Lessons In Cyber Security

“We face real dangers from sophisticated, nimble and organized adversaries who will stop at nothing to achieve their objectives. The truth is that our networks and control systems are vulnerable, and they’re exposed, and we have to change that,” declared Bruce Landis, deputy assistant secretary for Cyber Security and Telecommunications for the U.S. Department of Homeland Security (DHS, www.dhs.gov). “We know that control systems run some of our nation’s most critical assets,” Landis added. “I can tell you the risks are substantial, and this directly affects each and every one of the more than 300 million Americans.”

Wes Iversen
Apr 10th, 2007
Aw 4557 0704news01

Landis’ comments came during an opening-day keynote address at the annual meeting of the Process Control Systems Forum (PCSF, www.pcsforum.org) March 6-8 in Atlanta. Landis may have been “preaching to the choir” at this gathering, comprised of control system security experts from government, academia and industry, including end-users, systems integrators and vendors. But at least, there is evidence that the “choir” is getting larger.

Previous meetings of the two-year-old organization have drawn 150 to 160 attendees, said Michael Torppey, PCSF technical manager. “But we’re happy to say that for this meeting, we had registered close to 200 people,” he noted. And a show of hands on opening day revealed a large number of first-time attendees.

Those who made the trip were treated to a range of reports and presentations on the latest tools, techniques and projects aimed at securing the nation’s process control systems. 

A number of PCSF sessions focused on security activities involving the energy sector. One presentation that drew high levels of interest, for example, came from Gary Finco, SCADA security researcher at the Idaho National Laboratory, Idaho Falls, Idaho. Finco described the development of common procurement language that electric power generators and others can use in requests for proposals, to ensure that security is integrated into control systems that they acquire. “A lot of end-users want to have secure systems, but they really don’t know what to ask for,” said Finco.

The procurement language project began in March 2006. A draft document Version 1.5 was completed last November and is on the Web site of the federal Multi-State Information Sharing and Analysis Center, at www.msisac.org/scada. “We’ve had almost 5,000 downloads of the document since November,” Finco said. The project team is currently taking comments from electric utility asset owners and vendors for suggested changes and revisions to the language, said Finco. The Lab is also working with vendors to develop procurement language that is appropriate to other industry segments, he added, because “one size doesn’t fit all. Oil and gas will be different from power, or from refineries, or from chemical.”

Push or pull?

Many sessions covered specific PCSF interest group topics. The “Anti-Virus (A/V) Software on Control Systems Interest Group” meeting produced a lively discussion, as vendors and end-user representatives alike debated the best way to deal with A/V software. The merits of “push” versus “pull” models on the control side got plenty of discussion. And some friction between end-user information technology (IT) and control system departments was evident. “We’d rather not run A/V in our control systems, but we have to. IT puts everybody in the same shoe box, and we haven’t had a lot of success with that,” complained a control systems engineer from one major chemical company.

A variety of new products aimed at control systems security were also discussed at the PCSF event. For example Nate Kube, chief technology officer at Wurldtech (www.wurldtech.com), a SCADA security firm based in Vancouver, British Columbia, Canada, and Dale Peterson, director of network security practice for Digital Bond
(www.digitalbond.com), Sunrise, Fla.-based network security consultants, discussed Wurldtech’s Achilles offering. The Achilles Vulnerability Assessment Platform is billed as the first automated, comprehensive testing product for systematically assessing network stack robustness and locating zero-day vulnerability in industrial control devices.

In another session Eric Byres, chief executive officer of industrial security consultants Byres Security (www.byressecurity.com), in Lantzville, British Columbia, Canada, discussed his company’s soon-to-be-released Tofino Industrial Security Solution. As part of what Byres calls a “defense-in-depth” approach to security, the Tofino “appliance” is designed to provide an additional layer of security within the control system environment against hackers or viruses that may penetrate a company’s perimeter firewall and other defenses.

The Tofino device can be thought of as a combination personal firewall and intrusion detection system for operator stations, programmable logic controllers (PLCs), digital control systems (DCS) and other devices, says literature for the product. “Plug a Tofino appliance onto the control network in front of a PLC, DCS or HMI (human-machine interface) station and it learns what type of device it needs to protect, looks up the device’s vulnerabilities in a central database and then tunes itself to protect that specific device.”

