This week’s discussion is about encryption and using it in an industrial environment. The short answer is to use it, wherever you can. The actual answer is a big… it depends.
Machines inside the enterprise are typically hardwired and communicate without encryption. In my opinion, the risk is quite small if the plant is properly segmented and the equipment stays out of the business office and vice versa. Encryption becomes important when the data travels outside of the network. If there are sensors sending data back via a wireless carrier, it should be encrypted before it gets transmitted. In the unfortunate event of a machine sending data over the Wi-Fi, that better be encrypted as well.
Does this all sound simple? Well, as you might already know security in manufacturing equipment was never a consideration when it all became computerized, and even today security is slightly more than an afterthought. So, to encrypt the data, it must be done outside of the PLC unless you are lucky enough to use a PLC that can encrypt built-in. We use several PLC brands where I work, but B&R is our go-to system, and we can encrypt. We also have Rockwell’s Compact Logix in-house, and I haven’t found how to encrypt that data unless I put the data in a PC in the cabinet and then send it out from there. A device made by Tosibox is one such way. A link is below along with some additional information from B&R. And FYI, I don’t receive any benefits from promoting either company. I have used the products and feel they do a good job. I am sure there are others out there that are equally effective, but I can’t speak of their use.