Home » Security Analysis Tool Is Possible IT First
Security Analysis Tool Is Possible IT First
By Andrew Bond, Industrial Automation Insider
MTL and Byres Security have now officially released the Loadable Security Module (LSM) for their Tofino Industrial Security Solution that was showcased at ABB Automation World back in April. The new Secure Asset Management module discovers and identifies what devices are on a network and then creates the firewall rules to control the traffic flowing to them. Unlike previous IT asset management tools which send probing messages on to the network to discover what is deployed, the LSM poses no threat to the industrial process being controlled since it locates the devices and generates the firewall rules simply by analyzing network traffic.
Such a passive approach is essential in industrial applications because many major energy and manufacturing companies have banned the use of IT-style asset tools, leaving control engineers without any means of determining what is connected to a network at any given moment. Their intransigence follows a number of well-documented incidents in which discovery messages have caused SCADA and process control systems to crash. In one case reported by Sandia National Laboratories, a “ping sweep” of a network in an integrated circuit fabrication plant caused a system to hang and led to the destruction of $50k worth of wafers.
Tofino’s new module never probes the control devices, but listens for traffic and then uses special characterization techniques to determine the types of devices on the network. When it discovers a new device, it prompts the system administrator to either accept its deductions and insert the new device into the network inventory diagram or flag the device as a potential intruder. As a result, an up-to-the-minute network map is always available to the control engineer. “Passive scanning techniques have been discussed in academic literature or released in open source projects before but, as far as we are aware, this may be the first successful commercial application of the technology in the world,” claimed Byres Security CTO Eric Byres.
Once the module has discovered everything on the network, it guides the user through the previously daunting task of creating appropriate firewall rules to allow or block messages, based on its knowledge of the network traffic. Technical complexities such as IP addressing and TCP/UDP port numbers are managed behind the scenes, making firewall configuration practicable for the controls professional.
Among the security professionals who have seen the pre-release version of the Secure Asset Management module is leading firewall expert Charles Payne of Adventium Labs, who has headed up a number of U.S. Navy security projects. “Tofino’s novel context-sensitive approach ensures appropriate security policies for each protected device,” he noted. “The new automatic asset discovery and automatic rule generation will ensure that nothing is missed. These capabilities are critical for creating informed security policy in the industrial world.”
SANS Control Security Training Coming to Houston
SANS Institute will hold ICS Security Training event on June 10-15 in Houston
Compressor Controls: Saudi Aramco Buys First GE Compressor Control Systems
Saudi Aramco has purchased advanced compressor control technology from GE for the Haradh GOSP-1 facility in Saudi Arabia's Eastern Province.
ISA Training Through June in Houston
Technician training, engineering survival and SIS boot camps for condensed, intense, comprehensive educational experience.
NIST Releases Initial Cyber Security Framework Comment Analysis
The National Institute for Standards and Technology has released an initial analysis of the hundreds of comments by industry and the public they have received on the Obama Administration's "Improving Critical Infrastructure Cyber Security" executive order.
Past Time to Upgrade Your DCS?
Upgrading Your DCS: Why You May Need to Do It Sooner Than You Think
Metso Provides New Heating Solution for Finnish Utility
Finland's largest pellet-fired heating plant produces environmentally friendly energy in Tampere
K-BIM Consortium Selects Siemens' Parasolid for New AEC Applications
-BIM, a consortium of commercial, academic and government organizations wants the new application suite to help create a national standard for building information management (BIM)
Friday p.m. Wrap-Up:This Week on ControlGlobal and Elsewhere
Some of the week's biggest stories in process automation
What's Bad Weather Costing Us?
U.S. taxpayers paid nearly $100 billion responding to damages caused by last year’s extreme weather events associated with climate change, about $1,100 per taxpayer, according to an analysis by the Natural Resources Defense Council (NRDC).
BP, Shell, Statoil Raided by EC
European Commission investigators raided the offices of oil companies BP, Royal Dutch Shell and Statoil as well as data collector Platts as part of a larger inquiry into price manipulation of the global crude market.
- All news »
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers