SCADA security basics

Supervisory Control and Data Acquisition (SCADA) systems are used for remote monitoring and control in the delivery of essential services products such as electricity, natural gas, water, waste treatment and transportation. SCADA software runs on regular computers, but is used by owners of critical infrastructure and other various types of industrial facilities to monitor and control industrial processes.

This blog post will introduce SCADA systems fundamentals that will help analyze security considerations.

Remote monitoring is widely considered one of the most difficult applications to do in a cost-effective way. Remote monitoring using SCADA systems has traditionally been a very difficult and expensive task. SCADA systems have traditionally used their own communications networks, and the security has been largly based on keeping the SCADA network separate from public networks and fact that not many people know the special protocols used on those systems (=security by obscurity).

Internet technologies have made the remote monitoring easier and more cost effective in many applications, but on the other hand has created new set of risks related to hacking. If you connect a remote monitoring system that uses insecure communications protocol to Internet, sooner or later somebody can figure out how to hack into your system. If your system is just doing monitoring, somebody hacking can stop our communications or worse can feed you with false data. If your remote monitoring system is also used to control something, then risks are far greater.

There isn’t a single security solution capable of addressing all existing and future risks. It’s necessary to implement a series of different defenses across the system. Deploy safeguards throughout the platform to provide a robust protection against the vast majority of attacks.

Modern SCADA systems are typically designed for security using platforms similar to typical networked clients, such as laptops and workstations. There are also some specific considerations. Security systems easily become complicated. Unfortunately as the complexity of securing devices increases, so does the risk of vulnerabilities slipping past equipment manufacturers and IT organizations. Industrial control systems (ICS), distributed control systems (DCS), supervisory control and data acquisition systems (SCADA) have all been around for decades, but thanks to Stuxnet, DuQu and other major incidents, these systems have recently began receiving serious security consideration.

Cyber security is war. You have to defend your systems from all sorts of outside attackers, and if one that’s skilled and determined gets you in his sights, defending yourself may be tougher than you think. Once an attacker breaks through a hardened perimeter, moving around inside is usually pretty easy. That’s why defense in depth with incident detection, response, and attribution is so important.

Security is all about layers. You can’t ever block everything on one place so you need layers of security to protect yourself. The enterprise can put lots of devices and layers to protect themselves and customers, because you can’t be 100 percent protected against everything with only one solution.

Want it Secure? Target Both Design and Data Security article says that in today’s increasingly connected world, security applies to servers as well as mobile and remote embedded devices. The latter are often exposed to physical tampering while data travelling over networks is exposed to compromise and hacking. Security depends on securing the complete connected universe.

How safe is your network? Is Your Network Safe? article tells that just a few years ago, plants didn’t have to worry about the safety of their networks. From an IT point of view, plants were silos — succinct and secure. That changed over the past decade. To improve efficiency, plants connected out to the company’s back office and beyond to suppliers and customers. Most of the connectivity runs along Internet connections. This extended network prompted a battle between the organization’s IT team and the control folks on the factory floor. If your plant is running 24/7, you can’t add patches and reboot without shutting down the plant. In addition, the plant is now vulnerable to hacking (terrorists, hackers, competitors and disgruntled employees).

Six Ways to Improve SCADA Security blog article tells that when it comes to securing SCADA networks, we are usually years or even decades behind when compared to securing typical IT networks. The article presents some of the SCADA security’s most daunting challenges along with some recommendations to secure SCADA networks.

1. A SCADA network is inadvertently connected to a company’s IT network or even to the internet
2. ‘Data presentation and control’ now runs off-the-shelf software
3. Control systems not patched
4. Authentication and authorization
5. Insecure ‘datacommunication’ protocols
6. Long life span of SCADA systems

Understanding cyberspace is key to defending against digital attacks article tells that in recent years, there has been one stunning revelation after the next about how such unknown vulnerabilities were used to break into systems that were assumed to be secure.

Growing numbers of other kinds of machines and “smart” devices are also linked in to Internet: security cameras, elevators and CT scan machines; global positioning systems and satellites; jet fighters and global banking networks; commuter trains and the computers that control power grids and water systems. “We have built our future upon a capability that we have not learned how to protect,” former CIA director George J. Tenet has said.

As commercial and civil network infrastructures become increasingly dependent on arrays of Internet-connected computers, they are becoming increasingly susceptible to attack from hostile nations, non-governmental terrorist groups and cyber criminals.

“Companies want to make money” “They don’t want to sit around and make their software perfect.” Many of vulnerabilities are related to errors in code designed to parse data sent over the Internet. The software makers often failed to heed the warnings from security researchers and some vulnerabilities remained for a long time. And even in cases where the manufacturer has a fix, the customer might hot apply it any time soon because in many cases you can’t add patches and reboot without shutting down the plant.

Want it Secure? Target Both Design and Data Security article says that adding robust security features to a design can substantially impact the complexity, power consumption and cost of a system. These challenges include supporting the computational complexity required to run advanced cryptographic algorithms; providing secure insertion and storage of encryption keys, and authenticating and encrypting data exchanged over public network connections.

HP Cyber ​​Security Risk Report says that the number of SCADA systems vulnerabilities have risen in last few years very much. In 2008 there were 22 holes in them. In year 2012 there were 191 holes in SCADA systems. This means 768 percent growth since 2008.

344 Comments

  1. tomi says:

    Where security is concerned, I generally consider paranoia to be a good default reaction to any situation until I understand it well enough to relax.

    Reply
  2. Tomi Engdahl says:

    Time to step up: Actions you can take today
    http://www.controleng.com/single-article/time-to-step-up-actions-you-can-take-today/e9c3dde92e71f7ce2f8e0b4826e0682d.html

    Your control system cyber assets were not coded with security in mind, so you have to build defenses yourself, always thinking about your complete security posture. Here are ways to start now.

    Control systems represent a high-value target and are under attack. How bad is the risk? A recent survey and webcast conducted by Control Engineering indicated that most respondents recognize that the risk is high to severe. What really is the risk? The ancient risk calculation method tries to associate the threat with the vulnerability. It requires both the actual asset vulnerability combined with a threat actor motivated to exploit that vulnerability. Increasing international tensions have increased the motivation of threat actors worldwide.

    So if you know that there is risk, what can you do? You could rip and replace immediately, but you may find your new solution is just as vulnerable as the old. You have to know what you have, build walls, monitor, and respond to threat indicators. Are your people trained to do those?

    Step one, which you can begin today, is create an inventory of your control system assets. This includes all personnel and skills, controller hardware, networking hardware, communication channels, and operational procedures. Step two, take a look into any regulations impacting your cyber, physical, and operational security requirements.

    Once you compile your initial inventories, the next steps are:

    1. Create a baseline of security needs throughout your organization and its stakeholders.

    2. Using your inventory of cyber assets, identify which are required for direct control functions. Then, identify what communication channels, applications, and services are required for each ICS cyber asset to perform its operations. This process will not be easy

    3. Remove all other communication channels, applications, and services not necessary for normal and emergency operating conditions.

    4. Review the remaining communication channels, applications, and services for vulnerabilities. Using the inventory of firmware, applications, and protocol versions, check them for out-of-date and/or vulnerable cyber asset components.

    5. Identify mitigating controls such as a network intrusion detection system (IDS). The IDS should be configured with specific rule sets for your control system protocols and communication channels, and not generic rules for traditional IT environments.

    6. Inventory your current operational procedures used by personnel to maintain the cyber assets and communication channels used for control system operations. Review the procedures for vulnerabilities, and modify them as necessary.

    This is only a start to the process of addressing the security needs of today’s control system environments. The risk is real.

    Reply
  3. Tomi Engdahl says:

    Embedded XP big risk next year

    Microsoft will end next year XP operating system support. The same applies to the decision of embedded systems XP embedded version. The German company says embedded XP with operating systems are truly at high risk first of April 8 day.

    nnominate Security Technologies AG wants to remind industrial companies developing systems to ensure that adequate security measures to be adopted in good time. Only in this way can, for example to ensure continued production for sure.

