Category: ABB

Secure by Default

The goal in this phase is to create default product installations and configurations that are more

resistant to attack, by reducing the attack surface (the number of points a hacker can attempt to

exploit). To accomplish this goal, software must be installed in its most secure configuration and

must stay that way until the customer takes informed steps to loosen it.

Symphony Plus is installed in a predefined way, which makes the process easy and reliable,

ensuring that settings are done in a consistent and repeatable way. Functions and features that

are not needed are disabled or not installed, and Windows Firewall is configured to only enable

necessary communication ports. Symphony Plus gives control engineers a unique opportunity to

manage access for each user. Access can be granted based on parameters such as who and

where the user is, what the user wants to do, and on which aspect object.

Secure by Deployment

The goal here is to ensure that the products can be installed, configured, operated and maintained

in a secure way. User documentation describes how to install and operate Symphony Plus

at the highest level of security. Documentation includes recommendations on how to build secure system

architecture using security zones and defense in depth. Security compliance project checklists

make sure that all important steps are taken during project execution to ensure a secure

deployment. Systems in operation are kept secure with monthly security patch updates and daily

anti virus updates.

Secure by Design

The goal here is to make sure that security bugs or vulnerabilities are not present in new software.

To accomplish this, cyber security must be a factor from the very start of product design. And through

all phases, from creating the specification, through writing the code, and testing the product.

A securebydesign philosophy manifests itself as security training, code reviews and walkthroughs,

threat analysis, and robustness testing of products.Security is integrated in ABB’s quality management

system. Formal threat analysis and threat modelling provide the basis for security

requirements and design principles for the system.

Security checkpoints at project gates ensure that security objectives are met.

One key element of this process is our independent robustness test lab, the ABB Device

Security Assurance Center, where our products are tested. This laboratory is run by dedicated

personnel who are not part of any product development team. They use several specialized

security testing tools, for example Achilles Test Platform and Nessus scanners.

In addition to our adoption of SD3+C Security Framework and extensive internal testing

performed by ABB’s Device Security Assurance Center (DSAC), ABB has embraced third party

security certification to IEC62443 standard by ISA Secure Certification Institute (ISCI),

Symphony Plus security features are designed to meet regulatory requirements and includes

features to help enable compliance such as user account management, rolebased access control,

user authentication, audit trail, etc.

Cyber security is embedded

in Symphony Plus

Cyber security is embedded in all phases of ABB’s system life cycle. Security for Symphony Plus

adheres to the SD3+C Security Framework (created by Microsoft) to en sure and improve security in

system components. This means that cyber security is addressed at each stage of our system

life cycle, from design and development to maintenance.

Secure by Deployment

The goal here is to ensure that the products can be installed, configured, operated and maintained

in a secure way. User documentation describes how to install and operate Symphony Plus

at the highest level of security. Documentation includes recommendations on how to build secure system

architecture using security zones and defense in depth. Security compliance project checklists

make sure that all important steps are taken during project execution to ensure a secure

deployment. Systems in operation are kept secure with monthly security patch updates and daily

anti virus updates.

ABB’s systematic approach ensures cyber security

The global industries have steadily increased their focus on cyber security for industrial automation

and control systems. As a result,many different drivers and trends have emerged.

At ABB, we have always seen cyber security as a key requirement and are committed to provide

products, systems and services that clearly address this vital issue. On a global level, ABB

takes a systematic approach to cyber security throughout design, development and delivery of

its automation products. For instance, ABB has established an orga  nization with security

councils on corporate and division level to keep track of the global needs and requirements

concerning cyber security.

Optimal compliance

We also do our part when it comes to cyber se curity standards. ABB is an active member and driver of

industry initiatives, including active involvement in ISA, IEEE, Cyber Security Standard Committees and

IEC. Our involvement also allows the security councils to ensure that ABB products and systems

are compliant with, and support industry standards and regulations related to cyber

security. We are constantly adapting to the latest threats and testing with best inclass tools to

ensure products can meet today’s cyber security requirements.

Symphony Plus has been designed with cyber security in mind and provides stateoftheart

functionality. This allows you to easily address requirements such as NERCCIP and maintain

compliance according to these standards and beyond.

Why control system owners

have to focus on cyber security

Industrial automation and control systems have evolved over the past decade thanks to techno

logical advancements. At the heart of these advancements are specialized IT systems.

To provide end users with comprehensive real time information and allow for higher levels of

reliability and control, these systems have become more and more interconnected.

