|

Siemens Xcelerator: New Siemens Software Automatically Identifies Vulnerable Production Assets

May 9, 2024

Siemens Xcelerator: New Siemens Software Automatically Identifies Vulnerable Production Assets
  • SINEC Security Guard: Intuitive cloud-based software-as-a-service to improve cybersecurity on the shop floor
  • Allows users to match vulnerabilities to their OT assets, prioritize them and engage in mitigation measures
  • Integration with the cloud-native SIEM Microsoft Sentinel enabled
  • Available on the Siemens Xcelerator Marketplace in July, 2024

Production facilities are increasingly the targets of cyberattacks. Industrial companies are therefore required to identify and close potential vulnerabilities in their systems. To address the need to identify cybersecurity vulnerabilities on the shop floor as quickly as possible, Siemens has launched a new cybersecurity software-as-a-service.

The cloud-based SINEC Security Guard offers automated vulnerability mapping and security management optimized for industrial operators in OT environments. The software can automatically assign known cybersecurity vulnerabilities to the production assets of industrial companies. This allows industrial operators and automation experts who don’t have dedicated cybersecurity expertise to identify cybersecurity risks among their OT assets on the shop floor and receive a risk- based threat analysis. The software then recommends and prioritizes mitigation measures. Defined mitigation measures can also be planned and tracked by the tool’s integrated task management.

SINEC Security Guard is offered as cybersecurity software-as-a-service (“SaaS”), is hosted by Siemens and will be available for purchase in July, 2024 on the Siemens Xcelerator Marketplace and on the Siemens Digital Exchange.

Increasing protection by reducing manual effort

“With SINEC Security Guard, customers can focus their resources on the most urgent and relevant vulnerabilities, while having full risk transparency in their factory. It is unique because it takes the specific situation of the customer’s operational environment into consideration while providing a single pane of glass for security- relevant information in the OT area,” says Dirk Didascalou, CTO of Siemens Digital Industries. “When developing the SINEC Security Guard, we drew on our extensive experience with cybersecurity in our own factories.”

Today, industrial operators are tasked with continuously safeguarding their production assets on the shop floor. They need to analyze vendor security advisories, manually match them to the asset inventory of their factory and prioritize mitigation measures. Because this process is time-consuming and error-prone using the existing tools, factories are running the risk of missing critical vulnerabilities in their assets or producing false-positives. This can lead to incorrectly configured plant components and inadequately allocated resources. With the SINEC Security Guard, industrial operators can tackle these challenges without needing in-depth cybersecurity knowledge.

Siemens Xcelerator: New Siemens Software Automatically Identifies Vulnerable Production Assets

Attack detection at scale with Microsoft Sentinel

For a comprehensive view of IT and OT cybersecurity, SINEC Security Guard will also offer a connection to Microsoft Sentinel, Microsoft’s Security Information and Event Management (SIEM) solution for proactive threat detection, investigation and response. Once connected, SINEC Security Guard can send alerts for security events including attacks to Sentinel, enabling a security analyst to incorporate SINEC Security Guard insights and conclusions in investigations and responses with Microsoft Sentinel powered Security Operations Centers.

“As information technology and operational technology systems continue to converge, a holistic cybersecurity architecture is key to protecting IT and OT capabilities alike. By combining our domain knowledge, Siemens and Microsoft make it easier for industrial operators to efficiently detect and address cybersecurity threats at scale,” says Ulrich Homann, Corporate Vice President, Cloud + AI at Microsoft.

SINEC Security Guard also supports the manual upload of existing asset information for asset inventory. Siemens recommends, however, that industrial operators use the Industrial Asset Hub, the Siemens cloud-based Asset Management solution, to enable continuous automated asset inventory management.

Functionalities also include signature-based network intrusion and attack detection via the SINEC Security Guard Sensor, an Industrial Edge app, which gives users live information about their industrial network. The SINEC Security Guard Sensor App is available at the Siemens Industrial Edge Marketplace. The initial release of SINEC Security Guard only supports Siemens OT assets but third-party device support is planned in the future. SINEC Security Guard will expand the existing Siemens software portfolio for OT network security consisting of SINEC Security Inspector and SINEC Security Monitor.

Source

More Information

Further details on the new SINEC Security Guard can be found at: www.usa.siemens.com/sinec-security-guard

Related Story

Siemens Launches Siemens Xcelerator in Canada

To unlock the value of digitalization at speed and scale for its Canadian customers, Siemens has launched its global open digital business platform, Siemens Xcelerator, in Toronto at Collision Conference 2023. The platform accelerates digital transformation and value creation for customers of all sizes in industry, buildings, grids and mobility and includes an evolving marketplace to facilitate interactions and transactions between customers, partners and developers.

Related Articles



Editor’s Pick: Featured Article

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s u-control 2000: The Automation Controller

Weidmüller’s scalable engineering software, u-control 2000, adapts individually to your requirements. And, the u-control is powerful, compact and fully compatible with Weidmüller’s I/O system u-remote. This article looks at what makes u-control the heart of your automation.

Programmable logic controllers (PLCs) are one of the main components of any automated system. A typical control system has inputs, outputs, controllers (i.e., PLCs), and some type of human interaction with the system, a human machine interface (HMI), for example.

Read More



Latest Articles

  • Legacy OT Risks: The Hinderances of Aging Systems – and How to Move Forward

    July 15, 2024 Today, the role of a chief information security officer (CISO) comes with a heavy ethical and social responsibility. Yes, we and our teams have a primary responsibility to protect the cybersecurity of critical infrastructures that provide vital services like electricity, water, oil, gas, healthcare, and food production, to name a few. As… Read More…

  • Put to the Ultimate Test – Part 3: Drag Chain Tests

    July 12, 2024 During the development of their cables and wires, HELUKABEL vigorously test each product in their testing laboratories. In the third part of their series, they’ll introduce you to their drag chain tests. Drag chains – also known as energy chains – are ideal for guiding and protecting electrical cables, and hydraulic and… Read More…