Security Guideline for WinCC OA

Discussion about security topics in WinCC OA!
Search

Post Reply
6 posts • Page 1 of 1
User avatar
dfranken
Posts: 22
Joined: Mon Aug 02, 2010 9:47 am

Security Guideline for WinCC OA

Post by dfranken » Fri Mar 21, 2014 9:54 am

Dear customer,

ETM provided a new version from the Security-Concept WinCC OA.

Target of this document:
Maintaining the control over production and the processes in the application has the highest priority in automation. Even measures to prevent security threats must not affect this. The "Security Concept WinCC OA" should ensure that only authenticated users execute authorized (permitted) operations on authenticated devices based on utilization features assigned to them. This utilization should take place only via unique and planned access routes. This is to ensure safe production or coordination without hazards for human beings, environment, product, goods to be coordinated and the business of the organization during a task.

The new document is available in the Download section from ETM Portal or you can download if directly from following links:
All security documents
Latest English version

To receive updates on new guidelines you can subscribe to this topic.


Best Regards
Daniel Frankendorfer
Senior Consultant

User avatar
dfranken
Posts: 22
Joined: Mon Aug 02, 2010 9:47 am

Re: New Security-Concept WinCC OA available (3.12)

Post by dfranken » Fri Mar 21, 2014 1:02 pm

Dear customer,

This concept is only valid for WinCC OA 3.12 and future versions until canceled.
For older versions of WinCC OA see the corresponding security concepts
The main adoption of the security concept for WinCC OA 3.12 compared to the concepts which are still valid for older WinCC OA versions are:

1) List of used products
2) Update of references chapter
3) More details in chapter Strategy of this security concept
4) New examples of Demo-facility (highly secure large system, secure small system)
5) Specific enhancements in Hardening chapter
6) Rework chapter Patch Management and Virus Scanner settings
7) Merging chapters of Glossary and Definitions
8) Update almost all images in this document
9) A lot of more detailed descriptions

Please be aware that this list may not be complete and shall give you only a hint to the major adoptions. We recommend to analyze the document carefully and implement the measures to secure your applications and installations.

Please consider the disclaimers and security notes at the beginning of the document.

Best Regards
Daniel Frankendorfer
Senior Consultant

User avatar
dfranken
Posts: 22
Joined: Mon Aug 02, 2010 9:47 am

New Security-Concept WinCC OA (Version 3.14)

Post by dfranken » Wed Feb 24, 2016 7:50 am

Dear customer,

ETM provided a new version of our Security-Concept for WinCC OA.

Target of this document:
Maintaining the control over production and the processes in the application has the highest priority in automation. Even measures to prevent security threats must not affect this. The "Security Concept WinCC OA" should ensure that only authenticated users execute authorized (permitted) operations on authenticated devices based on utilization features assigned to them. This utilization should take place only via unique and planned access routes. This is to ensure safe production or coordination without hazards for human beings, environment, product, goods to be coordinated and the business of the organization during a task.

The new document is available in the Download section from ETM Portal in section: Downloads\\Safety & Security\\Security.
This concept is only valid for WinCC OA 3.14 and future versions until canceled. For older versions of WinCC OA see the corresponding security concepts.

The main adaption of the security concept for WinCC OA 3.14 compared to the concepts which are still valid for older WinCC OA versions are:

1. List of used products
2. Update of references chapter
3. More details in chapter Strategy of this security concept
4. New examples of Demo-facility (highly secure large system, secure small system)
5. Specific enhancements in Hardening chapter
6. Rework chapter Patch Management and Virus Scanner settings
7. Better description to use mxProxy to divide security cells
8. Some recommendations for new ULC UX and mobile clients
9. Merging chapters of Glossary and Definitions
10. Update almost all images in this document
11. A lot of more detailed descriptions

Please be aware that this list may not be complete and shall give you only a hint to the major changes. We recommend to read that document carefully and to implement the measures to secure your applications and installations.
Please consider also the disclaimers and security notes at the beginning of the document.

Best Regards
Daniel Frankendorfer
Senior Consultant

User avatar
dfranken
Posts: 22
Joined: Mon Aug 02, 2010 9:47 am

Update Security Guideline for WinCC OA (Version 3.15)

Post by dfranken » Mon Oct 09, 2017 1:13 pm

Dear customer,

ETM provided an update for our Security Guideline with WinCC OA version 3.15.

Target of this document is to give additional information regarding the configuration and required IT infrastructure in a security relevant environment.
Please take a look, as we have refined the existing guideline and added a lot of additional recommendation, like the usage of our server side authentication feature, since the last version for 3.15 in March 2017.
The new document is available in the Download section from ETM Portal under following link: Downloads\\Safety & Security\\Security.

We recommend to read this document carefully and to implement the measures to secure your applications and installations. Please consider also the disclaimers and security notes at the beginning of the document.

Best Regards
Daniel Frankendorfer
Senior Consultant

gschijndel
Posts: 104
Joined: Tue Jan 15, 2019 2:12 pm

Re: Security Guideline for WinCC OA

Post by gschijndel » Fri Feb 22, 2019 3:37 pm

dfranken wrote:
Mon Dec 17, 2018 1:00 pm
Dear customer,

ETM provided an update for WinCC OA - Security Guideline in version 3.16-FP1 (P004).

Target of this document is to give additional information, regarding the configuration and required IT infrastructure, in a security relevant environment.

We've refined the existing guideline, since the last version 3.16 Final in April 2018.
With this version we've focused to following chapters:
+ Implementation of basic descriptions for security like encryption.
+ Extension of chapter: Hardening
+ Extension of chapter to create and deploy certificates for WinCC OA
+ WinCC OA Video
+ A lot of small extensions

The new document is available in the Download section from SIMATIC WinCC Open Architecture Portal under following link: Downloads --> Safety & Security --> SIMATIC WinCC OA Security Guideline V316

https://www.winccoa.com/downloads/detai ... on%5D=show


ETM recommends to read this document carefully and to implement the measures to secure your applications and installations. Please consider also the disclaimers and security notes at the beginning of the document.


Best Regards
Daniel Frankendorfer
Senior Consultant

User avatar
dfranken
Posts: 22
Joined: Mon Aug 02, 2010 9:47 am

Re: Security Guideline for WinCC OA

Post by dfranken » Mon May 27, 2019 1:04 pm

Dear customer,

ETM provided an update for WinCC OA - Security Guideline in version 3.16-FP2 (P009).

Target of this document is to give additional information, regarding the configuration and required IT infrastructure, in a security relevant environment. We've refined the existing guideline and closed gaps, since the last update from December 2018.

The updated document is available in the Download section from SIMATIC WinCC Open Architecture Portal under following link: Downloads --> Safety & Security --> SIMATIC WinCC OA Security Guideline V316:

https://www.winccoa.com/downloads/detai ... on%5D=show

ETM recommends to read this document carefully and to implement the measures to secure your applications and installations. Please consider also the disclaimers and security notes at the beginning of the referenced Security Guideline.

Best Regards
Daniel Frankendorfer
Senior Consultant

Post Reply
6 posts • Page 1 of 1