    Innominate that XP can still be found constantly vulnerabilities. In July this year, Microsoft had already announced the 31 important security update system. Of these, 18 were classified as critical.

    The most obvious solution would be to upgrade the operating system or replace the whole extract of the base, but this can be very expensive, depending on the system and. Innominate suggests it is easier to protect critical components by separate software or tools.

    Source: http://www.elektroniikkalehti.fi/index.php?option=com_content&view=article&id=282:sulautettu-xp-iso-riski-ensi-vuonna&catid=13&Itemid=101

    Reply
  4. Tomi Engdahl says:

    Only 500 People in the World Understand Security
    http://www.designnews.com/author.asp?section_id=1386&doc_id=266202

    “There are only about 500 people in the world who really understand industrial control system security.”

    I heard this comment at an event recently, the Siemens Automation Fair in New Orleans. It was stated by Marc Ayala, ICS/SCADA security manager at Cimation, a security solutions company specializing in automation, industrial IT, and enterprise data solutions, including oil and gas.

    I wasn’t sure if I heard correctly, or if Marc may have been off base, so I followed up with him after the event. He didn’t back off the statement. He did qualify that he was referring to people who are protecting the control system side, and not the enterprise or IT security.

    When you think about industrial security and what needs to be protected, think about the three P’s — people, property, and production. Clearly, safety is the No. 1 element. That typically refers to people and the environment. Property is pretty obvious, but comes in after people, obviously. With respect to protecting production, sustainability is the key. If production goes away, business goes away. That’s clearly a bad thing. You could argue that too often production shows up as No. 1 on this list, although not too many people would admit it.

    Here’s an element of security that I would not have thought of (I’m clearly not on the list of 500): Adobe Acrobat Reader is the de-facto standard for control systems deployed to read your online manuals. Adobe Acrobat is a crucial vulnerability point.

    Many security intrusions have exploited the limitations of Adobe Acrobat, including both the Reader and the Updater. Unfortunately, too many users don’t keep that application up to date.

    Reply
  5. HMI Software says:

    There are many ways to exploit the security of any system created. I think the key is to have multiple layers that a person my enter in order to access what they want.

    The more sensitive the information, the more levels there should be.

    Reply
  6. Tomi Engdahl says:

    Human Factors and their Impact on Plant Safety
    https://event.webcasts.com/starthere.jsp?ei=1024283&utm_source=emailcampaign923&utm_medium=phpList&utm_content=HTMLemail&utm_campaign=Human+Factors+and+their+Impact+on+Plant+Safety+Webcast

    History is full of technology breakthroughs, all striving to increase productivity and efficiency, from the steam engine and the telegraph; we’ve seen technology changing the way we get things done, sometimes in a disruptive way.

    Most recently mission critical computing systems have been introduced in manufacturing processes and automated tasks, resulting in increased safety and productivity during normal operation, but can these technologies help keep the plant safe during abnormal process conditions? That’s where technology can support but not replace humans. The industry relies on human ability to respond to the unexpected, to handle the odd conditions and ask the right questions to fix the problems at hand.

    Today, when operators are loaded with numerous activities, is it reasonable to expect they’ll be able to respond appropriately to all conditions? What are the human elements that should be taken in to consideration in the design and implementation of modern automation systems?

    Reply
  7. Tomi Engdahl says:

    Advantages of a Common Automation Platform
    http://www.designnews.com/document.asp?doc_id=269242&cid=nl.dn14

    When Norcimbus began incorporating Siemens Industry PLCs into its gas cabinets and valve manifold boxes (VMB) a while back, the gas and chemical distribution equipment company had no idea what kind of impact the move would have on its operations. But now, just four years later, it is well on its way to adopting Siemens technology as its standard automation platform, a decision that is giving its customers a new level of service and support and generating new products and systems for its market base.

    Most recently, Norcimbus has put the Siemens automation platform at the core of its newest product,

    The modular controller can be retrofit to virtually any gas cabinet. “We see a great need for this type of product,” says Wheeler. “The PLCs in a lot of existing equipment are aging, control systems in them are failing, and replacement parts are often unavailable or the supplier no longer supports the product. Owners face completely replacing a $40,000 installation that performs well except for the controller. Now we can give them that component, plus new features and functions at a competitive price. It is much more cost effective to upgrade an existing system than to install a totally new one.”

    The Siemens platform in Norcimbus’ new products and its existing systems has given the company countless capabilities it could not achieve with the other brand. Ebert calls the new universal controller the way of the future.

    Embracing integration, efficiency
    Developing a controller that could be retrofit to any existing gas cabinet presented many challenges, but they were challenges the Siemens platform could meet. “We had to come up with a universal device and yet be able to program it to handle any and all options,” Wheeler points out. In this case, we’ve really seen the benefit of Siemens’ engineering software tool (TIA Portal). Inside the program, we can place options and features that can be installed or uninstalled to match any cabinet specification. We can scale systems up or down as needed while using a lot of the same programming throughout the PLCs and the screens. We couldn’t do that with any other brand.”

    Reply
  8. Tomi Engdahl says:

    Collaboration Between Controls & IT Is a Growing Priority
    http://www.designnews.com/author.asp?section_id=1386&doc_id=269526&cid=nl.dn14

    It’s ironic that one of the biggest stories in automation and control for the next decade will focus on the collaboration of control engineers, engineering management, and their information technology (IT) counterparts in manufacturing production facilities.

    With manufacturing targeted as one of the biggest beneficiaries in the move to the Internet of Things (IoT), this group of stakeholders is in a pivotal position to achieve a new level of connectivity between engineering and enterprise management. With the goal of bringing both the supply chain and even customers closer to the manufacturing process, plants will need new levels of communications access, security, and networking resources (video and remote services) to make it happen.

    If we look at the value being placed on the IoT, we can see how both engineering and IT are key players to making a major transformation occur. Targeted areas include asset utilization, employee productivity (with an emphasis on mobility), supply chain and logistics, innovation, and customer experience. Nearly all of these areas will require an infusion of technology into plant operations that spans the skill set and responsibility of both groups.

    “The longstanding issue is how to break down the silos and achieve convergence in managing networks more holistically,”

    Reply
  9. Tomi Engdahl says:

    Safety Finds a Home on the Ethernet Network
    http://www.designnews.com/author.asp?section_id=1386&doc_id=268390&cid=nl.dn14

    Not many years ago, safety systems were standalone networks.

    It was common practice to make sure the safety network was physically separate from the network that controlled the plant. Many machines had their own safety tools that were completely separate from networks altogether. This made for an inefficient patchwork of differing systems running through the plant, but that has completely changed in just a few short years. Now the unthinkable is the rule: Safety lives on the same Ethernet network as the control system. And even while machine safety is now networked, individual devices contain their own safety intelligence and can shut down a dangerous problem faster than devices that have to check in with central control.

    The result of these changes is that safety is now more efficient, more flexible, less expensive, and safer.

    Safety on Ethernet
    One of the precautions that allow safety to live on the control network is the division between safety and control called the black channel. “You can have a safe network on a standard network. The thing we use is the black channel principle,” Zachary Stank, safety specialist at Phoenix Contact, told Design News. “The safety is on the same network as control, but it can’t be touched by anything.”

    Before the shift to Ethernet networks, the idea of running safety and control on the same network was considered reckless. The two functions were incompatible. This incompatibility is still the case. The difference now is that Ethernet allows clear separation between control and safety even though they’re on the same wire. “People were afraid of safety on control networks, but they’re well protected,” Stank told us. “Running safety on the same network as control ended up an improvement on safety.”

    Because control and safety are on the same network, the overall network system is much simpler.

    The combination of control and safety on the same network also makes it easier for operators to see everything that’s going on in the plant. They don’t have to jump from one system to another.

    Paradoxically, having one networked system for control and safety lets operators split off chunks of the system for easier management. The modular approach to managing the plant comes with a number of benefits. For one, when a safety breech occurs, you can shut down just the portion of the plant that is experiencing trouble rather than shutting down the whole plant. Second, the modular approach makes for greater flexibility. “A lot of companies are looking at modular manufacturing. That allows them to move from one product to another with a minimal amount of change,”

    “Companies are moving to wireless networks with safety included. The wireless safety is now as secure as hardwired safety.”

