This fully-embedded firmware approach is fairly unique to SCADA-based operating systems, but helps one to understand that a highly controlled operating system and software environment – as mandated under the Australian DSD’s diktat - has a far lower risk of subversion than the free-for-all software approach see in the cost-cutting UK public sector.
Here at Avecto, whilst we understand the impetus behind moving to open source software that a growing number of UK government departments and allied public sector agencies are moving towards as part of their cost-cutting strategy, this does not mean that the Australian ideas enshrined in the DSD report cannot also be applied here in the UK.
This is because the principle on which our security offerings are built is Windows privilege management - namely the control over who has access to specific applications running on the corporate IT platform, as well as the underlying data.
This means, for example, that if the admin team only run their control and security software from within the network perimeter on known PCs, then access to those applications can be locked down to specific on-network computers.
Then, even if a set of admin account credentials are compromised by hackers, they cannot use those credentials from the Internet – they would still have to gain physical access to the terminals used by the admin staff.
read more: http://www.securitypark.co.uk/security_article267389.html
Sunday, 25 March 2012
Saturday, 17 March 2012
PROBLEMS WITH CURRENT GENERATION OF MES SYSTEMS BRING HIGH INVESTMENT RISK
Problems with Current Generation of MES Systems Bring High Investment Risk, says Paul Hurst of Products4Automation Current MES systems only represent a preliminary stage of development toward the goal of intelligently controlled production processes, according to Paul Hurst of P4A, the UK distributor for FELTEN Production Intelligence software. "MES systems need to adopt a holistic and process-oriented approach," says Hurst. "This represents an evolutionary advancement, one which releases production management from its isolated self-image and associated performance limitations, enabling significantly higher levels of production efficiency to be achieved." For reasons of economic security, Hurst's recommendation for companies that are still without MES systems, or solutions for machine and production data collection (MDC/PDC), is to forego the use of classic systems. "Because the future clearly belongs to PI-oriented solutions, a focus on outdated MES philosophies carries with it a high investment risk," he says. So what exactly are the problems with current generations of MES systems; and how can these be overcome with a PI solutions approach? The problems fall into seven key categories, according to Paul Hurst, they are: The role of humans is neglected; Too isolated a perspective; A technical and system focus that is too strong; Rigid instead of flexible process guidance; Extensively isolated planning and control processes; Sufficient KPI control is not possible; No intrinsic administrative optimisation methods are provided. "Many automation strategies fail to consider that humans, as the keepers of intelligence, know-how; or take account of the fact that experience with processes, can never be completely replaced by technology," asserts Hurst. "Instead of achieving a balance between technology and humans, MES systems have caused the pendulum to swing predominantly towards automation and let the human factor, with its potential to increase productivity, fade into the background. In the field, production management is typically looked at in isolation, without consideration of the environment and its specific conditions. MES systems have actually reinforced this focus, because even with the requirement of integration into ERP systems, these systems were not designed from a holistic perspective. The actual potential for productivity increases lie within the processes, but current MES strategies are dominated by a technical focus. And because a logical process focus is missing, current optimisation possibilities can only be insufficiently employed.
Read more: www.dmaeuropa.com
Subscribe to:
Posts (Atom)