Security Simulator

Oct. 3, 2011
By highlighting PLC and SCADA vulnerabilities, the Tofino SCADA Security Simulator is designed to help industrial companies develop security strategies for their control systems.
Now that security issues have moved front and center in the industrial control discussion thanks to Stuxnet, industry operations of all sizes and types are starting to develop security strategies. 
To help address this issue of control system security strategy development, Byres Security Inc., a subsidiary of Belden Inc., has released the Tofino SCADA Security Simulator (TSSS). TSSS, which is part of the Tofino Industrial Security Solution, is basically a control system in a box, designed to demonstrate the vulnerability of SCADA and PLC components to security failures and allow for the testing of solutions to address the gaps. Beyond testing of solutions for training purposes, the software also demonstrates how to secure specific processes using the Tofino Security Appliance. 
Available simulations in TSSS include gas pipelines, power facilities, chemical plants and water utilities. 
According to Byres Security, a typical TSSS demonstration starts by showing how SCADA and industrial control systems operate. Next, SCADA-specific malware attacks the control system and destroys the process. Finally, the system is secured using applications such as the Tofino Industrial Security Solution. 
The core benefit of TSSS is the demonstration, rather than simple presentation, of security system protection. "You can only be so effective when trying to explain cyber security to someone using a deck of PowerPoint slides,” Joel Langill, CSO of SCADAhacker.com. “When you shift the discussion to an actual demonstration showing both an attack and a successful mitigation to an attack, people actually understand it."
Langill, a security consultant, says he uses TSSS not only for simple demonstrations of cyber security controls, but also to implement various security strategies offline. Using these offline strategies, he then develops corresponding Tofino Security Appliance configuration schemes that can be applied to online production systems such as SCADA/HMI applications as well as PLCs, RTUs and application servers.
About the Author

David Greenfield, editor in chief | Editor in Chief

David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher. 

Sponsored Recommendations

Why should American-Made Products be a top priority?

Within this white paper, Shalabh “Shalli” Kumar, founder of AVG Advanced Technologies, stresses the importance of prioritizing American-made products to safeguard the country'...

How to Improve Production Accountability in Manufacturing

David Greenfield, Automation World's Editor-in-Chief, and Shalli Kumar, founder of EZAutomation, discuss the idea of production monitors: a preprogrammed PLC/LED display that ...

HALT/HASS: The Ultimate Test for Reliability

Discover how companies like EZAutomation push the limits of reliability with HALT/HASS testing, originally designed to mimic the extreme conditions of space shuttle launches. ...

Your Next Production Monitor Is Only a Few Clicks Away

Shop for your very own EZ Production Monitor. It's designed for non-technical staff, so there's no programming required! It combines pre-coded firmware, real-time data, and WiFi...