Drives and Controls Magazine

Two-cable connection will add security to control systems

01 November, 2006

Two-cable connection will add security to control systems

The MTL Instruments Group has teamed up with US-based Byres Security to develop a "revolutionary" product designed to provide security for new and existing SCADA and control systems. The "Tofino Security Solution" (TSS) can be installed by electricians and instrumentation mechanics without any training. They simply connect a pair of network cables to transform vulnerable control devices into "highly secure fortresses".

According to Byres Security`s chief executive Eric Byres, "industry needs a security system flexible enough to be used by a small plant with a single PLC, yet still meet the needs of multi-national organisations with thousands of critical devices scattered around the globe."

He points out that the staff operating and maintaining critical control systems are usually not IT or security specialists. "An electrician can`t afford to worry about creating access control lists for firewalls or configuring encryption certificates," he adds. "Industrial security systems need to be based on a new paradigm that is understandable to the control technician."

MTL and Byres say that traditional IT security products have been designed primarily to protect servers or large groups of PCs that can run their own antivirus or firewall software as well. Control devices such as PLCs or Ethernet-based I/O modules have no authentication, integrity or confidentiality mechanisms, and can be controlled by any individual that can "ping" them. Control devices cannot be updated easily or have security features added.

The new system uses dynamically loadable security modules that can provide encryption and intrusion detection functions tailored to specific plant-floor devices. It will allow security specialists to monitor a system confidentially from anywhere in the world.

The first TSS products are due to be released in the first half of 2007 and will include intrusion detection, firewall, Modbus and Ethernet/IP protection modules. An associated drag-and-drop network management interface will make security management and monitoring "as easy as navigating a Web page or installing an I/O module in a PLC".

MTL will provide both the hardware platform and global sales and support for TSS, while Byres Security will develop the security modules. The two companies are talking to several control system manufacturers about integrating Tofino into their products.

MTL has formed an industrial networks group in its hazardous areas business, to supply complete network systems. The group will have its headquarters in Canada.