Byres launches SCADA 'security in a box'
11 Oct 2011
British Columbia, Canada — Byres Security Inc., part of Belden Inc. has launched what it claims is “a complete SCADA simulation system in a box” for flagging up security vulnerabilities within SCADA and PLC components to security failures, and test new systems for improved industrial control system (ICS) security.
The Tofino SCADA security simulator (TSSS) makes the impact of security failures to critical industrial processes easy to grasp, said the Canadian firm. The product, it added, also shows how to secure processes using its Tofino Security Appliance (TSA).
“Cyber threats to industrial processes have been difficult to demonstrate, making it hard to test designs, train staff or research mitigating technologies,” said Eric Byres, CTO and VP engineering of Byres Security. “Now, with the Tofino SCADA Security Simulator anyone can understand both the impact of security breaches on industrial processes and how to stop them.”
A typical TSSS demo starts by showing how SCADA and Industrial Control Systems operate, using a widely deployed PLC to control production. Next, SCADA specific malware attacks the control system and destroys the process.
Finally, the system is secured using leading technology such as the ’Tofino industrial security solution’. The TSSS provides hands-on experience and reveals the impact of SCADA security in a tangible and visual manner.
Joel Langill, CSO of SCADAhacker.com, explains: “You can only be so effective when trying to explain cyber security to someone using a deck of PowerPoint slides. When you shift the discussion to an actual demonstration showing both an attack and a successful mitigation to an attack, people actually understand it.”
Langill continues: “As a security consultant, I use the TSSS not only for simple demonstrations of cyber security controls, but also to implement various security strategies in an offline manner.
“I can then develop corresponding Tofino Security Appliance configuration schemes which can be applied to online production systems. I find it very handy to be able to use the TSSS with a variety of SCADA/HMI applications, and with associated field control equipment like PLCs, RTUs and application servers.”
A video of the system in action can be viewed at http://bcove.me/lmj76h81
