Lessons In Cyber Security

“We face real dangers from sophisticated, nimble and organized adversaries who will stop at nothing to achieve their objectives. The truth is that our networks and control systems are vulnerable, and they’re exposed, and we have to change that,” declared Bruce Landis, deputy assistant secretary for Cyber Security and Telecommunications for the U.S. Department of Homeland Security (DHS, www.dhs.gov). “We know that control systems run some of our nation’s most critical assets,” Landis added. “I can tell you the risks are substantial, and this directly affects each and every one of the more than 300 million Americans.”

Wes Iversen
Apr 10th, 2007
Aw 4557 0704news01

Landis’ comments came during an opening-day keynote address at the annual meeting of the Process Control Systems Forum (PCSF, www.pcsforum.org) March 6-8 in Atlanta. Landis may have been “preaching to the choir” at this gathering, comprised of control system security experts from government, academia and industry, including end-users, systems integrators and vendors. But at least, there is evidence that the “choir” is getting larger.

Previous meetings of the two-year-old organization have drawn 150 to 160 attendees, said Michael Torppey, PCSF technical manager. “But we’re happy to say that for this meeting, we had registered close to 200 people,” he noted. And a show of hands on opening day revealed a large number of first-time attendees.

Those who made the trip were treated to a range of reports and presentations on the latest tools, techniques and projects aimed at securing the nation’s process control systems. 

A number of PCSF sessions focused on security activities involving the energy sector. One presentation that drew high levels of interest, for example, came from Gary Finco, SCADA security researcher at the Idaho National Laboratory, Idaho Falls, Idaho. Finco described the development of common procurement language that electric power generators and others can use in requests for proposals, to ensure that security is integrated into control systems that they acquire. “A lot of end-users want to have secure systems, but they really don’t know what to ask for,” said Finco.

The procurement language project began in March 2006. A draft document Version 1.5 was completed last November and is on the Web site of the federal Multi-State Information Sharing and Analysis Center, at www.msisac.org/scada. “We’ve had almost 5,000 downloads of the document since November,” Finco said. The project team is currently taking comments from electric utility asset owners and vendors for suggested changes and revisions to the language, said Finco. The Lab is also working with vendors to develop procurement language that is appropriate to other industry segments, he added, because “one size doesn’t fit all. Oil and gas will be different from power, or from refineries, or from chemical.”

Push or pull?

Many sessions covered specific PCSF interest group topics. The “Anti-Virus (A/V) Software on Control Systems Interest Group” meeting produced a lively discussion, as vendors and end-user representatives alike debated the best way to deal with A/V software. The merits of “push” versus “pull” models on the control side got plenty of discussion. And some friction between end-user information technology (IT) and control system departments was evident. “We’d rather not run A/V in our control systems, but we have to. IT puts everybody in the same shoe box, and we haven’t had a lot of success with that,” complained a control systems engineer from one major chemical company.

A variety of new products aimed at control systems security were also discussed at the PCSF event. For example Nate Kube, chief technology officer at Wurldtech (www.wurldtech.com), a SCADA security firm based in Vancouver, British Columbia, Canada, and Dale Peterson, director of network security practice for Digital Bond
(www.digitalbond.com), Sunrise, Fla.-based network security consultants, discussed Wurldtech’s Achilles offering. The Achilles Vulnerability Assessment Platform is billed as the first automated, comprehensive testing product for systematically assessing network stack robustness and locating zero-day vulnerability in industrial control devices.

In another session Eric Byres, chief executive officer of industrial security consultants Byres Security (www.byressecurity.com), in Lantzville, British Columbia, Canada, discussed his company’s soon-to-be-released Tofino Industrial Security Solution. As part of what Byres calls a “defense-in-depth” approach to security, the Tofino “appliance” is designed to provide an additional layer of security within the control system environment against hackers or viruses that may penetrate a company’s perimeter firewall and other defenses.

The Tofino device can be thought of as a combination personal firewall and intrusion detection system for operator stations, programmable logic controllers (PLCs), digital control systems (DCS) and other devices, says literature for the product. “Plug a Tofino appliance onto the control network in front of a PLC, DCS or HMI (human-machine interface) station and it learns what type of device it needs to protect, looks up the device’s vulnerabilities in a central database and then tunes itself to protect that specific device.”