The new generation of automation systems utilize open standards, such as OPC, IEC 61850. IEC 60870

5104. DNP 3.0. and commercial technologies, in particular Ethernet and TCP/IPbased

communication protocols. They also enable connectivity to external networks, such as office

intranet and the internet. These changes in technology have brought huge benefits from anopera

tional perspective, but they have also introduced cyber security concerns previously

known only in office or enterprise IT systems.

Cyber risks were inherited by adopting open IT standards. But fortunately, so were the cyber

security mechanisms developed in enterprise environments to address those risks.

These mechanisms enable the development of cyber security solutions tailored for industrial

automation and control systems, relying on proven technology.

ABB is committed to cyber security

Cyber security is important for every company.Without it, your company

risks production disruptions, loss of intellectual property and data

that cannot be recreated.

As for any ABB solution, we want you to be confident knowing that we are protecting you

with bestinclass security solutions.

We fully understand the importance of cyber security, and its responsibility to advance the

security of control systems. You can rely on system solutions where reliability and security

have the highest priority.

ABB helps secure your company’s future

The world of process automation is changing in the face of new technologies, opportunities and

challenges. ABB remains committed to helping customers take advantage of technology advances

while minimizing exposure to cyber risks.

Since ABB is a leading provider of control systems for a wide spectrum of industries,

we can combine our technology strengths and domain expertise to provide a

customerfocused solution that enhances asset productivity and efficiency.

The objective is to establish the necessary levels of cyber security,

and maintain that level while preserving the availability and functional inter

operability of systems.

If its valuable to you, it is a target to someone else

In critical infrastructure the protection goes beyond intellectual property

and covers the availability of the asset that could be diminished under

an attack. In fact, the shape and size of your company’s future will be

determined by your know-how, ideas and operations – but also on your

ability to protect them.

With so much at stake the big question is: How do you secure your

company against cyber risks, like attacks from viruses, hackers,

ransomware and human errors?

ABB is committed to cyber security

Cyber security is important for every company.Without it, your company

risks production disruptions, loss of intellectual property and data

that cannot be recreated.

As for any ABB solution, we want you to be confident knowing that we are protecting you

with bestinclass security solutions.

We fully understand the importance of cyber security, and its responsibility to advance the

security of control systems. You can rely on system solutions where reliability and security

have the highest priority.

Paperless operations management

Maintenance costs are greatly reduced by stream

lining operation and maintenance work interac

tions. The HMI’s integrated CMMS (Computerized

Maintenance Management System) environment

allows seamless navigation to asset-specific ser

vice activities. From a single click, operators can

submit new equipment work orders or review and

update existing ones logged in the CMMS system.

Further, The HMI’s ShiftBook and electronic shift

log options provide alternatives to “paper” shift

logs. Shift changes and open work actions are

automatically noted in the operator shift log

and the next shift’s “To Do” list respectively.

Geographical information system

S+ Operations offers an integrated Geographical

Information System (GIS) for easy, interactive

exploration of spatial and process information

of wide area applications like hydropower sta

tions and water distribution networks. Customiz

able pre-configured GIS layers present relevant

information with seamless association with the

automation system’s devices and alarms.

With pre-configured GIS layers, this built-in fea

ture allows users to pan and zoom over the map

of entire network without leaving the operations

environment. With simple “one-click” navigation

between the two, the time required for spatial

investigations is significantly reduced with over

all network management improved. Not bound to

any specific GIS platform, S+ Operations can sup

port existing background street maps, satellite

imagery, etc. and background maps from popular

providers such as Google Maps™ and Microsoft

Bing™ Maps. This flexibility makes S+ Operations

the ideal choice for large or small installations

with or without existing GIS infrastructures.

Electrical integration via IEC 61850

Electrical system integration with the plant con

trol system allows industrial and utility processes

to be run at a higher level of availability and

energy efficiency. It provides a substantial reduc

tion in plants’ operational costs and overall safety

and reliability. S+ Operations provides native

MMS communication with IEC 61850 IEDs in order

to acquire and display three-phase current, volt

age and all protection values. This native commu

nication is an easy and fast solution which

reduces the cost of implementing electrical inte

gration. Moreover, S+ Operations allows full con

trol of the electrical structures, modelling the

most relevant power system applications includ

ing transformer bays, generator, incoming, mea

suring, outgoing, busbar, VFDs and motor bay.