    Another recent development in safety networks is the shift to intelligent devices. As well as offering greater control and flexibility, smart devices can also think for themselves when there is a compromise in safety. “You can put a safety device and safety I/O on the network and the safety signal doesn’t have to go back to control,” Gary Thrall, a product manager at Bosch Rexroth, told us. “The device instantly responds through its own intelligence. The difference is milliseconds, but in safety, milliseconds counts.”

    One of the big reasons the automation industry moved quickly to integrate control and safety on Ethernet was the improved efficiency of a single network and the significant reduction in cost it delivered. “Integrating safety through a black channel network means that safety can be managed more efficiently,”

    Hackers are now targeting safety networks
    These days, anything that is networked is vulnerable to hackers. Networked safety is no exception. “If your threat is somebody who wants to cause you upset, embarrass you, and show that you can’t be trusted, they will go after the safety system,” Eric Byres, chief technology officer at Tofino Security, a Belden company, told Design News.

    Byres noted that tools to hack into a safety system have been showing up at hacker conferences. He pointed to a toolkit offered by a Russian company for $2,500 that is specifically designed to attack networked safety systems. While that cost may seem dear to your bedroom hacker, Byres views it as little. “If a criminal organization wants to extort money or steal intellectual property and sell it, the $2,500 is chump change.”

    Reply
  10. Tomi Engdahl says:

    Wireless carriers reshape business to cash in on fast-growing M2M segment
    http://www.controleng.com/single-article/wireless-carriers-reshape-business-to-cash-in-on-fast-growing-m2m-segment/0c09edad2eea0326be0b525407021cf8.html?OCVALIDATE&ocid=101781&[email protected]

    Global M2M connections will rise to an estimated 375 million in 2017 and the revenue generated by wireless carriers will more than double in that time span.

    Amid a slowdown in their core business of cellphone-based communications, wireless carriers are restructuring to capitalize on the booming market for machine-to-machine (M2M) cellular service.

    The rise of M2M comes at a time when the traditional cellphone-based mobile services market is becoming increasingly mature and saturated, with growth slowing particularly in the developed markets like the United States and Western Europe.

    “Wireless service providers ranging from Verizon Wireless, to Vodafone, to China Mobile are turning to the cellular M2M market as a new, high-growth market opportunity,” said Sam Lucero, senior principal analyst for M2M & the Internet of Things at IHS “However, to take full advantage of the M2M’s market’s potential, the wireless firms must deliver their customers much more than simple cellular connectivity. Instead these companies must offer a full suite of VAS and MAP services, prompting them to establish their own M2M business units and develop or acquire M2M connection platforms.”

    Taking care of business

    Many MNOs have established M2M business units as they have expanded their market strategies beyond simply providing wholesale connectivity to mobile virtual network operators (MVNOs) and other aggregators. Examples include Sprint’s Emerging Solutions Group and Telekom Austria’s Telekom Austria Group M2M GmbH unit.

    The M2M business unit strategy allows wireless carriers to develop specialized expertise in both horizontal M2M business issues—such as connectivity management—as well as vertical-specific domain expertise. Application complexity is a key feature of many M2M vertical markets. Wireless carriers are finding that they can engage more effectively with application developers, service providers, and corporate adopters when they have in-depth expertise in the technical and business issues facing their partners and customers.

    Getting on the platform

    In parallel with the establishment of M2M-specific business units, wireless carriers are deploying M2M Connection Platforms (MCP) to tailor the operators’ infrastructure and systems to the needs of the M2M market. MCPs are required because of the major departure that M2M represents compared to established cellphone-based services.

    Traditional systems and processes by carriers are oriented toward serving mobile handset service subscribers. These systems are designed for single-device activation processes. They also work with cellphones and other consumer devices that are in the possession of their users in the event of technical difficulties.

    Furthermore, they operate based on 18- to 24-month replacement/upgrade cycles, reducing the need for backward compatibility of network infrastructure with still-deployed legacy devices. The use cases also are relatively simple, based on communication and content. Finally, traditional cellular services have high average revenue per user (ARPU), particularly for smartphones, which normally amounts to more than $80 per subscriber per month.

    In contrast, M2M services more typically consist of devices that are remotely deployed in bulk, sometimes in very large volumes. M2M devices also are remotely deployed, requiring an expensive “truck roll” service call if there are technical difficulties in the field.

    Moreover, M2M devices have long expected deployment times in the field, ranging up to 15 years or more.

    These devices and services also often have complex use cases, requiring a strong understanding of vertical-specific business and technology issues. Finally, they have a low ARPU per device, typically at less than $5 per connection per month.

    Consequently, wireless carriers are deploying related platforms—the MCPs—that generally provide for automated remote bulk provisioning of devices directly by the customer, as well as remote trouble-shooting, management of the connection directly by the customer and integration of MCP functionality into the customer’s existing enterprise management systems via application programming interfaces (APIs).

    Reply
  11. Tomi Engdahl says:

    Manufacturing Execution Systems Can Solve Problems Before They Start
    http://www.designnews.com/author.asp?section_id=1365&doc_id=269830&cid=nl.dn14

    It’s hard to believe, but less than 20 years ago most manufacturers were solving bottlenecks with stopwatches and clipboards. Today, virtually all of this analysis is automated, but identifying bottlenecks is only a small part of factory data analysis. We’re working with a US automaker on one of its sports car lines, and its Manufacturing Execution System (MES) has helped it significantly drive up quality and efficiency.

    The clipboards are long gone, and manufacturers can now anticipate and prevent bottlenecks, quickly identify the root source for downtime, and structure their maintenance schedules to prevent tool failure. Here’s how an MES is designed to solve problems before they happen.

    Start with the machines and the tools. Plant floor PLC data blocks collect machine information from each production station and drive it to a host server database, typically SQL or Oracle. From there, it can be posted overhead on an Andon board, sent via pager to a specific maintenance person, included in a management report, or redirected in virtually any secure configuration.

    The bottom line of this MES is that quality and efficiency have gone through the roof over the past 10 years.

    Reply
  12. Tomi Engdahl says:

    Rockwell Facilitates Implementation of Safety Automation Processes
    http://www.designnews.com/document.asp?doc_id=269939&cid=nl.dn14

    Safety has always been a concern on the factory floor when it comes to the technology driving automation systems, and more and more automation technology providers are trying to make it easier to prioritize this as part of system design.

    Rockwell Automation has been a champion of this effort, offering a number of tools to help manufacturers design safer systems. Its most recent offering is the AADvance Workbench 2.0, a complete design, configuration, and maintenance software environment that helps enable companies ensure safe and continuous operation through the control of safety process automation, according to Rockwell.

    Application designers also can perform a number of other functions with the product, including importing, exporting, or migrating projects, and monitoring and managing controller status and communications protocols with plug-ins to the tool.

    “The workbench is now an integral part of the PlantPAx process automation system, which is capable of managing the entire range of plant automation applications, including process control, discrete control, power, information, and process safety,” he said.

    Reply
  13. Tomi Engdahl says:

    Hackers Love Windows XP
    http://www.designnews.com/author.asp?section_id=1386&doc_id=270150&cid=nl.dn14&dfpPParams=ind_182,industry_auto,industry_consumer,industry_machinery,aid_270150&dfpLayout=blog

    Cyber security is going to be a big issue for plants using Windows XP once Microsoft quits offering extended support and security updates. MS quits in Windows XP beginning April 8, 2014. While this event means little to the average PC owner — years ago we moved on to Windows 7 or 8 — for many manufacturing and process plants, April will be the cruelest month. Plants often keep the same automation technology for 10 or 20 years.

    Problem is, hackers have also marked that date. In a recent blog, Microsoft’s director of trustworthy computing (honest, that’s his title), Tim Rains, noted that “attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders.”

    According to Microsoft, when it releases a security update, security researchers and criminals will often reverse engineer the security update quickly in an effort to identify the specific section of code that contains the vulnerability addressed by the update. Once they identify this vulnerability, they attempt to develop code that will let them exploit it on systems that do not have the security update installed.

