ei3 leads OMAC's Security Considerations for Remote Access Initiative
Recent ransomware attacks have put the spotlight on potential security vulnerabilities of some industrial Remote Access solutions. Around the world, users are scrambling to understand and mitigate these vulnerabilities. With this in mind, the Organization for Machine Automation and Control (OMAC) convened its second “Remote Access Workgroup,” to present practical, field-tested methods for reducing cybersecurity-related risk.
The workgroup, led by ei3, also reviews issues created by actors or processes that cause intentional or unintentional security incidents. This document is a follow-up to the initial OMAC document titled “Practical Guide for Remote Access to Plant Equipment,” published in January 2021. It is recommended that the reader of this addendum first review that document to better understand all the aspects of remote access before taking a detailed look at security.
About the Security Considerations for Remote access Workgroup
The “Security Considerations for Remote Access” document provides a broad perspective and insights from an experienced group of 47 members representing End Users, and the OEMs, System Integrators, and Equipment Suppliers that support them.
- End Users include Cargill, Colpal, Corning, Frito Lay – Pepsico, General Motors, P&G, Rohm and Haas
- OEM’s such as Barry-Wehmiller, Dürr USA, Mettler Toledo, Milacron, Nordson Corporation, ProMach
- System Integrators like Applied Control Engineering, Bachelor Controls, DMC, Interstates, Martin CSI, The EOSYS Group, Outlier Automation, Rovisys, SAGE and
- Groundbreaking Technology Companies like Beckhoff, Cisco, Dispel, Dynics, EtherCAT Technology Group, KORE Wireless, Mitsubishi Electric Europe B.V., Nozomi Networks, Sick, Siemens
- A special mention goes to Packaging Machinery Manufacturers Institute (PMMI) for their support
Individual or Operational Threats
Remotely Connecting Outside the Facility
Policies or Procedures When Vetting a Remote Access Solution