Home
Videos & Tutorials
Cybersecurity Beyond the Norm
WinCC OA Security Guideline
The Security Guideline ensures WinCC OA clients stay safe. Think of it as your personal GPS for using WinCC OA securely in a productive environment. Watch this episode to learn more!

Videos & Tutorials
- Things to know about WinCC OA
- Cybersecurity Beyond the Norm
  - Introduction
    Welcome to our SIMATIC WinCC OA Security series. In this series, we focus on the importance of security in SCADA systems, especially in light of the EU Cyber Resilience Act.
  - WinCC OA Security Guideline
    The Security Guideline ensures WinCC OA clients stay safe. Think of it as your personal GPS for using WinCC OA securely in a productive environment. Watch this episode to learn more!
  - Security Certification
    WinCC OA meets all required security standards for IEC 62443 certification. Regular external audits every three years reinforce this commitment. Discover how you will benefit from this proactive approach to security!
  - Security by Default
    WinCC OA comes with its built-in expert knowledge and Secure by Default configuration. This is a development principle ensuring that security measures are enabled right from the installation. This episode will provide guidance on working with this ready-to-use security template.
  - Certificates
    Certificates serve as proof of identity and protect data communication in your WinCC OA project. Learn more about the ways to obtain certificates in the WinCC OA universe and why customization of default certificates is advisable.
  - Password Policy
    WinCC OA offers two password policies. Learn about the differences between the WinCC OA Policy and the Active Directory Policy and some more benefits like MFA and SSO.
  - Safety
    Safety is an essential aspect of industrial automation systems. Key points include IEC 61508 certification, emphasizing risk assessment and Safety Integrity Levels (SILs). Understand the concept of a safety related system and safety-certified components like WinCC OA and the benefits of our WinCC OA Safety Manual.
  - Server Side Authentication
    Authentication ensures that only authorized individuals, services, and applications can access company resources. In WinCC OA, we have adopted Server Side Authentication (SSA) as the default authentication method since version 3.17. Discover the top three advantages of SSA by tuning in to this episode.
  - Defense in Depth
    A single protection measure is not sufficient to defend against today’s dynamic and evolving threats. That’s why we have adopted a Defense in Depth strategy which leverages multiple security layers to safeguard your WinCC OA projects. Think of it as a series of concentric circles, each reinforcing the other. This video will give you a concise overview of this approach.
  - Security Workshop
    Certified engineers seeking to master WinCC OA security methods can deepen their technical expertise on security topics by participating in our WinCC OA Security Workshop. Explore this video to uncover the details.

WinCC OA Security Guideline

The Security Guideline ensures WinCC OA clients stay safe. Think of it as your personal GPS for using WinCC OA securely in a productive environment. Watch this episode to learn more!

Video Information

Length: 2:44
Language: English

Transcript

Welcome to another episode of our security series. Today we are talking about our WinCC OA Security Guideline and the benefits it brings to you as WinCC OA users.

Think of the WinCC OA Security Guideline as your personal GPS for using WinCC OA securely in a productive environment. It provides guidance and information for developing a site-specific security concept tailored to the unique needs of a WinCC OA system, including critical areas like server rooms and networks.

But remember, it does not and cannot cover every technical or legislative requirement that a security architect needs to consider for a real plant. That’s where the security architect steps in. They check all the requirements, evaluate threats, and select the right measures to protect the plant. The Security Guideline is like a toolbox for the security architect. It’s filled with solutions and methods to help them in their job.

For instance, it talks about implementing multiple layers of protection, a method also known as Defense in Depth which we will explore in a future episode.
Or let’s take the solution for connecting different network layers or zones in a more secure way by using a middle layer, which we call a De-Militarized zone.
Another measure discussed is system hardening. A technique used to disable all unused interfaces that can provide unnecessary access points for attackers.

Sounds like a lot of work, right?

But trust me, this effort and the costs are nothing compared to dealing with an on-site security problem caused by insufficient security measures. The goal is to make your system so secure that it’s simply too costly for an attacker to attack, forcing him to move on to another target.

So, in a nutshell, the Security Guideline plays an important role in protecting our WinCC OA clients from multiple threats in the digitalized world. The key is to customize the framework to your specific needs.