- January 16, 2013
Digital Bond‚Äôs findings revealed that the industry's known sophisticated cyber attacks could not compromise the Tofino firewall.
January 16, 2013 – Belden announced vulnerability testing results of the Tofino Security Appliance. Presented at the SCADA Security Scientific Symposium (S4) in Miami, Digital Bond’s findings revealed that the industry’s known sophisticated cyberattacks could not compromise the Tofino firewall. “Advanced industrial communications opened the door to outside attacks and over the past few years these attacks have greatly increased in both volume and impacts. It’s our job to ensure that organizations stay secure in a rapidly evolving industrial environment,” said Eric Byres, CTO of Belden’s Tofino Security. “The Digital Bond team, led by Reid Wightman, a researcher at IOActive (and formerly with Digital Bond), shares our goal. Their testing and results demonstrate the strength of our security solutions, but also emphasize the critical nature of continuous assessment and the immediate resolution of discrepancies.” Considered one of the world’s most respected sources for control system security research, Digital Bond’s security evaluations are among the most rigorous tests in the industry. Both the Tofino Security Appliance and its management software withstood a variety of sophisticated reverse engineering attacks. The firewall was also subjected to flooding, fragmentation and fuzzing attacks designed to determine if it could be tricked into either blocking good messages or allowing bad messages. The Tofino Security Appliance passed these tests without issue. Testing also included attacks on Modbus communications, the world’s leading industrial protocol. “Tofino Security provides an awesome security appliance that does the best possible job with the current protocols. It did an excellent job of securing the Modbus protocol, preventing disallowed function codes from getting through,” said Wightman. He concluded: “I would recommend the appliance to anyone in search of an industrial cyber security solution. In all, I’m quite impressed with the Tofino Security Appliance.” Wightman’s concerns were with the SCADA and IP protocols themselves - he would like to see the industry start creating standards for new, more robust protocols this year. Byres acknowledged Wightman's concerns, "The SCADA protocols were never designed with security in mind. It will take a major effort to either fix the existing protocols or create new ones. In the meantime, Tofino’s advanced Deep Packet Inspection determines if a message is a read or a write message and drops all write messages, significantly improving the security of the technologies that industry is using today." In addition to Modbus, Tofino Security provides Deep Packet Inspection for the widely-used OPC and Ethernet/IP protocols. It is a key reason that major automation vendors Schneider, Honeywell, Emerson, Yokogawa and Invensys/Triconex have adopted Tofino and Belden firewalls to secure their systems. As a result, many new sales of critical SIS, PLC and DCS products include a robust industrial security solution from Belden. For those companies that want even more security, Belden products such as the Tofino Virtual Private Network modules and Hirschmann Power Mice switches with Dynamic ARP Inspection provide robust anti-spoofing and integrity features. Belden's vision is to offer a layered solution that covers all aspects of critical industrial security. “Customers need solutions designed for long-term implementation that just work,” said Byres. “Our advanced technologies—including Deep Packet Inspection—and our comprehensive lifecycle approach to industrial security contribute to such solutions. Thank you to Digital Bond for their thorough testing of our products.” Tofino Security, a Belden Brand, provides practical and effective industrial network security and SCADA security products that are simple to implement and that do not require plant shutdowns. Its products include configurable security appliances with a range of loadable security modules plus fixed function security appliances made for specific automation vendor applications. Tofino Security products protect zones of equipment on the plant floor, and are complementary to Belden’s Hirschmann brand, which leads industrial networking solutions. Both groups service and secure industrial networks in the oil and gas, utilities, transportation and automation industries. About Belden St. Louis-based Belden Inc. designs, manufactures, and sells connectivity solutions for markets including industrial, enterprise, and broadcast. It has approximately 7,400 employees, and has manufacturing capabilities in North America, South America, Europe, and Asia, and a market presence in nearly every region of the world. Belden was founded in 1902, and today is a leader with some of the strongest brands in the signal transmission industry.Learn More
Did you enjoy this great article?
Check out our free e-newsletters to read more great articles..Subscribe