What are the security holes when working with OPC?
Making changes to DCOM configuration to accommodate OPC communication does not open any security holes or compromise security. Microsoft`s DCOM provides a highly secure and robust platform for applications to setup their communication. Classic OPC (before OPC UA) uses DCOM as its transportation platform. Therefore, an OPC application is, in essence, a DCOM application. OPC only requires the standard configuration that any other DCOM application requires. When properly configured, OPC applications do not open any new security vulnerabilities for DCOM. Having noted the above, many people disable security to get their DCOM (and OPC applications) working for the first time. This is a valid practice; however, Integrators MUST remember to restore the security back when they are done. Failure to do this will cause a security hole. In this case, it would be the Integrators themselves that are the cause of the security hole and not OPC technology in and of itself.
Related Questions
- What agencies under the Department of Homeland Security are working together to create the US-VISIT Program? What other Departments or agencies are working with DHS?
- Would private development on a working marine freight terminal compromise security?
- When working so quickly, how does a project manager ensure security?
