In terms of industrial cyber security “application whitelisting” is an emerging approach to combating viruses and malware. It allows software to run that’s considered safe and blocks all other programs. The basic concept behind application whitelisting is to create a list that permits only good known files to execute, rather than attempting to block malicious code and activity. Visit https://www.honeywellprocess.com/en-US/explore/services/industrial-it-solutions/Pages/default.aspx today.
2. Industrial Cyber Security
• Application Whitelisting is an emerging approach to
combating viruses and malware
• The basic concept is to create a list that permits only
good known files to execute, rather than attempting to
block malicious code and activity
• First attempt to Whitelist approach is thru email
management – eliminating spam and allowing delivery
of messages only wanted
2
3. Industrial Cyber Security
Whitelisting vs. Blacklisting
• Blacklisting blocks or removes known harmful software
• Blacklisting leaves a time gap between when new
malware is detected and its inclusion in the latest
security update
• During this time gap, opportunity exists for breaches to
take place. Malicious code exploit the vulnerability
• With these increasing threats, Whitelisting provides
additional defense
3
4. Industrial Cyber Security
The Impact on the Control Systems Industry
• Breaches to industrial cyber security can range from
annoying to financially harmful and even approach
levels of national security
• For control systems, these exploitations can involve
safety issues with the potential loss of life or damage to
the environment
• Risks represent solid reasons to white list. Whitelist
application is designed to prevent unauthorized
applications from running
4
5. Industrial Cyber Security
The Impact on the Control Systems Industry
• With industrial cyber security, whitelisting solutions must
undergo same level of scrutiny that was used on anti-
virus solutions
• With industrial cyber security, the focus of Business IT is
different. The CIA’s (confidentiality, integrity and
availability) level of importance is reversed
• Whitelisting was designed and architected for the
enterprise environment, industrial control systems
industry has to overcome unique challenges
5
6. Industrial Cyber Security
The Impact on the Control Systems Industry
• List of challenges applies not only to whitelisting but to
most mechanisms deployed for industrial control
systems
• All industrial cyber security solutions must extensively
test new technologies on core control systems
6
7. Industrial Cyber Security
About the Author
Rick Kaun is global industrial IT solutions business
development lead at Honeywell Process Solutions, a
pioneer in automation control for more than 35 years. For
more information about Industrial Cyber Security
Solutions, please
visit https://www.honeywellprocess.com/en-
US/explore/services/industrial-it-
solutions/Pages/default.aspx today.
7