Kaspersky Industrial CyberSecurity for Networks uses the learning mode to discover and remember important infrastructure details from network traffic. In this mode the program passively listens the network activity in the industrial network and stores information about learned network assets, their attributes and network communications.

In order Kaspersky Industrial CyberSecurity for Networks to obtain the most precise and complete information about process control system components, their attributes and typical network communications, we recommend performing a variety of maintenance, service and day-to-day operations on the control system. These can be various operations which are considered acceptable. The main requirement is that they should be safe and not interrupt or impact by other means normal technological process flow.

These operations may include but are not limited to:

• General process control network device interrogations
• Operation initiation between SCADA, Process Historian, HMI and PLC
• Connecting to PLCs and IEDs with use of appropriate engineering software via Ethernet
• Uploading and downloading PLC programs
• Requesting information about PLC configurations and firmware versions
• Rebooting SCADA Servers, Process Historian, Operator and Engineer workstations
• Restarting PLCs and/or IEDs

For detailed service operation instructions please refer to your process control system software and hardware documentation.

Knowledge Base : 

• KB#15520

Views: 6