×
INTELLIGENT WORK FORUMS
FOR ENGINEERING PROFESSIONALS

Contact US

Log In

Come Join Us!

Are you an
Engineering professional?
Join Eng-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Eng-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

How to retrieve data from a scada-PLC system without infecting it with virus?
2

How to retrieve data from a scada-PLC system without infecting it with virus?

How to retrieve data from a scada-PLC system without infecting it with virus?

(OP)
Hi

Often we have to retrieve data, alarms, trends, print screens of process values and share. Is there a way of doing this without infecting the system with virus if we use a pen drive between our office laptop and the system?

Initially we were using a CD. Nowadays most laptop do not have a CD drive and the personnel find this tedious.

Is there any anti-virus installed on a scada-PLC system e.g Siemens PLC 400 for a power plant? Does Siemens, ABB, Schneider recommend to install anti-virus on their system?
Are there examples of power plant shutdown of scada-PLC due to virus in the past? Thks

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

Please make sure to keep your control system updated and protected with validated Microsoft security updates and verified 3rd party Antivirus files. You may also wish to make sure with your service provider that common antivirus software's like McAfee and Symantec updates are verified for relevance and system compatibility with your control system software.
Esperantes

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

I don't believe there are any specific security issues that are particular to automation equipment that wouldn't also apply to a business enterprise system. Whatever IT security procedures and processes are employed should be used everywhere in your business.

You may find some interesting and helpful discussions here- Link

Brad Waybright

The more you know, the more you know you don't know.

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

You should check that the system does nothing upon insertion of a flash drive; Windows systems have the option of running Windows Explorer, or opening a specific file on the inserted drive, or doing nothing.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! https://www.youtube.com/watch?v=BKorP55Aqvg
FAQ731-376: Eng-Tips.com Forum Policies forum1529: Translation Assistance for Engineers Entire Forum list http://www.eng-tips.com/forumlist.cfm

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

thebard3 has the answer.

And if you want an example of shutdowns, all one has to do is Google StuxNet... that will put the fear of God into any SCADA/PLC maintenance tech.

Dan - Owner
http://www.Hi-TecDesigns.com

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

The short answer is that if you're using USB drives to transfer such data, you're doing it wrong.

The long answer, as an augment of what thebard3 has said, is that the system should be configured such that access to such equipment via things like USB sticks for data retrieval is never required.
Access to some sort of historian, only via authenticated users, would be one of the ideal cases. It used to be the case that such access was at least partially obfuscated via use of serial communications, but with ethernet, most equipment is effectively wide open should anyone look hard enough for it.

I am only too well aware, however, of the general issues in getting both IT and OT to agree on what is needed, how to implement it, and who is to support it.

EDMS Australia

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

We have used Hyperterminal for sending data over serial connection between SCADA PC and other PC, it is slow but safe.

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

Hyperterminal has been pulled from Win10, if a serial means of extracting data is desired, better off using PuTTY.

EDMS Australia

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

(OP)
Often colleagues do print screens on workstation and must share them with others through mail.

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

It doesn't matter what you want/need to do... there's simply zero method that will completely prevent infection, barring turning the machine completely off and leaving it in that state forever.

Dan - Owner
http://www.Hi-TecDesigns.com

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

The system needs to write the data to a table and the historian reads the data from the table. No direct interaction between the process system and the historian.

I’ll see your silver lining and raise you two black clouds. - Protection Operations

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

Writing/reading a table indicate access from more than one path/direction... and this is what virii take advantage of.

Dan - Owner
http://www.Hi-TecDesigns.com

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

Sure, you can print out hard copy, scan/OCR into something else; bad for the environment, but infection free. No guarantees about the infectibility of the printer, though.

TTFN (ta ta for now)
I can do absolutely anything. I'm an expert! https://www.youtube.com/watch?v=BKorP55Aqvg
FAQ731-376: Eng-Tips.com Forum Policies forum1529: Translation Assistance for Engineers Entire Forum list http://www.eng-tips.com/forumlist.cfm

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

If the process device is only pushing out data and never receives anything it can't be infected. The data in the table could become compromised before the historian reads it, but there shouldn't be a path into the process equipment.

I’ll see your silver lining and raise you two black clouds. - Protection Operations

RE: How to retrieve data from a scada-PLC system without infecting it with virus?

Think you can't infect a computer from a scanned image? Think again... BTDT.

Dan - Owner
http://www.Hi-TecDesigns.com

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Eng-Tips Forums free from inappropriate posts.
The Eng-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Eng-Tips forums is a member-only feature.

Click Here to join Eng-Tips and talk with other members! Already a Member? Login


Resources

Low-Volume Rapid Injection Molding With 3D Printed Molds
Learn methods and guidelines for using stereolithography (SLA) 3D printed molds in the injection molding process to lower costs and lead time. Discover how this hybrid manufacturing process enables on-demand mold fabrication to quickly produce small batches of thermoplastic parts. Download Now
Design for Additive Manufacturing (DfAM)
Examine how the principles of DfAM upend many of the long-standing rules around manufacturability - allowing engineers and designers to place a part’s function at the center of their design considerations. Download Now
Taking Control of Engineering Documents
This ebook covers tips for creating and managing workflows, security best practices and protection of intellectual property, Cloud vs. on-premise software solutions, CAD file management, compliance, and more. Download Now

Close Box

Join Eng-Tips® Today!

Join your peers on the Internet's largest technical engineering professional community.
It's easy to join and it's free.

Here's Why Members Love Eng-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close