1 Galil Motion Control Multi Axis Motion Controller
Multi-Axis Motion Controller
Galil Motion Control's new DMC-21x5 controller introduces a state-of-the-art ARM-based processor that improves its communication, command processing, and memory capabilities while staying at the same series price as its series predecessor, DMC-21x3.
Feb 3rd, 2021
2 Velo3 D 3 D Metal Printer
3D Metal Printer
Velo3D's new Sapphire XC printer features higher productivity, larger build volume, compatibility with different alloys, and reduces cost-per-part.
Jan 20th, 2021
1 Moog Modular Electrohydrostatic Actuation System
Modular Electrohydrostatic Actuation System
Moog's new product features lower oil requirement, a decentralized system, low mass inertia, and much more.
Jan 19th, 2021
Bosch Rexroth Ctrl X Drive 38644
Compact, Scalable Drive System
Bosch Rexroth’s ctrlX DRIVE is said to be the most compact, scalable, and consistent modular drive system available. It has space-saving dimensions of up to 50% and can provide tailored solutions with peak currents of 6 A to 375 A.
Jan 11th, 2021
Burkert8746
Mass Flow Controller for Gas
Burkert's Type 8742/46 mass flow controllers/meters can handle low- to mid- to high-flow gas applications.
Dec 8th, 2020
Check out The Cobot Spot from Universal Robots
Sponsored
Check out The Cobot Spot from Universal Robots
Looking for automation solutions for packaging and palletizing? This is your destination for all things cobot. Whether it’s webinars, video case studies or product information, you’ll find it all in this one spot.
Aug 31st, 2020
Inductive Automation Ignition8
Industrial Application Platform Update
Find out about the latest application platform tools included with Ignition 8.1.
Dec 1st, 2020
N8 Xe Li Lf 1920 5fb83c7f1c674
High Pressure Processing Helps Emerging Brands
Join Jeff Williams of Universal Pure, and ProFood World’s Joyce Fassl as they discuss high pressure processing and the shelf-life benefits it brings to brands seeking broader distribution and the importance of Cold Pressure Council certification.
Nov 20th, 2020
Beckhoff Al8000 Linear Motors1
Linear Motors
The AL8000 linear motor series from Beckhoff is based on a modular system design consisting of linear motors and magnetic plates and offers wide-ranging options in length, winding, and cooling type.
Nov 2nd, 2020
Spc 800
SPC-800 Series of Button-integrated HMI with IP66-Rated Protection for Process Visualization
Advantech has to announced its new SPC-800 series of arm-mounted human-machine interfaces with full IP66-rated protection that provides a cabinet-free solution for operation in industrial environments.
Oct 28th, 2020
Converter Cables
Converter Cables Create Possibilities for Mobile Equipment Makers
New Balluff cables connect M12 to Deutsch DT and AMP Superseal connectors.
Oct 28th, 2020
Check out The Cobot Spot from Universal Robots
Sponsored
Check out The Cobot Spot from Universal Robots
Looking for automation solutions for packaging and palletizing? This is your destination for all things cobot. Whether it’s webinars, video case studies or product information, you’ll find it all in this one spot.
Aug 31st, 2020
Pr Rsbs No Text
Single-Phase Compressor Soft Starters
These single-phase compressor soft starters from Carlo Gavazzi are said to reduce start current by more than 50%.
Oct 22nd, 2020
Merz Disconnects 5x7
Merz UL 508 Non-Fusible Disconnect Switches
AutomationDirect has added enclosed versions and non-enclosed DIN rail and panel/door mount versions of Merz disconnect / motor control switches.
Oct 20th, 2020
P1ekk01623va91vdovrnoostqq7 001
SICK to Host Virtual Press Conference at PACK EXPO Connects
See what’s new with SICK at its first ever virtual press conference for PACK EXPO Connects. There will be four live demos of its intelligent sensor solutions that are helping to improve the packaging process.
Oct 16th, 2020
Launch Image
3D Profile Sensors
See it at PACK EXPO Connects! Matrox Imaging will showcase the Matrox AltiZ series of integrated high-fidelity 3D profile sensors featuring a dual-camera single-laser design.
Oct 14th, 2020
Gladiator Circuit Breakers 5x7
Gladiator Series Circuit Breakers and Supplementary Protectors
