Invensys claims cyber security advance
11 May 2010
Plano, Texas – Invensys Operations Management has teamed up with Byres Security Inc. and MTL Instruments to develop a firewall to protect industrial safety systems against network accidents and attacks. The Triconex/TofinoTM OPC system is said to be the first firewall that protects integrated applications based on OPC Classic, the world’s most widely used industrial integration protocol.
To improve the interoperability of its Triconex safety systems, Invensys embedded OPC servers within its Tricon communications module (TCM) and teamed with cyber security firm Byres Security to create a firewall specifically for Triconex systems.
The two companies then enlisted the services of MTL Instruments to build the security hardware. The result is the Triconex / Tofino OPC firewall, which is now available for Invensys customers using the Triconex TCM with the embedded OPC solution.
“The Triconex / Tofino OPC firewall mitigates [cyber security] risks by managing the traffic to and from the Triconex TCM, providing further assurance that a cyber incursion will not compromise integrated communications between the safety and critical control systems and supervisory HMI or distributed control systems,” ,” said Joe Scalia, portfolio architect, at Invensys.
The firewall is said to automatically mitigate risks related to previously published DCOM vulnerabilities, while providing packet management and rate limiting to prevent network traffic problems that could have an adverse effect on the stability of the safety system.
Past plant shutdowns, for example, haven’t been caused by hackers. Instead they were the result of badly configured software causing traffic storms that impacted critical controllers and other systems, according to Eric Byres, security expert and technical officer at Byres Security.
“The Triconex / Tofino OPC firewall does much more than block hackers and viruses from accessing the safety system. Its dynamic port management and built-in traffic-rate controls prevent many basic network problems from spreading throughout a plant,” said Byres.
“The next generation of the OPC Foundation interoperability specifications, the OPC Unified Architecture, incorporates similar cyber security protection, based on the excellent work of founding companies like Byres Security, MTL Instruments and Invensys,” added Thomas Burke, president, OPC Foundation. “Launching the unique Invensys solution is the important milestone in demonstrating that users can secure the interoperability of OPC Classic within other applications without worrying about cyber security.”