    Hackers also try to identify whether the vulnerability exists in other products with the same or similar functionality. If a vulnerability is addressed in one version of Windows, these hackers will check other versions of Windows to see if they have the same vulnerability.

    To make sure its customers are not at a disadvantage to attackers, the Microsoft Security Response Center releases security updates for all affected products simultaneously.

    But after April 8, 2014, organizations that continue to run Windows XP won’t have this advantage over attackers any longer. The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities, and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop code that can take advantage of those vulnerabilities.

    While the obvious solution for plants would be to upgrade to a newer Windows operating system, this could involve significant cost and interruptions. Software upgrades in an operating production network commonly encounter unintended and unanticipated consequences.

    Automation vendors and security firms are offering solutions. These companies have a track record of managing antiquated automation systems.

    For many plants, this could be a more feasible solution than shutting down the plant and installing Windows 7 or 8. While that approach is a no-brainer for an office network, it becomes a bit complicated when a number of legacy automation and control systems are tied into Windows XP.

    Reply
  14. Tomi Engdahl says:

    Regular Checks Lead to Consistent Safety
    http://www.designnews.com/author.asp?section_id=1365&doc_id=270312&cid=nl.dn14

    In the oil and gas industry, it’s paramount that one pays attention to the accuracy of his level and temperature instrumentation, particularly within processing plants. When being vigilant to ensure this, consider the following:

    Service history
    Current condition
    How often they’re checked and by whom
    Where it’s installed

    Not keeping ahead can very well end up being costly to your operation — and, occasionally, fatal.

    In 2005, the BP refinery in Texas City exploded, which goes to show what can become of faulty instruments that provide inaccurate liquid and temperate level measurement. Even worse are when those responsible for ensuring its accuracy neglect their responsibility to do so.

    The disaster, which led to 15 deaths, cost BP billions of dollars in clean-up funding, compensation, and legal fees.

    As it happens, inaccurate pressure gauge readings were the reason the Deepwater Horizon explosion happened back in 2010. A fatal decision was made when the two conflicting pressure gauges led to the incorrect reading being chosen.

    other companies experience difficulties

    As this isn’t the first occurrence, it shows that instead of relying on internal checks, third-party organizations must be given more power to check out instrumentation and shut down operations.

    Reply
  15. Tomi Engdahl says:

    New managed cyber security service offering launched for protecting industrial control system environments
    http://www.controleng.com/single-article/new-managed-cyber-security-service-offering-launched-for-protecting-industrial-control-system-environments/9b44ee9927a91e7ed307f05fb164847c.html?OCVALIDATE&ocid=101781&[email protected]

    Siemens introduces a comprehensive security service, aiming at control system asset owners in process and discrete industries. Video: Galina Antova and Roger Hill explain threat developments driving the launch.

    Siemens Industry is rolling out its new Managed Security Service in the U.S., aimed at providing continuous protection to production environments. The offering includes assessment of security posture, implementation of recommended security measures, and transitions into ongoing defense against rapidly evolving cyber security threats in ICS (industrial control system) environments. The new offering will first be introduced in the U.S. followed by Europe and Asia.

    The Industrial Security Services group expands on the existing Siemens security portfolio by providing holistic protection to manufacturing sites. Siemens says its approach is to partner with customers to help them build sustainable industrial security programs, by leveraging expertise in automation and industrial cyber security.

    “Global cyber threats are rapidly evolving, and it also takes continuous and comprehensive action to protect production environments,” says Jagannath Rao, president of Industry Customer Services. “This new managed service will allow customers to stay focused on their core business while entrusting the implementation of their security program to Siemens as a knowledgeable partner.”

    Reply
  16. Tomi Engdahl says:

    Fighting Product Fatigue in the Factory
    http://www.designnews.com/author.asp?section_id=1386&doc_id=270778&cid=nl.dn14

    On the plant floor, parts wear out. Motors and drives wear out. The whole range of machinery eventually wears down from near-constant use. In the past, companies dealt with product fatigue by setting up strict maintenance and replacement schedules that required downtime. The idea was to replace the part before it broke or began to lose its efficiency and dependability. That has changed as part maintenance has evolved from preventive maintenance to predictive maintenance and finally to condition-based maintenance.

    The idea of condition-based maintenance is to replace the part based on its useful life rather than replacing it on a schedule that calls for replacement whether the part was nearing its end of life or not. Condition-based monitoring lets the plant engineer — or that machine owner — watch the part and determine its condition continually. Only when it shows signs of wear is it replaced.

    Parts manufacturers, machine builders, and control vendors now have the tools to monitor the condition of the machinery and parts. Because of this, the whole notion of when to shut down the plant for routine maintenance has changed. “The condition-based monitoring tools are used by the end user (the control team at the plant) and also the machine builder,”

    The monitoring helps plant operators see whether the machine is working properly, which prevents unplanned shutdowns. Sometimes that involves checking wear on the part; sometimes that means checking the machine for efficiency. “

    One of the major advantages of condition monitoring is that it doesn’t have to be done on site. Like many other new technologies for the plant, condition monitoring puts the intelligence in the hands of the experts, leaving the plant operators to concentrate on operations rather than maintenance. Automation vendors often put the actual monitoring in the hands of the machine builders so they can take full ownership of the machine’s health on the ground.

    Mechatronics in the mix
    The condition monitoring also includes testing of the mechanics and the electronics in the machines. Mechatronics now dominates plant automation, so the monitoring takes a mechatronics approach. “We can do stuff like circularity tests on the machine. We have tons of drives that are used, and we can check the mechanical condition of the machine tool,” said Legg. “It’s all mechatronics, electronics, and the mechanics moving together where the control meets the machine.”

    Mindset to the future
    Before condition monitoring was available, plants managed their machines and parts with planned maintenance and planned downtime. Smaller shops would just try to get by, running their machines until they broke. “This type of technology is not necessarily breakthrough technology, yet it’s still in its infancy,” said Legg. “It’s the mindset shift behind condition monitoring that’s important.”

    Reply
  17. Tomi Engdahl says:

    Machine Safety: Safe enough versus compliance, 8 compliance best practices
    http://www.controleng.com/single-article/machine-safety-safe-enough-versus-compliance-8-compliance-best-practices/06be90886d6a0a4cd7f20439eddfcbe4.html

    How does “safe enough” compare to “compliance”? It doesn’t. Not having accidents for a period of time doesn’t mean there isn’t risk. See these eight machine safety compliance best practices.

    1. Have all risks and hazards actually been identified?

    2. Do you have copies of all appropriate safety standards?

    3. How thoroughly are the identified risk levels defined and scored?

    4. How effectively are the identified hazards mitigated?

    5. Have you met or exceeded all OSHA regulations and requirements?

    6. Have you met or exceeded your company’s safety policy requirements?

    7. Is your process effectively documented?

    8. Does your safety culture celebrate safety success stories?

    Reply
  18. Tomi Engdahl says:

    Fully Integrated Automation Lives in the PLC
    http://www.designnews.com/author.asp?section_id=1386&doc_id=271175&cid=nl.dn14

    Automation has come a long way in a few short years. As automation networking grew, it made life more complicated for the control engineer. Over time, there’s been a reverse trend. Automation systems are becoming easier to deploy. For many years, the expense of developing and maintaining the automation system was high compared to the system’s total cost. That has changed significantly. Now, much of the development and maintenance work is embedded in the systems itself, much of it through the use of PLCs.

    Like many other vendors, Siemens Industry has worked to make automation easier for the user. “We’ve always had high integration with the tools that do the automation control,” Tim Parmer, product consultant and manager of factory automation at Siemens Industry, told us. “Starting in the mid-90s, we had the architecture of distributed control. The new trend is to make it easier to use. We now have software for PLCs in one integrated package that does it all” — control, setup, configuration, security, and safety.

    One of the big benefits of fully integrated control is the ease of setup and operation for the control engineer. Ease of use quickly translates into efficiency. The control engineer no longer needs to synchronize the multiple hardware components.