Io Link News Page
Absolute Encoders Feature IO-Link Interface
Smart absolute rotary encoder ready for Industry 4.0.
Sep 25th, 2020
Sbc6511 With Metalwork Hi Res Copy
New 6U SBC Incorporates Intel 9th Gen CPU, Aligns with SOSA Technical Standard
Abaco's 6U SBC features the Intel Xeon E six core CPU with 64GB DDR4 with ECC and up to 256 GB SSD and provides a dual 40 GbE data plane with RDMA, plus dual 10GbE ports on the control plane.
Sep 25th, 2020
Baumergroup
Effective Tool Change Designed With Inductive Miniature Sensors
In modern processing centers, inductive sensors are the components of choice for monitoring the motor spindle clamping process. Integrated into the spindle, they must be small and offer high repeatability to ensure smooth tool changing at all times.
Sep 17th, 2020
Nord Usa Maxxdrive Xt Industrial Gear Unit
Industrial Gear Drives
The two-stage MAXXDRIVE XT right-angle gear drives from Nord are designed for heavy-duty conveyor belt applications in the bulk material handling industry.
Sep 17th, 2020
Idec Fc6 A 12 V Dc Io Press Release Fc6 A C16
IDEC Adds 12V DC 16 I/O CPUs to MicroSmart FC6A PLC
With the addition three new 12V DC CPUs, the capable MicroSmart FC6A All-in-One PLC family now offers users more options for automating battery-backed systems, traffic controls, and mobile equipment.
Sep 17th, 2020
Quantum Press Release
Quantum Automation Supports Off-Grid Automation with QRTU and QSolarBattery
These Quantum Automation hardware platforms can be used individually or together to enable IIoT monitoring and automation almost anywhere.
Sep 17th, 2020
Layout Set Logo
Yaskawa and Phoenix Contact Announce Partnership
Yaskawa and Phoenix Contact announce an agreement to utilize PLCnext Technology from Phoenix Contact in the development of the next generation machine controller and PLC platform realizing the i3-Mechatronics solution concept lead by Yaskawa.
Sep 14th, 2020
Laser Direct Structuring (LDS)—The structure of the conductor path is applied using the LDS process. LDS enables electronic assemblies to be made in flexible geometric shapes. Smart phones, hearing aids, and smart watches are becoming smaller and more powerful thanks to this process.
Electronic Assemblies Without PCBs
Laser direct structuring (LDS) is a special success story. For almost 20 years, it has been possible to apply electronic conductor paths directly onto plastic parts during series production.
Sep 10th, 2020
Nova Tech Pcm5 Smaller
NovaTech Announces D/3 Version 16.2
New features make it easier to configure and maintain a cybersecure control system.
Sep 10th, 2020
Carlo Gavazzi Em50 Energy Analyzer
Analyzer Helps Monitor and Manage Energy Costs
Measures most relevant instantaneous electrical variables and energy consumption with high level of accuracy
Aug 29th, 2020
30440 082520 Nord Nordac Variable Frequency Drives Copy
Nord Drivesystems Offers Variable Frequency Drives from 0.33 to 215 HP
Full line of drive electronics provides exceptional flexibility with a wide range of customization options.
Aug 26th, 2020
Discover the Secrets of a Successful Automation Project
Sponsored
Discover the Secrets of a Successful Automation Project
Learn about planning and project management, building your machine or automated system, and technologies to improve manufacturing outcomes. Automation World’s free resource features 150 pages on managing automation projects from start to finish.
Jul 1st, 2020
Pnp Npn
Wago’s New Isolating Converter Reduces Need for Inventory, Space
Wago's PNP/NPN converter can be used to accommodate four signal types: PNP to NPN, NPN to PNP, PNP to PNP isolation and NPN to NPN isolation.
Aug 14th, 2020
Xtr Dc Converter
New DC/DC Converter Designed for Extreme Environments
The new 12 to 24 VDC DIN Rail mountable converter from Wago can be used in a wide range of temperatures from -40° C to +70°C suitable for extreme applications.
Aug 14th, 2020
750 564
Wago Adds New Module to 750 Series I/O System
Wago’s new 750-564 analog output module provides diagnostics that include wire break, short circuit, and field power supply information.
Aug 12th, 2020
Allied Full Color Logo 2018 Web
Allied Electronics and Schneider Electric Team Up to Help Engineers Build Better Industrial Control Panels
