The world's most capable, rugged and secure
industrial control system...
Introducing Bedrock OSA® Remote
- Intrinsically-secure PLC and RTU control
- 10 or 20 channels of universal I/O
- Free IEC 61131-3 engineering software
- -40ºC to +80ºC temperature range
- Rugged, all-metal case 5.4 in x 8.9 in x 2.3 in
Built-in Cyber Security vs. Built-in Cyber Security
November 22, 2019 | Robert Bergman
If any of today’s large vendors of automation systems offer cyber security protection, odds are good that it has been bolted on after the fact. Cyber security was not an issue when these systems were originally designed, so swapping them out now would be a major challenge for both the vendor and the end user. But those systems are due for update eventually and legacy vendors are now striving to build in as much security as they can.
We are starting to hear it now, and over the next five or so years, we expect to see more and more companies claiming to offer some degree of built-in cyber security. Although they will be guided somewhat by standards such as ISASecure – IEC 62443, each will likely interpret it and integrate it into their business model differently and to different levels. As you evaluate your next PLC, SCADA RTU, DCS or other industrial control system claiming to have built-in cyber security, ask the following questions to determine if you are getting maximum protection.
- ______ Is there an embedded public key infrastructure (PKI) to manage an encryption and authentication of messages based on a known 3rd party root of trust?
- ______ Does the authentication support Transport Layer Security (TLS) 1.2?
- ______ Is encryption compliant with NMIST SP800-57, Suite B?
- ______ Does the system have secure boot?
- ______ Does security extend to sub-components as well as to the device itself?
- ______ Is there anti-tamper protection at the component level?
- ______ Are the modules all-metal, anti-tamper, sealed and FIPS 140-2 compliant?
- ______ Does the system use a pin-less I/O backplane?
- ______ Is the system firmware secure and protected?
- ______ Are open communications protocols such as OPC UA and MQTT secure and protected?
- ______ Does the system have a secure component supply chain?
- ______ Does the system have the built-in bandwidth to support high-performance hardware accelerators without disrupting performance?
- ______ Is the security included in the basic cost of the control system?
For a truly intrinsically secure control system, the answers to all these questions must be yes. For more detail on them and many other essential components of an intrinsically secure system, download our white paper: Chapter Three: Intrinsic Cyber Security Fundamentals.