Isolation of Shared Networks
When everything is on the same network and connected to the internet a security breach is possible. One way to mitigate risk of cyberattacks is to separate internal networks from one another. A medium sized municipality chose to implement this upgrade, separating networks between multiple business and utility processes. In addition to the primary risk, aging technology was also an issue. There were more advantages compared to disadvantages incurred by maintaining or repairing the original system. So, the secondary objective of the project was upgrading aging network equipment to assure reliability. Huffman Engineering, Inc. was trusted with the task of isolating each network while upgrading the system.
Huffman Engineering developed a plan consisting of an implementation process containing four separate phases to minimize downtime. A focused, time oriented approach between the customer and Huffman Engineering, Inc. was crucial in order to coordinate and achieve this goal. Customer constraints allowed for four separate eight-hour days to complete the process. Efficiencies in the execution of the plan reduced the actual downtime to approximately half the time budgeted.
The Huffman Engineering team brought expertise to the project with their understanding of a wide variety of existing equipment, communication protocols, information technologies and operation technologies (IT and OT), network infrastructure, and software applications. Existing equipment included: Allen Bradley SLC 500 and ControlLogix PLCs, Schneider Electric Quantum PLCs, various radios, and security cameras. Wonderware HMI and Historian software, and Rockwell software familiarity contributed to the success of the project. Restructuring the network across multiple buildings required an understanding of copper and fiber media. Within the scope of the project Cisco Ethernet switches replaced antiquated 3-Com switches. Expertise with configuring both Cisco and 3-Com switches was required to complete this portion of the project.
Upgrade and separation of the network for this municipality increased the reliability and security of the system. The risks of a breach and the consequences could have led to major public safety concerns. Huffman Engineering, Inc. was able to provide expertise in understanding the existing system, while efficiently upgrading, isolating each network, and minimizing downtime during the project.