Automation

Improving SCADA and industrial control systems

Everyone agrees security for industrial systems should be easier to deploy and more effective.

February 26, 2013
/ Print / Reprints /
ShareMore
/ Text Size+

Improving SCADA and Industrial Controls Systems

Plenty of disagreement exists about how to make security for industrial systems easier to deploy and more effective, but everyone agrees that SCADA and Industrial Control Systems (ICS) need to—and can—improve. Eric Byres of Tofino thinks one improvement would be the implementation of better standards for information exchange between security solutions.

 “It is great to have the latest security technologies like VPNs, anti-virus firewalls, intrusion detection systems, etc. on your plant floor,” says Byres. “Unfortunately getting them to interact with each other can be like pulling teeth.”

In one example, consider a remote access VPN for connection to the central control system. A number of criteria could be involved in determining access privileges including possession of valid certificates or passwords, meeting current AV or patch levels, being in the right location or even holding the correct role at the company. Simply put, getting information out of the various systems and into the VPN is no cakewalk.

But, according to Byres, a new specification by the Trusted Computing Group (TCG) could solve the SCADA and ICS problem. TCG, a standards group focusing on vendor-neutral specifications for interoperable trusted computing platforms, is best known for creating the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) standards around Trusted Platform Modules (TPM). TPM are chips that store cryptographic keys to protect information and identify devices.

However it is a new TCG product, called Interface for Metadata Access (IF-MAP), that has Byres excited. He says that by standardizing the way devices and applications share data, IF-MAP could do for coordination and collaboration what IP did for connectivity.

TCG has released a draft specification called TNC IF-MAP Metadata for ICS Security that defines a multi-vendor, interoperable approach to protection control systems networks by providing a central “clearing house” for network security events and information. The specification is designed to facilitate the deployment, management and protection of large-scale secure industrial systems by creating virtual layer 2 and/or layer 3 overlay networks on top of a shared IP network infrastructure.

The specification is an example of a growing trend toward closer cooperation between standards groups to improve information and communications technology security, and is designed to align closely with the ISA/IEC concepts of zones and conduits.

The document has received feedback from the IT community, but Byres has urged SCADA and ICS professionals to read and comment on the specification as well. Comments may be sent to ics-metadata-comments@trustedcomputinggroup.org.

Did you enjoy this article? Click here to subscribe to Food Engineering Magazine.

Recent Articles by Shane O'Halloran

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

Plant of the Year 2014

Blue Diamond Growers was chosen as Food Engineering's 2014 Plant of the Year. The Sacramento-based company is the world’s largest producer of almonds and almond ingredients.

Podcasts

Burns & McDonnell project manager RJ Hope and senior project engineer Justin Hamilton discuss the distinctions between Food Safety and Food Defense as well as the implications for food manufacturers of the Food Safety Modernization Act.
More Podcasts

TYSON FOODS

Tyson Foods made headlines announcing the company intends to acquire Hillshire Brands in a deal valued at $8.55 billion. Do you think the acquisition will be beneficial for meat and poultry processors?
View Results Poll Archive

Food Engineering

FE August 2014

2014 August

The August 2014 issue of Food Engineering explores how your operation could be doing more to create a culture of employee engagement. Also, read more on how your business and insurance partners must know the basics of your business and its nuances as well.

Table Of Contents Subscribe

THE FOOD ENGINEERING STORE

Food-Authentication-Flyer-(.gif
Food Authentication Using Bioorganic Molecules

This text provides critical tools and data needed to augment routine food analysis and enhance food safety by aiding in the detection of counterfeit, and potentially deleterious, foods.

More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Food Master

Food Master Cover 2014Food Master 2014 is now available!

Where the buying process begins in the food and beverage manufacturing market. 

Visit www.foodmaster.com to learn more.

STAY CONNECTED

FE recent tweets

facebook_40.pngtwitter_40px.pngyoutube_40px.png linkedin_40px.pngGoogle +