    The ease of deploying automation systems comes partly through PLC management platforms that gather the automation tools together.

    One of the biggest headaches that developed in automation in recent years is security. Network security has caused rifts between the control team and the company’s IT department, and advances in hacking have painted doomsday scenarios for plants across the world. Some tools for fighting intrusions are now showing up in the PLC. “Our security is built into the PLC. We have built protection from cyberattack into the PLC. It’s located between the HMI and the PLC. We put password-level protection there.”

    For decades, safety and control functions were church-and-state separate. The approach was awkward and costly, but it was assured there would be no compromises between the two networks. That separation is now handled digitally on the same network, bringing cost reductions and ease of use to the plant. “We’ve had a strong base in integrated safety since the mid-90s, when the US standards started to allow the integration. Safety has been integrated into our controller since that day. All of our PLCs come with or without the safety integrated.”

    Many recent developments in automation have focused on increased intelligence in the PLC, particularly in the area of motion control.

    Reply
  19. Tomi Engdahl says:

    Software-Designed PACs: Think Subroutine, Not Sub-Controllers
    http://www.designnews.com/document.asp?doc_id=271186&cid=nl.dn14

    Today’s controls engineers face pressure to simplify system complexity as they are tasked with increasingly complex problems. Unfortunately, solutions to these challenges are difficult to define; so overall market trends are discussed in an attempt to distill escalating complexity. Motors, once viewed as large pieces of iron that would last for decades, are now monitored and scrutinized for the earliest signs of failure or the slightest hint of efficiency loss. Control inputs to cutting tools have evolved from the binary “cut or stop cutting” approach to complex vision-guided force-feedback schemes that detect media edges, density, and respond with the precise amount of cutting force. These examples support the real need to integrate commercial technology to keep pace with both market pressures and increasingly complex control problems.

    Fortunately, commercial technology continues to advance for control designers.

    This may sound a bit foreign to control designers more familiar with ladder logic than logic gates, but all PACs, PLCs, and embedded controllers contain processing elements. Many contain FPGAs or ASICs used for signal processing and timing.

    At a basic level, subsystems join hardware and software to serve a specific function such as a temperature control system where the hardware inputs are temperature sensors, the outputs control a fan or heater, and the software logic for the system could range from a simple limit function to a more advanced PID algorithm. In complex machines, advanced subsystems are a separate design on a custom board that communicates back to the main controller via a cabled bus. With new PAC technology, the separate, optimized hardware design can be incorporated into a single controller.

    Regarding the hardware, many sub-controllers already use modular I/O and the advanced capabilities of new embedded controllers help reduce the need for custom FPGA/ASIC hardware design.

    With some of the design focus switching to software it’s important that software tools are available to more easily program the available processing technology. The most common programming standard for PACs/PLCs is some form of IEC 61131.

    The 61131 is an abstract language that focuses on sequential, digital-heavy process and control, but it is not designed to handle advanced programming or to target FPGA/DSP fabric. Many advanced control designers look to a standard programming language such as C for embedded design, and although C can handle nearly any task or processing target, it’s a low level language that requires more expertise and time to implement a subroutine design.

    Other environments exist in the space between

    Programming syntax aside, ensuring system designers’ access to commercial technology is essential to overcoming increasingly complex challenges such as changing standards and the pressure to innovate faster at a lower cost.

    The next generation of embedded controllers will not replace many of the old stalwarts of the process world. Rather, these controllers are ideal for the next generation of smart machines and are best suited for more advanced designers looking to get to market faster with a more simplified architecture.

    Reply
  20. Tomi Engdahl says:

    Thirteen year old Windows XP operating system is still widely used, even if the manufacturer of the Microsoft support ends in April. From this point on it is a very limited and expensive to support.

    XP machines continues to be guided up to the automation lines and control systems, as well as factory control room SCADA terminals. The system is also used in medical devices.

    - Even in modern production machine is not always dare to update because the update at worst, may cause interruptions in production, says IT company CGI ‘s leading Finnish security expert Jan Mickos .

    Mickos says that in the plants are still in use even more older Windows 95 operating system, which updates have stopped a long time ago.

    Although the actual XP support ends in April, Microsoft will sell a special tailor-made to support large additional cost.

    - We have fixed a price on a customizable so that the customer will understand, that it is wise to upgrade to a newer operating system. Small and medium-sized businesses or entrepreneurs are not able to buy it, says Tom Toivonen Finland Microsoft.

    Microsoft did not disclose the price of the special support. Techniques & economic information, tailor-made support can cost big companies millions of euros a year, and it is intended to protect critical systems.

    Special support can be purchased with these views for 2-3 years.

    Source: Tietoviikko
    http://www.tietoviikko.fi/uutisia/windows+xp+tuki+jatkuu+ndash+mutta+vain+kovalla+rahalla/a962450

    Reply
  21. Tomi Engdahl says:

    GE Gets a Touch Closer to Automation Data
    http://www.designnews.com/document.asp?doc_id=271216&cid=nl.dn14

    In a further step toward putting automation data at the control engineer’s fingertips, GE Intelligent Platforms has released QuickPanel+, an operator interface that takes the embedded data historian and connects it to a touchscreen. QuickPanel+ is designed to be a general-purpose interface capable of connecting to a variety of industrial PLCs and PACS. The goal was to provide faster processing speeds and more memory while delivering a view of control information and historian data in a single device.

    In the spirit of giving industrial users the ease of a consumer product, GE uses capacitive touchscreen technology to make the device as responsive as a tablet or smartphone

    Just as smartphones and tablets are competing function against function, automation interfaces have also become a competitive field. Plant operators are beginning to expect their work devices to match the intelligence of their home devices. “Customers want better intelligent machines, to operate them smarter, and redefine the interaction with their equipment,”

    Anger said the device runs on a Windows operating system that can also draw on multi-media resources within the plant as well as resources on the Internet.

    QuickPanel+ is available now in 7-inch and 12-inch screen formats.

    “Features like password authentication, role permissions, hardening of the OS to stop unwarranted traffic, and disabling unessential services by default helps makes QuickPanel+ more secure. In addition, we are taking it through Achilles testing.”

    Reply
  22. Tomi Engdahl says:

    If This Is Cyberwar, Where Are All the Cyberweapons?
    http://www.technologyreview.com/news/523931/if-this-is-cyberwar-where-are-all-the-cyberweapons/

    The discovery of Stuxnet in 2010 seemed to herald a new age of cyberwar, but that age has yet to materialize.

    Industrial control professionals and academics complain that the information needed to research future attacks are being kept out of the public domain. And public utilities, industrial firms, and owners of critical infrastructure are just now becoming aware that systems they assumed were cordoned off from the public Internet very often are not.

    Meanwhile, technology is driving even more rapid and transformative changes as part of what’s called the Internet of things.

    Without proper security features built into industrial products from the get-go, the potential for attacks and physical harm increase dramatically. “If we continue to ignore the problem, we are going to be in deep trouble,” Langner said.

    Reply
  23. Tomi Engdahl says:

    Machine Safety: Year over year safety automation growth outpaces general automation
    http://www.controleng.com/single-article/machine-safety-year-over-year-safety-automation-growth-outpaces-general-automation/0c46462d637ddb9d7814b16ac1935ad4.html

    Safety automation growth is outpacing growth in general automation. See these seven reasons

    Reply
  24. Tomi Engdahl says:

    Mobile woes: Modems expose control panels
    http://www.controleng.com/single-article/mobile-woes-modems-expose-control-panels/367d2830d2a1f2159e01fab245af8304.html

    In another scenario where mobile devices have an inherent lack of security, vulnerabilities in 3G and 4G USB modems can end up exploited to steal login credentials or send premium rate text messages, a researcher said

    Devices managed via their built-in web servers are vulnerable to cross-site request forgery (CSRF) attacks

    The problems all stem from a lack of consideration for security in the design of cheap consumer communications kit and, more particularly, a lack of testing

    Reply
  25. Tomi Engdahl says:

    Safety does not come out of a box
    http://www.controleng.com/single-article/safety-does-not-come-out-of-a-box/dbc90b2f0fcd178f26deef9e6b9e1e0d.html

    The solution to making your process plant a safer place isn’t something you can buy. Much of it depends on changing the ways your people work and think.

