Emerson v3.1.0 Home Security System User Manual


 
www.emersonprocess.com/deltaV
DeltaV Security Manual October 2014
Table of Contents
1 Introduction ................................................................................................................................5
1.1 Purpose ..........................................................................................................................................5
1.2 Organization ..................................................................................................................................5
1.3 Relevant documentation.................................................................................................................5
1.3.1 Background reading.................................................................................................................5
1.3.2 DeltaV documentation ...........................................................................................................6
1.3.3 Microsoft documentation........................................................................................................6
1.3.4 3rd party product documentation ..........................................................................................6
1.4 Security and DeltaV system projects................................................................................................7
1.5 Security Collaboration between IT and Operations Departments ...................................................8
1.6 Submitting Material for This Manual ............................................................................................ 10
1.7 Glossary....................................................................................................................................... 10
2 Security basics........................................................................................................................... 12
2.1 Threats to control systems ........................................................................................................... 12
2.2 Assets and compromises ............................................................................................................. 12
2.3 Vulnerabilities ............................................................................................................................. 13
2.4 Performing a risk assessment ....................................................................................................... 13
2.4.1 Summary security checklist ................................................................................................. 14
2.4.2 Defense-in-depth ................................................................................................................ 15
2.4.3 Security Hardening .............................................................................................................. 15
2.5 Protecting assets from threats...................................................................................................... 15
2.5.1 Overview.............................................................................................................................. 15
2.5.2 Principal safeguards ............................................................................................................. 16
2.5.2.1 Security policies and procedures.................................................................................. 16
2.5.2.2 Physical security .......................................................................................................... 18
2.5.2.3 Cyber security perimeters............................................................................................. 18
2.5.2.4 Encryption and digital signatures................................................................................. 19
2.5.2.5 Role-based access controls........................................................................................... 20
2.6 Implementing DeltaV security...................................................................................................... 20
3 DeltaV security .......................................................................................................................... 21
3.1 Overview...................................................................................................................................... 21
3.2 DeltaV architecture ..................................................................................................................... 22
3.2.1 External access to DeltaV systems ....................................................................................... 22
3.2.1.1 DeltaV 2.5 network ..................................................................................................... 22
i