Securing SCADA and Control Networks
Early SCADA (Supervisory Control and Data Acquisition) and control networks consisted primarily of isolated islands of proprietary hardware and software. In recent years however, the availability of control equipment based on open standards such as Ethernet, TCP/IP and Windows PC has led to an explosion in the complexity and interconnectedness of these systems. Tremendous improvements in plant performance and productivity have been realized through these changes; however, these productivity gains will not continue in the future without corresponding security improvements in these systems. In addition, safety-critical plants such as chemical, power, and oil and gas facilities can put human safety at risk if their control networks are not properly secured.
Vulnerable 'soft' targets abound in these networks. PLCs (Programmable Logic Controllers) are optimized for high-performance real-time I/O, not robust networking. Many of these devices will crash if they receive malformed data packets, or even high rates of correctly formed data, from the network. This was the root cause of an incident at the Browns Ferry nuclear power plant in Alabama in August 2006. Excessive traffic on the control network caused both the primary and backup reactor cooling systems to crash, necessitating a manual shutdown to keep the reactor core within safe operating limits.
Open standards provide flexible solutions
Trusted Network Connect (TNC) is a work group of the Trusted Computing Group (TCG), a non-profit industry standards consortium focused on strong security through trusted computing. TNC standards define a set of open architectures and interfaces that allow confirmation and enforcement of an endpoints integrity, its compliance with security policies, and its rights to access other network resources. TNC is completely open and vendor-neutral, and major vendors such as Microsoft and Juniper Networks have implemented TNC interfaces.
TNC defines several key system components. Policy Enforcement Points (PEP) are the first line of defense; when an endpoint device attaches to the network, the PEP will query a Policy Server to find out what (if any) network access rights should be assigned to the endpoint. Policy Servers, in turn, can interface to other resources such as Lightweight Directory Access Protocol, (LDAP) when making decisions about access rights. Sensor devices can monitor and report on the behavior of endpoints through a Metadata Access Point (MAP) server. TNC standardizes communication between these components at the network, transport, and application layers.
MAP acts as a central clearinghouse, using a publish and subscribe model to share data across a huge variety of security and networking systems. Any networking and security technology can be a MAP client; examples include intrusion prevention system (IPS) platforms, vulnerability scanners, firewalls, physical security systems such as badge access solutions, and even application servers. These components can act as sensors adding data to the MAP and/or act upon information received from other components.
Figure 1: TNC manages network traffic between secure zones and allows only authorized clients into the control network.
Applying TNC in SCADA and Control Networks
Although TNC was originally conceived for protection of IT networks, it addresses many security issues that are also encountered in industrial control and SCADA systems. Several TCG members are working together to implement the TNC architecture in these networks, based on the Tofino Security Appliance. Besides significant security improvements and cost savings, TNC offers the potential to manage security policies for both the enterprise and control/SCADA networks from one set of tools. In addition, the open design of TNC enables the deployment of security systems that are much more comprehensive and flexible than those based on proprietary technologies.
About the Author
Scott Howard is Technical Sales Manager at Byres Security Inc., a world leader in security solutions for process control, automation and SCADA systems. Scott has over 25 years experience in embedded system development, technical sales and product marketing.
Six Steps to Using the IoT to Deliver Maintenance Efficiency
By Kevin Terwilliger, Dell
This article discusses ways to utilize advanced IoT technology to enable successful predictive maintenance models for...
True Cost of Ownership for Linear Position Sensors- Part 2
By Harold Schaevitz, Alliance Sensors Group
The second article, of a three part series, examines the strengths and weaknesses of industrial...
Assured Automation NV Series Actuator Recognized in Best of the Best 2016 Best Practices Award
NV Series Replaces obsolete belt-driven valve actuators with gear-style design actuator at less than 10% of the cost of OEM’s replacement option
Secure Connectivity – The Next Step in OT Management Security
By Shmulik Aran, NextNine
The third in a series of four articles on OT security management for manufacturing enterprises, this article further...
A Profession in Need of Change: Automation.com's 2016 Salary Survey results
By Rick Zabel, Automation.com
The results of this year’s salary survey are in, and while salaries did increase a little, the increase wasn’t...
ABB announces Dr. Jef Beerten as first winner of ABB Research Award
Dr. Jef Beerten from KU Leuven, Belgium, receives a US $ 300,000 grant over the next three years for ongoing research at the forefront of energy...
ISA and Beamex join to host flowmeter calibration webinar
The webinar, which will be held November 17 from 12-1:30 PM EST, will feature three automation experts: Nicole Meidl, Product Management Engineer,...
Nordson to introduce 3 new process solutions at The Assembly Show
As part of the exhibition floor at The Assembly Show, with over 260 exhibitors, Nordson EFD (Booth 821) will feature live demonstrations of several...
Protecting Industrial Control Systems: An Integrated Approach
By RKNeal, Inc.
The purpose of this whitepaper is to present a novel cybersecurity framework for deplaying and managing cyberthreat management...
ISA opens Saudi Arabian training center at Jubail Industrial College
The Jubail-ISA Training Center brings ISA’s globally recognized automation and control instruction—as well as its certification review and...