    Working with safety instrumented systems (SISs) for more than 20 years has taught me that technology alone cannot make process plants safer places to work.

    We all have heard the saying, “If you don’t know where you’re going, any road will take you there.” When it comes to risk reduction, we need to have frank and open discussions about the risks we’re facing so we can be clear on where we’re going.

    While that may seem like the most obvious point, think of the number of times that safety culture, or a lack of it, is found among the top causes of incidents and accidents in process industries.

    One aspect of the design process is creating a comfortable operating environment. On any given day, operators need to sustain a high level of alertness and a clear understanding of exactly where the process is as it moves through the production cycle. This requires having real-time access to critical information to support decision making.

    Reply
  26. Tomi Engdahl says:

    Energy firms’ security so POOR, insurers REFUSE to take their cash
    They’re turning down MULTI-MILLION pound contracts…
    http://www.theregister.co.uk/2014/02/27/energy_sector_refused_cyber_insurance/

    Underwriters are reportedly refusing to insure energy firms because poor security controls are leaving them wide open to attacks by hackers and malware infestations.

    Lloyd’s of London told the BBC they had seen a surge in requests for insurance from energy sector firms but poor test scores from security risk assessors means that insurers are turning down potential multi-million pound contracts.

    Infosec experts called in to review energy sector systems come back with negative reviews. And that means offering “safety net” insurance against breaches is not viable as a business proposition.

    “We would not want insurance to be a substitute for security,” Khudari explained.

    Industrial control plants at power utilities and other energy sector firms, as elsewhere, rely on SCADA (Supervisory Control and Data Acquisition) technology. These legacy systems are increasingly being connected to the internet, essentially to make them easier to manage remotely. At the same time, more and more security problems are being discovered by security researchers investigating industrial plant security in the wake of the infamous Stuxnet worm, which has made research into the formerly overlooked topic “sexy”.

    More and more problems are being discovered in crucial systems that are rarely patched and this creates a recipe for disaster.

    With all this in mind, it’s no great surprise to find energy firms turning down energy sector insurance contracts.

    “Energy firms seeking insurance against cyber-attacks shows the vulnerability of our critical infrastructure is finally hitting home,”

    “However, insurance is only a plaster over these underlying weaknesses. Organisations need to act now to protect their networks and address the unique nature of interconnected real-time control systems. Encryption of data in transit and rigorous authentication protocols, for example, should become de rigueur,” said McIntosh.

    Reply
  27. Tomi Engdahl says:

    Energy firm cyber-defence is ‘too weak’, insurers say
    http://www.bbc.com/news/technology-26358042

    Power companies are being refused insurance cover for cyber-attacks because their defences are perceived as weak, the BBC has learned.

    Underwriters at Lloyd’s of London say they have seen a “huge increase” in demand for cover from energy firms.

    But surveyor assessments of the cyber-defences in place concluded that protections were inadequate.

    Energy industry veterans said they were “not surprised” the companies were being refused cover.

    “They are all worried about their reliance on computer systems and how they can offset that with insurance,” she said.

    Any company that applies for cover has to let experts employed by Kiln and other underwriters look over their systems to see if they are doing enough to keep intruders out.

    Unfortunately, said Ms Khudari, after such checks were carried out, the majority of applicants were turned away because their cyber-defences were lacking.

    Financial pressures and the ability to manage systems remotely was inadvertently giving attackers a loophole they could slip through, said Nathan McNeill, chief strategy officer at remote management firm Bomgar.

    Trying to cut costs by linking up plant and machinery to a control centre so they could be managed remotely meant those systems were effectively exposed to the net, he said.

    “If something has basic connectivity then it will become internet connectivity through some channel,” he said.

    This left critical infrastructure exposed, he said, because typically the control systems for such hardware was written long before the web age and had only rudimentary security tools.

    Known as Scada (Supervisory Control and Data Acquisition), this software has come under increasing scrutiny by security researchers who have exposed many flaws in it.

    Reply
  28. Tomi Engdahl says:

    Is Analog The Answer To Cyber Terrorism?
    Posted by: Paul Roberts March 17, 2014 09:401 comment
    https://securityledger.com/2014/03/is-analog-the-answer-to-our-digital-insecurity-dilemma/

    Ralph Langner is one of the foremost experts on the security of critical infrastructure that we have. So, generally, when Ralph says something – whether its about Stuxnet, or cyberwar or the security of nuclear power plants – folks listen.

    And these days, Ralph is wondering, out loud, whether our reliance on digital systems to manage critical infrastructure has gone too far. The answer, he suggests, may be to go “back to the future,” as it were: reintroducing analog systems into the control process chain as a backstop for cyber attacks.

    Writing on Saturday, he said that the critical infrastructure sector is in a headlong rush to replace aging, analog control system infrastructure with modern, digital systems. Software based control infrastructure, he notes, offers many advantages – flexibility, the possibility of remote operation and management and access to a much larger pool of talent and expertise. Engineers who understand and can manage analog systems are, after all, a dying breed – literally.

    But Langner cautions against the wholesale embrace of digital systems by stating the obvious: that “every digital system has a vulnerability,” and that it’s nearly impossible to rule out the possibility that potentially harmful vulnerabilities won’t be discovered during the design and testing phase of a digital ICS product.

    “It would seem to follow that if …the hacking of digital safety systems at nuclear power plants was unacceptable, then analog control of safety systems ought to be a viable option on the table,” he writes.

    Reply
  29. Tomi Engdahl says:

    As a compromise, one can always do something similar to this:

    1: Get two machines with a RS232 port. One will be the source, one the destination.

    2: Cut the wire on the serial port cable so the destination machine has no ability to communicate with the source.

    3: Have the source machine push data through the port, destination machine constantly monitor it and log it to a file.

    4: Have a program on the destination machine parse the log and do the paging, etc. if a parameter goes out of bounds.

    This won’t work for high data rates, but it will sufficiently isolate the inner subsystem from the Internet while providing a way for data to get out in real time. Definitely not immune to physical attack, but it will go a long ways to stopping remote attacks, since there is no connections that can be made into the source machine’s subnet.

    Source: Is Analog the Fix For Cyber Terrorism?
    http://it.slashdot.org/story/14/03/18/021239/is-analog-the-fix-for-cyber-terrorism

    Reply
  30. Tomi Engdahl says:

    Providing secure remote access to industrial Ethernet networks
    http://www.controleng.com/single-article/providing-secure-remote-access-to-industrial-ethernet-networks/eb65ec977290c7ad59a264e3fe61aeec.html

    You have many good reasons for wanting to access your networks remotely, but such access is not without potential threats. How can you keep those networks secure?

    Firewalls: First line of defense
    NAT and NAPT
    Secure tunnels with VPNs

    Reply
  31. Tomi Engdahl says:

    Getting to interoperable automation and controls
    ExxonMobil is working with automation suppliers, incorporating standards, delivering interoperability, and lowering costs. You should do the same. Virtualization can help.
    http://www.controleng.com/single-article/getting-to-interoperable-automation-and-controls/3c80294b686406063645c958ec9d0a81.html

    Just because an automation product complies with certain standards doesn’t mean it will be interoperable. Even interoperability is slippery. Should a product interoperate with other products within the company, with all products in that company’s partner list, with all other products that follow a particular version of a standard, or with all products that follow that standard? Or (and I believe this is what end users really expected by now), when you plug in products, they just work. And if they don’t self-configure, they should indicate what needs doing.

    Original equipment manufacturers and automation suppliers may say end users won’t pay for that level of functionality, or that even if customers mention standards in specifications (and some inexplicably do not), interoperability really isn’t required. Or OEMs may say they cannot offer best-in-class products inside machines or within processing lines if they’re held to that level of functionality.