Circuit breakers from Automation Direct offer optimum and efficient protection for branch and control circuits up to 63 amps.
Oct 9th, 2020
AT-PP
Icotek Releases New IMAS-Connect Adapter Grommets
Icotek is expanding its range of adapter grommets for its IMAS-Connect adapter system to include the AT-PP and the AT-K-M.
Oct 7th, 2020
Idec Hg1 P 07 Hg1 P 片手持ち
IDEC Introduces HG1P Handheld Human-Machine Interface
Easy to hold due to its small form factor and light weight—and includes a touchscreen, function keys, and switches—making it a good fit for machine tending and robotics applications.
Oct 6th, 2020
Prosense Loop Panel Meters 5x7
Field and Panel Mount Loop-Powered 4 to 20mA Process Displays
ProSense LPM1 loop panel meters from Automation Direct is powered from the mA loop and requires no external power supply and features three front-panel operating keys.
Oct 6th, 2020
More in Control
7508210
Wago Extends Family of PFC200 Gen 2 Controllers
PFC200 Generation 2 controllers from Wago supports MQTT protocol and can easily be configured to connect to cloud services.
Oct 1st, 2020
Io Link News Page
Absolute Encoders Feature IO-Link Interface
Smart absolute rotary encoder ready for Industry 4.0.
Sep 25th, 2020
Sbc6511 With Metalwork Hi Res Copy
New 6U SBC Incorporates Intel 9th Gen CPU, Aligns with SOSA Technical Standard
Abaco's 6U SBC features the Intel Xeon E six core CPU with 64GB DDR4 with ECC and up to 256 GB SSD and provides a dual 40 GbE data plane with RDMA, plus dual 10GbE ports on the control plane.
Sep 25th, 2020
Baumergroup
Effective Tool Change Designed With Inductive Miniature Sensors
In modern processing centers, inductive sensors are the components of choice for monitoring the motor spindle clamping process. Integrated into the spindle, they must be small and offer high repeatability to ensure smooth tool changing at all times.
Sep 17th, 2020
Nord Usa Maxxdrive Xt Industrial Gear Unit
Industrial Gear Drives
The two-stage MAXXDRIVE XT right-angle gear drives from Nord are designed for heavy-duty conveyor belt applications in the bulk material handling industry.
Sep 17th, 2020
Idec Fc6 A 12 V Dc Io Press Release Fc6 A C16
IDEC Adds 12V DC 16 I/O CPUs to MicroSmart FC6A PLC
With the addition three new 12V DC CPUs, the capable MicroSmart FC6A All-in-One PLC family now offers users more options for automating battery-backed systems, traffic controls, and mobile equipment.
Sep 17th, 2020
Quantum Press Release
Quantum Automation Supports Off-Grid Automation with QRTU and QSolarBattery
These Quantum Automation hardware platforms can be used individually or together to enable IIoT monitoring and automation almost anywhere.
Sep 17th, 2020
Layout Set Logo
Yaskawa and Phoenix Contact Announce Partnership
Yaskawa and Phoenix Contact announce an agreement to utilize PLCnext Technology from Phoenix Contact in the development of the next generation machine controller and PLC platform realizing the i3-Mechatronics solution concept lead by Yaskawa.
Sep 14th, 2020
Laser Direct Structuring (LDS)—The structure of the conductor path is applied using the LDS process. LDS enables electronic assemblies to be made in flexible geometric shapes. Smart phones, hearing aids, and smart watches are becoming smaller and more powerful thanks to this process.
Electronic Assemblies Without PCBs
Laser direct structuring (LDS) is a special success story. For almost 20 years, it has been possible to apply electronic conductor paths directly onto plastic parts during series production.
Sep 10th, 2020
Nova Tech Pcm5 Smaller
NovaTech Announces D/3 Version 16.2
New features make it easier to configure and maintain a cybersecure control system.
Sep 10th, 2020
Carlo Gavazzi Em50 Energy Analyzer
Analyzer Helps Monitor and Manage Energy Costs
Measures most relevant instantaneous electrical variables and energy consumption with high level of accuracy
Aug 29th, 2020
30440 082520 Nord Nordac Variable Frequency Drives Copy
Nord Drivesystems Offers Variable Frequency Drives from 0.33 to 215 HP
Full line of drive electronics provides exceptional flexibility with a wide range of customization options.
Aug 26th, 2020