Phoenix Contact Industrial Security Guideline
The Industrial Security Guideline contains the information that is necessary to integrate and use Phoenix Contact components within your plant in a secure way. It is not specifically related to any specific device or software version. It is rather to be understood as generic information which has to be supplemented by the related product-specific information given in the respective device manual or software user guide.
The guideline contains the following chapters and topics:
- Introduction and General Information
- Why Cyber Security?
- Security-relevant Laws and Industrial Standards
- IT and OT/ICS: A Comparison
- 360° Security - The Holistic Approach
-
Concepts & Tools based on IEC 62443
(Least Privilege Concept, Defense in Depth Concept, Zones and Conduits (with Protection Needs Analysis), Data Classification & Protection Needs, Security Levels, Foundational Requirements (FR) and System Requirements (SR), Security from the operator's view) - ICS Security Concept by Phoenix Contact
-
Implementation by Technical and Organizational Means
(Network Segmentation, Remote Access/Remote Maintenance, Firewalls, Anti-Malware Inspection, NAT and Port Forwarding, Port Protection and Port Alerts, (Central) User Management, Passwords, Secure Communication by Encryption and Authentication, Logging and Monitoring, Data Backup and Restore, Plant Management etc.)