How to Mitigate Network Security Risks When Adding a Weather Station On-Site
Network security has become increasingly critical for some companies and organizations. Security breaches at private, public, and military organizations have been in the news prompting efforts to secure networks. Some organizations may be reluctant or unable to add a weather station to their networks for monitoring weather data on-site.
As one example, Columbia Weather Systems recently received this query from a customer performing due diligence:
I am doing some research for CIPv5 on the Orion LX Weather Station (with Weather MicroServer). Are there any ‘system hardening’ techniques that the device has that would prevent any malicious code from being loaded into these systems? Just to clarify we are looking at the CIP standards: CIP007-5 3.1 Deploy method(s) to deter, detect, or prevent malicious code 3.2 Mitigate the threat of detected malicious code.
Depending on the level of security required, Columbia Weather offers several solutions:
1. The Weather MicroServer: By far our most popular solution for providing weather data to every user on a network. It offers industrial automation and internet interfaces with FTP capabilities, as well as data logging capabilities. No additional wiring – one Ethernet cable connects the MicroServer to the existing Local Area Network. The ports and interfaces on the MicroServer are hardened to greatly minimize any risk of security breach. Our MicroServer Network Security documentation outlines all the available ports and interfaces and the level of access and protection available.
2. 4-20 mA Signal Interface: For closed networks in industrial environments that will not accept any unvetted network device, the 4-20mA signal interface may be ideal. This monitoring option is available with most of our weather station models -- the Orion 420 PLC Weather Station being the most popular. These stations have an analog current interface directly to the SCADA system with zero network security risk.
3. Serial communication systems isolated from the network:Â This can be accomplished with a computer running Weather Master Software and/or the touchscreen Weather Display console. These can be set up and operated independently posing no network security risk. The weather data is available on the computer(s) and/or display console connected to the weather station using serial communication cable.
4. Cellular modem communication: With this option the weather data is available from the Weather MicroServer over a public IP address independent of your network. The most expensive option, it allows access to the weather station from any computer or device with cellular communication that is completely isolated from the Local Area Network posing no risk to network security.
Columbia Weather Systems offers weather monitoring solutions for all ranges of security requirements from government and military to public safety and industry.