Cyber Security with Distributed Control System 800xA

All control systems are exposed to cyber security risks. System 800xA has the right defense mechanisms in place.

Are you looking for support or purchase information?


Placeholder highlight

What is ABB's approach to cyber security?

Defense in depth

There is no one single solution to keep a system cyber secure. ABB instead recommends a defense in depth approach. Defense in depth is about multiple layers of security controls that are placed throughout the system.

How does it work?

Cyber security is embedded into System 800xA

Cyber security is an important factor in all phases of ABB’s system life cycle and is an integral part of System 800xA. It is addressed at each stage of our system lifecycle - from design and development to operations and maintenance.

Threat modelling, security design reviews and security training of software developers are examples of actions taken at the earliest stages of the lifecycle. For controllers & communication cards, these measures are followed up by robustness tests at ABB’s Device Security Assurance Center (DSAC). DSAC, a Wurldtech accredited testing facility, performs “Level 2”-tests utilizing Wurldtech’s Achilles test platform. In addition, DSAC also test the devices with tools from for example Tenable networks, NMAP, and Spirent. 800xA provides a comprehensive and consistent set of embedded mechanisms to manage cyber security risks. Some examples are, role based access control, back-up and restore functionality, and utilization of IPSec. Finally, system deliveries follow our strict guidelines on handling cyber security.

What is the next step?

After an 800xA system been commissioned, ABB continues to communicate with its users, e.g. using My Control System. Here users can find useful field information on their system.

What is described above are some examples of how security for System 800xA adheres to the SD3+C Security Framework developed by Microsoft. It is about considering Secure by Design in the R&D phase, that products are to be Secure by Default, that solutions are to be Secure in Deployment, and that Communication is needed between a supplier and user.

Offerings - a modular approach

Our cyber security products and services offerings are segmented into built-in, recommended, and high need.

Built-in security

Included within System 800xA by default

Fundamental security

Recommended for all customers

Enhanced security

For customers with high security needs
Policies & Guidelines Consultancy
Select region / language