We recently received this query from a customer performing due diligence:
I am doing some research for CIPv5 on the Orion LX Weather Station (with Weather MicroServer). Are there any ‘system hardening’ techniques that the device has that would prevent any malicious code from being loaded into these systems? Just to clarify we are looking at the CIP standards: CIP007-5 3.1 Deploy method(s) to deter, detect, or prevent malicious code & 3.2 Mitigate the threat of detected malicious code."
Network security has become increasingly critical for some companies and organizations. Security breaches at private, public, and military organizations have been in the news prompting efforts to secure networks. Some organizations may be reluctant or unable to add our Weather MicroServer to their networks.
1. Cloud Weather Server: This is a secure way to share weather data with users outside of the local area network (LAN) for customers who are unable to upload data (via FTP) to their website or implement port forwarding for the MicroServer.
The MicroServer uploads weather data to the Weather Server using HTTP protocol over the standard Port 80. Information is uploaded at 5-second intervals.
In addition to real-time monitoring, the Weather Server has an overview dashboard showing key data from each weather station.
2. The Weather MicroServer: By far our most popular solution for providing weather data to every user on a network. It offers industrial automation and internet interfaces with FTP capabilities, as well as data logging capabilities. No additional wiring – one Ethernet cable connects the MicroServer to the existing Local Area Network. The ports and interfaces on the MicroServer are hardened to greatly minimize any risk of security breach. Our MicroServer Network Security document outlines all the available ports and interfaces and the level of access and protection available.
3. 4-20 mA Signal Interface: For closed networks in industrial environments that will not accept any unvetted network device, the 4-20mA signal interface may be ideal. This monitoring option is available with most of our weather station models -- the Orion 420 PLC Weather Station being the most popular. These stations have an analog current interface directly to the SCADA system with zero network security risk.
4. Serial communication systems isolated from the network: This can be accomplished with a computer running Weather Master Software and/or the touchscreen Weather Display console.
These can be set up and operated independently posing no network security risk. The weather data is available on the computer(s) and/or display console connected to the weather station using serial communication cable.
5. Cellular modem communication: With this option the weather data is available from the Weather MicroServer over a public IP address independent of your network. While the most expensive option, it allows access to the weather station from any computer or device with cellular communication that is completely isolated from the Local Area Network posing no risk to network security.
For more information or to discuss the options, please call 1-866-625-8620 or email.