISO 13849-1/2,
IEC/EN 62061, IEC/EN 61508,
IEC/EN61511)…
• valutiamo la Security?
• Life Cycle dei sistemi?
• Documentazione di progetto?
• Cambiamenti sull’impianto?
• Reti, PLC, DCS, SCADA?
• Chi? Quando? Dove? Perchè?
5. • Risk Analysis per rischio cyber?
• rete e sistemi di fabbrica sicuri?
• Back-up del sistema (e dei dati) ?
• Mai provato il recovery?
• E le connessioni sono «protette»?
9. Esempio di “Security Architecture” nei sistemi di
automazione e controllo
Enterprise
Control
Network
Manufacturing
Operations
Network
Perimeter
Control
Network
Control
System
Network
Process
Control
Network
Source: Byres Security
10. Protezione di Zone & Conduits con Firewalls
(multilayered defence)
Corporate Firewall
Industrial Firewall
Source: Byres - Security
14. Enzo Maria Tieghi
• Amministratore Delegato di ServiTecno
(da oltre 25 anni software industriale)
• Socio Assintel, attivo in associazioni e gruppi di studio per
la cyber security industriale (ISA s99 info member)
• In Advisory Board, gruppi e progetti internazionali su
Industrial Security e CIP (Critical Infrastructure Protection)
• Co-autore ed autore pubblicazioni, articoli e memorie
14