Last edit: 07/07/2023
Apart from direct measures regarding installed hardware and software as well as appropriate design of the entire machine regarding IT-security, the significant contribution by the machine manufacturer can be made by appropriate information on the vulnerability analysis in its instruction handbook to the customer/end user (and possibly to the system integrator).
Moreover, at the design stage, the machine manufacturer should observe basic principles/measures to minimize the vulnerability of safety-related parts of the entire machine with regard to IT security threats. For example:
- Separate safety-relevant IT-system as far as possible from the overall IT-system of the machine.
- Equip the machine IT-system with firewalls, antivirus tools, etc….
- Equip the machine with means to detect failed IT-system components being essential for safety or unavailable risk reduction measures.
- Equip the machine with means which brings the machine in case of a failed IT-system component being essential for safety or unavailable risk reduction measures ultimately to a safe state.
- Equip the machine with means/measures for authentication for access control (e.g. card readers, physical locks, password-systems).
- Equip the machine with means for software upgradability.