Cyber Security with Distributed Control System 800xA

All control systems are exposed to cyber security risks. System 800xA has the right defense mechanisms in place.

Are you looking for support or purchase information?

Highlights

Cyber Security trends in Process Automation
Cyber Security blog entry
Go to blog
System 800xA v6

Even more secure

Read more
Placeholder highlight
Read more

What is ABB's approach to cyber security?

Defense in depth

There is no one single solution to keep a system cyber secure. ABB instead recommends a defense in depth approach. Defense in depth is about multiple layers of security controls that are placed throughout the system.

How does it work?

Cyber security is embedded into System 800xA

Cyber security is an important factor in all phases of ABB’s system life cycle and is an integral part of System 800xA. It is addressed at each stage of our system lifecycle - from design and development to operations and maintenance.

Threat modelling, security design reviews and security training of software developers are examples of actions taken at the earliest stages of the lifecycle. For controllers & communication cards, these measures are followed up by robustness tests at ABB’s Device Security Assurance Center (DSAC). DSAC, a Wurldtech accredited testing facility, performs “Level 2”-tests utilizing Wurldtech’s Achilles test platform. In addition, DSAC also test the devices with tools from for example Tenable networks, NMAP, and Spirent. 800xA provides a comprehensive and consistent set of embedded mechanisms to manage cyber security risks. Some examples are, role based access control, back-up and restore functionality, and utilization of IPSec. Finally, system deliveries follow our strict guidelines on handling cyber security.

What is the next step?

After an 800xA system been commissioned, ABB continues to communicate with its users, e.g. using My Control System. Here users can find useful field information on their system.

What is described above are some examples of how security for System 800xA adheres to the SD3+C Security Framework developed by Microsoft. It is about considering Secure by Design in the R&D phase, that products are to be Secure by Default, that solutions are to be Secure in Deployment, and that Communication is needed between a supplier and user.

Sales Support

Offerings

Recommended links

My Control System

Audit trail

System Hardening & System Configuration

PC, Network, and Software Monitoring

Monitoring Service

Fingerprint

Antivirus updates

Windows security updates

Digital Signature

Advanced Access Control

Whitelisting

Whitelisting

Industrial Defender

Policies & Guidelines Consultancy

Whitelisting-redirect

ISA / ISS Secure

Offerings - a modular approach

Our cyber security products and services offerings are segmented into built-in, recommended, and high need.

Built-in security

Included within System 800xA by default
System Hardening & System Configuration

(Robustness testing, roles based access control, OPSec, back-up & restore, host firewall for servers & workstations, and storm protection for controllers & communication modules, etc.)
Service
My Control System

Field communication - e.g. security bulletins & security reports

Fundamental security

Recommended for all customers
Product
Audit Trail

Keeping track of modifications made to your control system is part of the foundation of any security management strategy.
Service
Cyber Security Fingerprint

The ABB Cyber Security Fingerprint identifies strengths and weaknesses for defending against a cyber attacks.
Product
PC, Network, and Software Monitoring

Makes it possible to be proactive and ensure optimum system availability.
Service
Antivirus updates
Service
Windows security updates
Service
Training (e.g. E163)
Service
Cyber Security Monitoring: Service Port

Identifies, classifies and helps prioritize opportunities to improve the security of your control system.

Enhanced security

For customers with high security needs
Product
Digital Signature
Service
Cyber Security Manager: Industrial Defender
Product
Advanced Access Control
Service
Policies & Guidelines Consultancy
Product
Whitelisting

Whitelist the applications you would like to run, and thereby prevent all unapproved executables from running.
Select region / language

Popular links