    Reply
  32. Tomi Engdahl says:

    Why manufacturing virtualization? 3 short and easy answers
    Virtualization can seem intimidating to begin, perhaps in part because it may require involving those from IT. Here are three reasons to help you get started, according to Rockwell Automation.
    http://www.controleng.com/single-article/why-manufacturing-virtualization-3-short-and-easy-answers/aeafd5702d09b11692aec34d7692c840.html

    Virtualization can seem intimidating to begin, perhaps in part because it may require involving those from IT. Virtualization breaks the link between operating systems and physical hardware and allows multiple instances of an operating system with independent applications on the same hardware.

    Reply
  33. Tomi Engdahl says:

    What the Internet of Things Will Mean for CIOs
    http://www.cio.com/article/747634/What_the_Internet_of_Things_Will_Mean_for_CIOs

    “Our 2013 networks and telecommunications survey shows that more than 50 percent of companies have no interest and/or no plans to implement machine-to-machine or Internet of Things capabilities, while just 8 percent tell us they have implemented M2M or IoT systems.”

    Lack of interest, according to Forrester, begins with security concerns (37 percent), followed by costs (32 percent), technology immaturity (25 percent), integration challenges, migration and/or installation risks and regulatory issues.

    Reply
  34. Tomi Engdahl says:

    Appropriate automation: Human system dynamics for control systems
    http://www.controleng.com/single-article/appropriate-automation-human-system-dynamics-for-control-systems/281b65246e0f5fd97c10961736c8c66d.html

    Technology Update: Distilling a basic control problem to its essence can show what cannot be automated, which is induction. Automation can facilitate induction; induction cannot (yet) be automated.

    Reply
  35. Tomi Engdahl says:

    Are Microsoft technologies still best for process control systems?
    http://www.controleng.com/single-article/are-microsoft-technologies-still-best-for-process-control-systems/eba959613f8b0a8c24ffde31227d768f.html

    Use of Microsoft technologies is creating growing concerns among senior designers and senior architects in control system suppliers. Microsoft technology is widely used as the underlying basis for process control systems, such as supervisory control and data acquisition (SCADA), human machine interface (HMI), distributed control system (DCS) displays, historians, manufacturing execution systems (MES), and batch execution systems. Since 1998, when Microsoft Windows 98 was released, the Microsoft Windows platform has been the de facto standard for most control system suppliers.

    Control system suppliers have applied consumer technologies as they have become reliable enough for industrial applications.

    Continual change is not what control systems need. Many control systems have lifetimes of 20 to 30 years.

    a great opportunity for mistakes and errors that can stop production and risk plant safety.

    6 critical process control needs
    Process control vendors require:

    1. A system with a minimal attack surface, so that biweekly or monthly patches are not required
    2. A consistent programming interface that will not change every four to five years, requiring a complete rewrite of their software
    3. An environment that can be quickly and safely “locked down” to reduce the risk from hacking
    4. A system with limited network access, only through specific ports to reduce the risk of network based attacks
    5. Support for priority-based multi-tasking, preferably a real-time operating system (RTOS) that supports hard real-time requirements
    6. A robust ecosystem of utilities and tools to make development, installation, debugging, and maintenance as easy as it is on consumer systems.

    The process automation market is estimated at about $130 billion, more than large enough to support a dedicated software infrastructure market.

    the process control market can force current suppliers, like Microsoft, Apple, and Google, to develop systems designed for process control, or the process control vendors may collectively move to Linux derived systems. Only time will tell

    Reply
  36. Tomi Engdahl says:

    Machine Safety: Moving automation changes safety needs
    http://www.controleng.com/single-article/machine-safety-moving-automation-changes-safety-needs/578bc9d25b3545334064059fe2098e91.html

    Safety considerations change as the source of hazards transforms, such as on moving workstations like automated guided vehicles (AGVs). Even Boeing’s 787 Dreamliner is assembled on slow moving AGVs. How can guarding for operator safety accommodate changing hazard levels during assembly?

    Reply
  37. Tomi Engdahl says:

    Virtual manufacturing environment: 4 ways to transition
    http://www.controleng.com/single-article/virtual-manufacturing-environment-4-ways-to-transition/ec6cdb8136c24ae45ee6a645755a1cef.html

    Here’s what to consider when transitioning to a virtualized manufacturing environment. Look at upgrade timing, assess limits and needs, and minimize failures.

    Ask IT executives about priorities for the year, and increased use of server virtualization is likely to be on long lists that include security, operating system upgrades, improving collaboration capabilities, and better enabling the mobile workforce. In fact, 53% of IT managers cited virtualization as a top priority for 2013, second only to data protection, in a recent survey of 3,200 IT managers conducted by IT Manager Daily.

    Manufacturing companies are about average in terms of adoption of the technology overall-they’ve virtualized approximately 34% of servers, according to a 2011 study conducted by VMWare. Although the technology is steadily becoming more commonplace, the study suggests significant variability in understanding and expertise. These gaps likely indicate operational differences that could be affecting virtualization deployment.

    Successfully implementing virtualization in a manufacturing environment requires a number of special considerations

    Reply
  38. Tomi Engdahl says:

    Building sustainable value through improved reliability
    http://www.controleng.com/single-article/building-sustainable-value-through-improved-reliability/acc5b048bba6fb0f4a9eeaaccf19644b.html

    Creating a four-fold framework for instrument reliability has earned Dow Chemical’s Deer Park facility the HART Plant of the Year Award.

    Reply
  39. Tomi Engdahl says:

    Integration of remote HMIs
    That new pump skid just installed has its own HMI. What should you expect to see on that screen, and how should it interface with the larger control system?
    http://www.controleng.com/single-article/integration-of-remote-hmis/77ded3594725660271dc8f9f241b7663.html

    Reply
  40. Tomi Engdahl says:

    Providing secure remote access to industrial Ethernet networks
    http://www.controleng.com/single-article/providing-secure-remote-access-to-industrial-ethernet-networks/ff06a84312e73cfa224e6a3ad5b4c83c.html

    You have many good reasons for wanting to access your networks remotely, but such access is not without potential threats. How can you keep those networks secure?

    Ethernet-enabled automation environments are just as secure as their fieldbus-based predecessors, and their IT counterparts. While firewalls and VPNs are important pieces of the puzzle, and crucial for providing secure access to remote users, it takes additional layers of security to ensure a true, defense-in-depth security model. Always keep in mind: security is a lifestyle, not just a checkbox.

    Reply
  41. Tomi Engdahl says:

    Boosting productivity, innovation and business agility requires the adoption of effective industrial physical network infrastructure strategies that connect the Enterprise throughout the Factory with reliable and actionable information.

    Best-in-class manufacturers can achieve as much as 99.9% uptime and 90% OEE, providing their organizations lower total cost of ownership (TCO) and greater operating margins. Physical network design plays an important role.

    Source:
    https://event.webcasts.com/starthere.jsp?ei=1031645&utm_source=emailcampaign1203&utm_medium=phpList&utm_content=HTMLemail&utm_campaign=Webcast%3A+A+Standards-Based+Approach+to+the+Industrial+Physical+Network

    Reply
  42. Tomi Engdahl says:

    Case study: Evolving SCADA toward energy management
    http://www.controleng.com/single-article/case-study-evolving-scada-toward-energy-management/71a4b282eceeeb6998f805fad6dddbeb.html

    Monroe County Pure Waters, the association responsible for protecting water resources in Monroe County, N.Y., implemented a new SCADA system to protect itself from Y2K threats and continues to reap benefits even 14 years later.

    Today what was originally designed as a wastewater utility’s replacement of a SCADA software from a non-Y2K compliant mainframe system has become much more.

    Reply
  43. Tomi Engdahl says:

    Interview: Cisco’s security supremo on the Internet of Everything
    El Reg asks Chris Young how we can stop the IoT becoming a $19 TREELLLION honeypot
    http://www.theregister.co.uk/2014/03/24/interview_ciscos_chris_young_on_internet_of_everything_security/

    you have to optimise your security model for the business context, and the environment in which you operate.

    If you’ve got a device that’s 100 miles offshore on an oil platform, then yes, you’re going to need to be able to remotely manage and update that, because you can’t physically go and swap something out.

