We have a need to send out simple text messages (alarms) from an HMI PC based system's RS232 serial port to a GMS device. When the message is sent out the operator can respond back with a code that is embedded in the message to acknowledge that the alarm was received. The communication is two way (otherwise a data diode would work for security).
First if the system were to fail it would not end up as a security issue. 2nd if someone intercepted the message and changed the data it would also not be a security issue, the loss of the information isn't going to be a security issue either. I'm not worried about an inside the fence security attack, much easier ways to cause damage once inside the fence.
The software isn't being used to telnet or SSH into the PC, it is only doing messaging and only that software has control over the serial RS232 port. If an attacker flooded the system until the buffers overran or became full and the entire PC locked up that would be an issue, if only the application locked up it would not be an issue.
I'm sure I'm missing something but what additional security measures need to be in place. I suppose the domain controllers could limit the serial RS232 port for just the program that sends the messages.
First if the system were to fail it would not end up as a security issue. 2nd if someone intercepted the message and changed the data it would also not be a security issue, the loss of the information isn't going to be a security issue either. I'm not worried about an inside the fence security attack, much easier ways to cause damage once inside the fence.
The software isn't being used to telnet or SSH into the PC, it is only doing messaging and only that software has control over the serial RS232 port. If an attacker flooded the system until the buffers overran or became full and the entire PC locked up that would be an issue, if only the application locked up it would not be an issue.
I'm sure I'm missing something but what additional security measures need to be in place. I suppose the domain controllers could limit the serial RS232 port for just the program that sends the messages.