Allied Electronics & Automation and Schneider Electric are partnering to deploy a suite of digital resources, hosted on Allied’s Build a Better Control Cabinet digital hub, that can help customers design, build, and maintain industrial control panels.
Aug 11th, 2020
IDEM Non-Contact Guard Locking RFID Coded Safety Switches from AutomationDirect
Aug 10th, 2020
Vcs Pr Asset 532298 113239 203d3070 Ac3b 4aa2 B952 02516e57ad47 0
Line Scan Cameras
Omron Automation launches the compact GigE Vision line scan cameras featuring PoE and PTP technology.
Aug 7th, 2020
Screen Shot 2020 08 07 At 9 51 30 Am
New MapleSim Insight Product from Maplesoft Greatly Simplifies Machine-Level Controller Testing
New tool provides 3-D visualizations for simulation-based testing on common automation platforms.
Aug 6th, 2020
Visual Image2
Red Lion’s FlexEdge Intelligent Edge Automation Platform Integrates IT and OT
Advanced networking and powerful automation in one operating system.
Jul 30th, 2020
More in Control
Gsx Branson Update
Emerson’s New Laser Welder Enhances Manufacturing Capabilities
Branson GL-300 platform increases production capability and enables faster production start-up
Jul 30th, 2020
Durapulse Gs20 Ac Drives 5x7
Durapulse GS20 Series High Performance AC drives
The Durapulse GS20 Series from Automation Direct xpands the Durapulse family by adding single-phase input capability, a built-in programmable logic controller, and optional EtherNet/IP and ModbusTCP communication card.
Jul 30th, 2020
Alliance Linear Transducers 5x7
AutomationDirect adds Inductive Linear Position Transducers
Linear Variable Inductance Transducers from AutomationDirect are contactless devices designed for dimension or position measuring applications where the sensing element cannot be attached to the object being measured.
Jul 24th, 2020
Mixed Front Gedreht Fiepos Small Mit Stecker
300 and 500W @24V IP67 Power Supplies from Puls
Puls' IP67 power supplies has an input voltage of 320-550VAC, and offer 20% additional power continuously at ambient temperatures of 45°C or less, and 100% additional power for up to five seconds for high demand startup loads.
Jul 21st, 2020
HPS is renowned worldwide as a specialist for power engineering, especially for sensitive and critical applications such as emergency power supplies
Control Cabinet Engineering at HPS using Eplan Cogineer
Electrical planning: Automation saves time—also in batch size one
Jul 2nd, 2020
P2000 Analog Hsc Pwm Modules 5x7
Productivity2000 PLC Analog and Specialty I/O Modules
AutomationDirect's Productivity2000 programmable logic controller provides two independent single-ended 5-24 VDC inputs that accept up to 100kHz of pulse/direction and quadrature signals.
Jun 29th, 2020
Captron Capacitive Switches 5x7
AutomationDirect Adds Capacitive Pushbutton Sensor Switches and Indicators
Capacitive Pushbutton Sensor Switches and Indicators from AutomationDirect are easily installed via M8 connections, use touch control with no mechanical pressure required and offer visual touch feedback through LED signals.
Jun 17th, 2020
Beckhoff Ep7402 Ether Cat Box Compact Controller
Motor Controller Reduces Cabling Requirements and Equipment Footprint
Does not require a protective enclosure
Jun 15th, 2020
Cp2 E Image
All-in-One Controller
Omron releases the CP2E Series all-in-one controller for compact IoT applications. Unit features an extended temperature range that integrates I/O ports, communication, and motion control and increases reliability in a variety of applications.
May 22nd, 2020
Sp5000 X Family
Pro-face Expands the Outdoor Human-Machine Interface Family
The SP5000X Outdoor HMI series from Pro-face America offers a larger screen, making it easier to read from further distance which makes the HMI good for extreme and hazardous conditions, including outdoor applications.
May 21st, 2020
Seifert Thermoelectric Coolers 5x7
AutomationDirect adds Enclosure Thermoelectric Coolers
The Seifert SoliTherm Thermoelectric Coolers from AutomationDirect don't have any moving parts aside from axial fans and can effectively be used in a wide range of environments and both indoor and outdoor applications.
May 21st, 2020
Matrox Altiz
3D Profile Sensors
Matrox Imaging launches the Matrox AltiZ series of integrated high-fidelity 3D profile sensors featuring a dual-camera single-laser design.
May 20th, 2020