MTL, Byres address SCADA security concerns

Luton, UK - MTL Instruments, part of Cooper Crouse-Hinds, and Byres Security Inc. have developed a security module for the Modbus TCP protocol. The product analyses analysis and filters all Modbus TCP messages and is certified by Modbus-IDA - the group of automation device users and suppliers promoting adoption of this SCADA protocol.

Called  the Tofino Modbus TCP Enforcer Loadable Security Module (LSM), the module allows owners of control and SCADA systems to regulate Modbus network traffic to a unique level of detail, its developors stated.

“Deep packet” or “content” inspection for web email or traffic has been offered in IT firewalls for several years, but nothing has been available for the process control or SCADA world. Modbus traffic could either be allowed or blocked by a standard firewall, but fine-grained control was impossible.

As the smooth flow of Modbus TCP traffic is critical to the average industrial facility, engineers usually opted to let everything pass and take their chances with security. Industry experts have been calling for better control of SCADA protocols.

“Tofino provides tailored protection for groups of PLCs, DCSs RTUs and HMIs and does it in a way that is simple to implement for control engineers," said Eric Byres, CTO at Byres Security Inc. "Security is taken care of, and focus can be maintained on keeping processes running safely and efficiently."

According to MTL, two global energy companies have trialled the new LSM and have found that it allows them to enhance both the security and stability of their systems and restrict Modbus functions by blocking all firmware upgrades, while allowing normal HMI traffic as well as tailoring appropriate Modbus access permissions to PLCs for different stations.

The product, said the vendor, was also shown to: Restrict Modbus access permissions to specific memory locations in a controller and Enforce read-only access to Safety Instrumented Systems for enhanced isolation and safety