Cybersecure by design

Valmet DNAe Distributed Control System

cybersecurity.jpg

From the beginning, Valmet has developed hardware and software in-house, paving the way for a highly reliable, efficient, and cybersecure Valmet DNAe Distributed Control System. It is inherently cybersecure by design, implementing layered defense-in-depth strategies to protect critical industrial assets from cyber threats.

Built-in certified cybersecurity

Externally certified per the requirements of ISO 27001 and IEC 62443

Defense-in-depth security fortress

Verified architecture and Trusted Information Framework (TIF)

Extensive cybersecurity services

Lifetime support, patching, consultancy, and system recovery services

Secure Product Development Methodologies

Valmet DNAe has been built by using secure product development methodologies based on IEC 62443-4-1 standards. The development process has been validated with Security Development Lifecycle Assurance (SDLA) certification, ensuring that security considerations are integrated into every stage of the system lifecycle.

Secure system architecture

Valmet DNAe has been built upon an IEC 62443-compliant reference network architecture with firewall segmentation and DMZ security zones. System structures are developed and tested to ensure that critical assets are protected from external threats. System structures follow IEC 62443-3-3 standards which define system security requirements and security levels. Formal certification for the system structures is in progress.

User Management and Access Control

Valmet DNAe system enables centralized user management through Active Directory (AD), allowing role-based access control and authentication. Integration with IT security infrastructure ensures seamless coordination between OT and IT security domains.

Real-time intrusion Detection and Prevention

Valmet DNAe enables intrusion detection and prevention mechanisms to monitor network traffic and detect potential security breaches in real time. Centralized log management enables comprehensive analysis of security events, facilitating timely response and mitigation measures.

Endpoint Protection

Valmet DNAe incorporates endpoint protection measures such as hardening, antivirus software, and whitelisting to defend against malware and other malicious threats. With endpoint security, the risks of unauthorized access and system compromization can be mitigated.

Secure connectivity on all levels

Valmet DNAe ensures secure connectivity across all levels, from field devices to enterprise systems and to cloud resources. Encryption protocols, access controls, and VPN tunneling are being implemented for encrypted communication, safeguarding data flows and preventing unauthorized access. Secure remote access solutions allows authorized personnel to operate and provide maintaince to the mill from anywhere while ensuring confidentiality and integrity of communication.