    But if you’ve got virtual machines in the data centre, maybe you want to kill those every night, and reboot them in the morning with a “golden image”, so you’ve got really good certainty that nothing bad has happened to that machine.

    That could be: “This is a machine, it has this image on it, it belongs to this group. Its normal behaviour looks like this, so if one day it behaves like this, then we have a problem”
    The context in which those two different environments operate is very deterministic around what the security model will and won’t allow.

    Reply
  44. Tomi Engdahl says:

    Gas Technology: Digital Age management
    With tools such as digital loggers and wireless communications, systems operators can get an accurate picture of plant energy usage patterns.
    http://www.plantengineering.com/single-article/gas-technology-digital-age-management/78499795fc1114d4313f6e9e42ed617b.html

    Today’s industrial energy systems are complex and sophisticated. Necessarily, Many newer pieces of equipment already have data channels for energy use that can deliver data to a central system. This control area for gas turbine generation has such capabilities. Courtesy: Solar Turbines. systems that monitor and optimize energy usage must also be complex and sophisticated. Too often, owners install new plant equipment or building comfort systems without consideration of how to monitor those systems’ operating efficiency.

    Fortunately, with tools such as digital loggers and wireless communications, we can correct for these omissions and get an accurate picture of plant energy usage patterns. It’s not enough to look at monthly bills for natural gas, electricity or steam to determine if you can save energy. You need to look at where it is being used, with the ability to evaluate hourly and daily usage patterns.

    Unless your company has an experienced energy management staff, you will want to look for help from an energy consultant.

    Energy monitoring experts indicate that nearly always, the process will involve adding additional sub-metering equipment, and data terminals to receive the information. Mason says, “It’s just like asking how to trim a budget without bank statements to see where you are spending money. It starts with metering.”

    Increasingly, data collection systems take advantage of wireless data transmission.

    An interesting development in recent years has been the development of “conversion” sensors that can read analog devices such as gauges, convert the data to a digital signal, and transfer it wirelessly.

    “The data in digital form is shared using open industry protocols including OPC and BACnet. Also the data can be downloaded using FTP and HTTP protocols. We have been integrated with systems such as Honeywell, Emerson, Rockwell Automation, Schneider, Johnson Controls, Siemens, Trane and others.”

    Reply
  45. Tomi Engdahl says:

    IT Security is National Security — but You’re Not Alone
    Managing the danger of cyberattacks has to involve all parts of an enterprise, speakers tell a Kaspersky conference
    http://www.cio.com/article/751671/IT_Security_is_National_Security_but_You_39_re_Not_Alone?taxonomyId=600007

    “If the private sector goes down, and critical infrastructure, [then] more often than not … you have national security at risk as well,” said Tom Ridge, who led the new Department of Homeland Security in the wake of the Sept. 11, 2001, terror attacks. Because government relies so much on critical infrastructure such as power grids, communications networks and transportation, and because of the way malware spreads, the line between attacks against states and attacks against companies is blurry.

    Reply
  46. Tomi Engdahl says:

    Remote machine management promises numerous operational improvements, including more efficient energy use
    http://www.controleng.com/single-article/remote-machine-management-promises-numerous-operational-improvements-including-more-efficient-energy-use/530885e705a9925512b0730c6baa994d.html

    While smart factories in which every step in the value chain is automatically tracked and recorded may still be a distant prospect, technology that allows remote management of at least of some plant equipment is becoming mainstream.

    Technical management of plant and equipment can be a highly complex and expensive business, especially if they are in use all over the world. That is why manufacturers and maintenance providers have for several years been on the lookout for ways to manage machinery remotely. One of the first ways was to use serial interfaces. For more than 25 years they have been incorporated in different devices—from elevators via medical instruments to heating, ventilation, and air conditioning systems. Technicians were able to access machines, albeit only on-site to begin with. To facilitate remote access, circuit-switched networks gradually came into use, but most companies chose not to make use of this option because of the low bit rates and high costs.

    Machine-to-machine (M2M) solutions now provide a better alternative. They are much less expensive, run at higher bit rates, and enable maintenance personnel to access plant and equipment remotely via their tried and tested software. A mobile network-based terminal is connected to the serial interface. The device lengthens the serial interface by establishing a secure connection via an encrypted tunnel to a server in the corporate network or to a mobile terminal device. Authenticated users can thereby access the machine from anywhere.

    Reply
  47. Tomi Engdahl says:

    All at sea: global shipping fleet exposed to hacking threat
    http://www.reuters.com/article/2014/04/24/us-cybersecurity-shipping-idUSBREA3M20820140424

    The next hacker playground: the open seas – and the oil tankers and container vessels that ship 90 percent of the goods moved around the planet.

    As industries like maritime and energy connect ships, containers and rigs to computer networks, they expose weaknesses that hackers can exploit.

    Hackers recently shut down a floating oil rig by tilting it, while another rig was so riddled with computer malware

    “Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules,” a NATO-accredited think-tank wrote in a recent report. “These technological changes have opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities.”

    A recent study by security company Rapid7 found more than 100,000 devices – from traffic signal equipment to oil and gas monitors – were connected to the internet using serial ports with poor security.

    Reply
  48. Tomi Engdahl says:

    Stanford Report, April 24, 2014
    When it comes to security at nuclear facilities, danger likely lurks from within, Stanford scholar says
    http://news.stanford.edu/news/2014/april/nuclear-security-risks-042414.html

    The greatest dangers to nuclear facilities are sabotage and theft from insiders, according to political scientist Scott Sagan. Analysis of past incidents can help boost safeguards at these sites.

    Insider threats are the most serious challenge confronting nuclear facilities in today’s world, a Stanford political scientist says.

    “We usually lack good and unclassified information about the details of such nuclear incidents,”

    In their paper, the authors offered some advice and insights based on lessons learned from past insider incidents:

    Don’t assume that serious insider threats are NIMO (not in my organization).
    Don’t assume that background checks will solve the insider problem.
    Don’t assume that red flags will be read properly.
    Don’t assume that insider conspiracies are impossible.
    Don’t assume that organizational culture and employee disgruntlement don’t matter.
    Don’t forget that insiders may know about security measures and how to work around them.
    Don’t assume that security rules are followed.
    Don’t assume that only consciously malicious insider actions matter.
    Don’t focus only on prevention and miss opportunities for mitigation.

    “Despite the creation of a stronger and more independent nuclear regulator to improve safety after the Fukushima accident in Japan, little has been done to improve nuclear security there,”

    Reply
  49. Tomi Engdahl says:

    Sat comms kit riddled with backdoors for hackers – researcher
    Right, shipmate, identify yourself. LOL? What’s your meaning?
    http://www.theregister.co.uk/2014/04/23/sat_comm_vulns/

    Security researchers claim to have uncovered myriad security problems with satellite communication systems. But while major manufacturer Iridium said the security weaknesses identified by security researchers at IOActive were in hand, Thuraya, another satellite comms service, has criticised the report as inaccurate.

    Multiple high risk vulnerabilities were uncovered in all SATCOM device firmware studied by IOActive.

    If one of these affected devices can be compromised, the entire SATCOM infrastructure could be at risk.

    Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oilrigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities.

    Reply
  50. Tomi Engdahl says:

    Machine safety standard merger: One global machine safety standard
    http://www.controleng.com/single-article/machine-safety-standard-merger-one-global-machine-safety-standard/5637ebf8f9831eb988745cc2692c1f20.html

    In a few years, could we just have one functional safety standard? The world has two predominantly accepted functional safety standards for machinery: IEC 62061, Safety of machinery: Functional safety of electrical, electronic and programmable electronic control systems, and ISO 13849-1, Safety of machinery – Safety-related parts of control systems – Part 1: General principles for design.

    A joint working group is looking at global functional safety standard unification. At present, there are two predominantly accepted functional safety standards for machinery in the world:

    IEC 62061, Safety of machinery: Functional safety of electrical, electronic and programmable electronic control systems, and
    ISO 13849-1, Safety of machinery – Safety-related parts of control systems – Part 1: General principles for design

    Reply

Leave a Reply to Tomi Engdahl Cancel reply

Your email address will not be published. Required fields are marked *

*

*