OPC is increasingly being used to interconnect Human Machine Interface (HMI) workstations, data historians and other hosts on the control network with enterprise databases, Enterprise Resource Planning (ERP) systems and other business oriented software. Unfortunately, securely deploying OPC applications has proven to be a challenge for most engineers and technicians. While OPC is an open protocol with the specifications freely available, engineers must wade through a large amount of very detailed information to answer even the most basic OPC security questions. To address this need for security guidance on OPC deployment, a joint research team with staff from BCIT, Byres Research and Digital Bond were commissioned by Kraft Foods Inc. to investigate current practices for OPC security. The results of this study were then used to create three white papers that: To address this need for security guidance on OPC deployment, a joint research team with staff from BCIT, Byres Research and Digital Bond were commissioned by Kraft Foods Inc. to investigate current practices for OPC security. The results of this study were then used to create three white papers that:
The white paper is the second of the three. In it we detail the vulnerabilities typically found in OPC hosts, based on OPC’s current architecture (such as the use of DCOM) and the typical underlying operating system.