Home » Firewall Introduced for OPC Classic by Byers
Firewall Introduced for OPC Classic by Byers
By Industrial Automation Insider
OPC Classic is widely used in control systems as an interoperability solution, interfacing control applications from multiple vendors, and this has made it very difficult to secure. The new Tofino OPC Enforcer Loadable Software Module (LSM) has been developed by Byres Security and is now available from MTL Instruments. This extension to the MTL Tofino product line of industrial network security products is claimed to be the first ever industrial firewall for managing OPC traffic. It covers OPC Classic systems; i.e.. all OPC variations except OPC-UA (unified architecture).
The Tofino OPC Enforcer inspects, tracks and secures every connection made by an OPC application, opening only the exact TCP port required for a connection between an OPC client and server. The result is improved network reliability, availability and security for the process control and SCADA industries.
The Enforcer is implemented without any control system changes. The Tofino hardware is simply installed into the live network and configured using a drag-and-drop editor to select permitted clients and servers. Once installed, network security is assured, with all OPC traffic managed behind the scenes.
While a lot of the headlines around cyber security focus on hacker attacks, in fact many incidents result from internal network incidents. "Past plant shutdowns, for example, haven't been caused by hackers. Instead they were the result of badly configured software causing traffic storms that impacted critical controllers and other systems," said Eric Byres, security expert and chief technical officer at Byres Security. "The Tofino OPC Enforcer LSM does much more than block hackers and viruses from accessing the safety system. Its dynamic port management and built-in traffic-rate controls prevent many basic network problems from spreading throughout a plant."
Tricon launch earlier in 2010
Earlier this year, to enable greater interoperability of its Triconex safety systems, Invensys pioneered embedding OPC servers within its Tricon communications module (TCM). To ensure that these modules were cyber secure, Invensys also teamed with Byres Security, which had recently introduced the content inspection firewall for the Modbus TCP protocol, to create a firewall specifically for Triconex systems. The two companies then enlisted the services of MTL Instruments to build the security hardware. The result was the Triconex OPC Tofino firewall, which was introduced for Invensys customers using the Triconex TCM with the embedded OPC solution, in May 2010.
Situation with OPC-UA
Thomas J Burke, president, OPC Foundation commented on the OPC-UA development: "The next generation of the OPC Foundation interoperability specifications, the OPC Unified Architecture, incorporates similar cyber security protection, based on the excellent work of founding companies like Byres Security, MTL Instruments and Invensys. As the use of OPC Unified Architecture expands, we look forward to collaborating with these market leaders to develop additional innovative, readily deployable solutions for the benefit of the entire OPC user community."
To provide further background on the problems in achieving OPC security, Eric Byres has co-authored a paper with Thomas J. Burke, the President of the OPC Foundation, entitled "Securing Your OPC Classic Control System."
West Texas Investigation Hampered by Inter-Agency Cat Fight
ATF and CSB in dispute about access to plant, witnesses, evidence.
ProComSol Distributes PowerXpress HART Power Solution
ProComSol Announces It Now Distributes PowerXpress HART Calibration Power Solution
Fieldbus Foundation Launches Project Gemstone
New initiative is designed to make the fieldbus experience easier, more application-centered.
Pressure Sensors Monitor Remote Field Safety Trailers
AST Pressure sensors are used to monitor Nomadic safety trailers in the field in remote oil field locations.
Great Moments in Process Automation History
Take a broken soda fountain machine, a car a.c. unit, flavor mixes, water and CO2, add inventiveness; you get Americaís favorite frozen drink.
Smart Grid: Independent Testing Of Rossi's E-Cat Cold Fusion Device Shows Positive Results
Forbes magazine's tech contributor Mark Gibbs writes that independent testing of Andrea Rossi's E-CAT Cold Fusion Reactor has positive results.The implications of the possible commercialization of cold fusion power sources are incredible.
Compressor Controls: Saudi Aramco Buys First GE Compressor Control Systems
Saudi Aramco has purchased advanced compressor control technology from GE for the Haradh GOSP-1 facility in Saudi Arabia's Eastern Province.
SANS Control Security Training Coming to Houston
SANS Institute will hold ICS Security Training event on June 10-15 in Houston
ISA Training Through June in Houston
Technician training, engineering survival and SIS boot camps for condensed, intense, comprehensive educational experience.
NIST Releases Initial Cyber Security Framework Comment Analysis
The National Institute for Standards and Technology has released an initial analysis of the hundreds of comments by industry and the public they have received on the Obama Administration's "Improving Critical Infrastructure Cyber Security" executive order.
- All news »
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers