- February 06, 2019
- Bedrock Automation
February 6, 2019– Bedrock Automation has announced offerings that extend intrinsic security to legacy automation, support secure MQTT messaging, and enable Role Based Access Control (RBAC) across the Bedrock OSA platform. At the 2019 ARC Industry Forum, Bedrock Automation is demonstrating the following new OSA offerings:
- Bedrock OSA Proxy, a solution that brings cyber security, protocol conversion, and data concentration to the edge, all in one industrial appliance.
- Integrated Cirrus Link Sparkplug B protocol support, which empowers companies to build a secure MQTT infrastructure.
- Availability of Cybershield 4.0 firmware, which enables RBAC and multi-factor authentication.
All Bedrock solutions are built on Public Key Infrastructure (PKI) functionality designed into its computing core using sealed all-metal anti-tamper construction. The crypto keys in the Bedrock root of trust are authenticated by Bedrock’s certificate authority (CA) and use advanced signing and encryption technologies like those used by secure military, aerospace and online financial transaction systems.
The Bedrock OSA Proxy is an automation-savvy firewall-type system. This approach to cyber defense allows customers to secure legacy devices behind the Bedrock root of trust. In addition to the embedded Bedrock PKI, the OSA Proxy also connects to industrial protocols such as Modbus, Ethernet IP, and Common Industrial Protocol (CIP), then translates the legacy protocols in real time to open and secure communications standards including OPC UA and MQTT. Built-in anomaly detection monitors all traffic across the control network. A 64-bit, quad core processor provides a computing platform for cyber analytics and end user applications.
Bedrock Automation is releasing a secure implementation of the Cirrus Link Sparkplug B protocol. The Sparkplug specification defines how Edge of Network (EoN) gateways or native MQTT-enabled end devices, and MQTT Applications communicate bi-directionally within an MQTT Infrastructure, including support for complex data types, datasets, lower bandwidth requirements, and access to historical data. The Bedrock Sparkplug B implementation is a MQTT authentication and encryption agent providing a secure root of trust built on an intrinsically secure control platform.
Bedrock Automation is also announcing Cybershield 4.0, with RBAC and multi-factor authentication. Bedrock’s RBAC enables unlimited granularity and specificity within a Bedrock system, allowing restrictions by function, command, or controller. Bedrock users can choose between pre-defined role definitions or create custom roles and privileges.
Multi-factor authentication allows user access only after successfully presenting divergent identity information, such as a password or pin, and a physical component such as a smart card or fingerprint. The Bedrock OSA platform works with commercially available multi-factor authentication technologies that empower users to choose the security solution that is right for them.