Digital Bond

For Secure & Robust ICS

  • Home
  • Consulting
  • S4x18
    • S4x18 Call For Presentations
    • S4x18 Sponsor Packages
  • Dale Peterson
  • Hire Dale To Speak
  • Contact Us

Transpara Visual KPI for ICS Data on Smart Phones

April 7, 2011 by Dale G Peterson 3 Comments

Remote Smartphone SCADA Security

The preponderance of ICS security professionals recoil with the concept of smart phones having any role in SCADA or DCS. As covered in an early blog entry, there is a big difference between using smart phones for control and using them to view data that has been pushed out to the corporate or other external network. Security people who just say no to a legitimate business need are of limited value to an organization and often are ignored. If the business insists that some process information is required on smart phones or iPads, and they understand and accept the risk of the potential information confidentiality compromise, then let’s find the best way to do this.

Transpara Visual KPI is a good example of how data can be provided to smartphone users without increasing the risk of an impact to the integrity or availability of the SCADA and DCS.

The first step is to get the SCADA or DCS data out to the corporate network. OSIsoft’s PI server or another historian can do this, and in fact most organizations are pushing data out to a DMZ or corporate network. The best practice is to push the data from the control center to ICS DMZ and then from the ICS DMZ to the corporate network, but many owner/operators either allow corporate access to the PI server on the ICS DMZ or push it out directly to the corporate network. Of these two sub-optimal options, we prefer allowing corporate access to the ICS DMZ because the firewall can significantly limit the attacks on a PI server that then communicates with a PI server in the control center.

The Transpara application server is installed on the corporate network, and the connection between the Transpara server and the PI server is tied to a PI user account. Access control measures are applied to the Transpara PI user. So now we already have two restrictions on what data can be viewed on smart phones. First, you can control what data is pushed to the external PI server. And second, you can control what data the Transpara application server can access by its associated PI user.
[Read more…]

Filed Under: Control System IT, ICS Security Vendors, OSIsoft, Remote Access Tagged With: OSIsoft, Remote Access, Smart Phone, Transpara

Subscribe to the S4 Events YouTube Channel

S4x18 Stats: 447 people from 25 countries
Thanks to all Attendees, Speakers & Sponsors

Follow S4 Events on Facebook

Tools & Talks

DNS Squatting and You

DNS Squatting and You

February 24, 2016 By Reid W 3 Comments

Basecamp for Serial Converters

Basecamp for Serial Converters

October 30, 2015 By Reid W 3 Comments

escar Asia

escar Asia

September 9, 2015 By Dale Peterson 1 Comment

Unsolicited Response Podcast: Cyber Insurance

Unsolicited Response Podcast: Cyber Insurance

August 27, 2015 By Dale Peterson 3 Comments

S4 Events Newsletter

Subscribe to our newsletter on leading / bleeding edge ICS cyber security information and S4 Events.

* indicates required
Email Format

Dale's Tweets

About Us

Digital Bond was founded in 1998 and performed our first control system security assessment in the year 2000. Over the last sixteen years we have helped many asset owners and vendors improve the security and reliability of their ICS, and our S4 events are an opportunity for technical experts and thought leaders to connect and move the ICS community forward.

Recent Comments

  • Chris on Koyo/Automation Direct Vulnerabilities
  • Brandon Workentin on The ICS Security Stories We Tell And Love
  • Joe Weiss on Insanely Crowded ICS Anomaly Detection Market
  • Stuart Bailey on Unsolicited Response Podcast Is Back … With John Matherly of Shodan
  • Chris Orr on Insanely Crowded ICS Anomaly Detection Market

Search….

Follow @digitalbond

Copyright © 2018 Digital Bond. - All Rights Reserved ·