While there is no shortage of advice on how best to secure industrial control systems (ICS), the most common best practice advice often centers on recognizing that air gaps no longer exist between ICSs and the Internet and that IT practices involving firewalls and VPNs can be as effective on the plant floor as they are in the corporate office. Putting aside the general reticence many engineers harbor about the implementation of corporate IT solutions on the plant floor, there remains a persistent feeling in industry that the general IT approach to security is not adequate for a manufacturing environment.
At Boeing, the company decided years ago to take a different approach to securing its ICSs—one that would be more focused on the requirements of the plant floor. David Mattes was one of the key players involved in Boeing’s seven-year development of a unique ICS security approach, which he is now making available industry wide as a principal with Tempered Networks (formerly known as Asguard Networks).
Mattes, along with Jeff Hussey, Tempered Networks’ president and CEO, are actively promoting their approach to ICS and explaining why it serves industry better than traditional IT security methods. (See accompanying image comparing Tempered Networks’ assessment of its products versus traditional methods such as firewalls, VPNs and secure remote access.)
Hussey explains that the core ICS issues Tempered Networks addresses are that ICSs are vulnerable by their design—meaning that they were not created to protect themselves from cyber threats; have very long service lives in industry and are therefore not updated nearly as frequently as front office IT devices—meaning that they often have unpatched vulnerabilities; and are open to malicious insider and accidental breaches, as well as breaches by third parties.
To handle the specific needs of ICSs, Tempered Networks addresses authentication, network integrity, authorization, confidentiality, delegated administration, configuration management, and audit/forensics. This comprehensive approach to ICS security lies behind the company’s name, which is a tip of the hat to Johann Sebastian Bach’s Well-Tempered Clavier. As Bach’s collection under this name denotes that all 24 major and minor keys were used to deliver a work of equal (i.e., well-tempered) tuning, Tempered Networks is meant to denote an equally all-encompassing approach to ICS security.
Tempered Networks’ approach involves creating virtualized, private overlay networks that leverage current network infrastructures—meaning your existing communication networks need not be removed. Hussey says the company’s products leave no footprint on your shared network.
Though Tempered Networks approach is, in some ways, unique, it is built on best practice industry standards and conforms to Trusted Computing Group, the Internet Engineering Task Force, and the International Society of Automation standards.
The company’s product line includes: A scalable orchestration engine known as HIPswitch Conductor; a series of hardened physical and virtual appliances known as HIPswitches; and a management console called SimpleConnect. The HIPswitch Conductor coordinates configuration, security policies, trust relationships, monitoring and analytics between the SimpleConnect management console and distributed HIPswitches. HIPswitches are DIN rail-mountable, industrially hardened security devices with throughputs ranging from 5-120 Mbps. The SimpleConnect dashboard can be used to create secure private networks with explicit trust relationships, add HIPswitches to the network, define automation equipment behind HIPswitches, configure communication policies for HIPswitches and automation equipment, and delegate management of each private network to local administrators, as well as handle the monitoring of private networks, HIPswitches, and automation equipment.
“As an overlay network,” Mattes says, “we sit between a protected device and underlying network. HIPswitch works with a connected cell or device via Ethernet, serial or 4-20 mA connection and then provides a transparent bridge for that cell or device to securely connect to other devices on the network.”
A key aspect of Tempered Networks’ approach is that it reduces the attack surface of your ICS by segmenting the network to constrain connectivity. Hussey adds that this method allows users to add an unlimited number of devices and secure connectivity to existing network infrastructure, including trusted and untrusted networks, using wired, WiFi and cellular.
Over 15 companies currently use Tempered Networks products, including Boeing to isolate machine tools from enterprise network, and Yokogawa to enable remote customer support services.
Below is a video of David Mattes' presentation at The Automation Conference 2014 explaining Tempered Networks' approach to industrial control system security (the company, at the time, was operating as Asguard Networks).