Tofino™ Enforcer revolutionizes Modbus TCP/IP security
For the first time in the history of industrial automation, a security module designed specifically for managing the leading SCADA protocol, Modbus TCP, is commercially available.....
FULL RELEASE:
TOFINO™ ENFORCER™ REVOLUTIONIZES MODBUS TCP/IP SECURITY
New Modbus-IDA Certified Security Solution Addresses Governement Security Concerns for SCADA
Oct 14, 2008 – ISA Expo, Houston, Texas
For the first time in the history of industrial automation, a security module designed specifically for managing the leading SCADA protocol, Modbus TCP, is commercially available. Byres Security Inc. and MTL Instruments, a division of Cooper Crouse-Hinds, today are introducing the Tofino™ Modbus TCP Enforcer™ Loadable Security Module (LSM), which performs detailed analysis and filtering of all Modbus TCP messages, and is certified by Modbus-IDA. It allows owners of control and SCADA systems to regulate Modbus network traffic to a level of detail that has never before been possible, thereby increasing network security, reliability and performance of critical systems.
“The ability to filter individual MODBUS commands has tremendous potential to improve the security of our control networks” stated Daniel Lacroix, Corporate Information Security Officer for The St. Lawrence Seaway Management Corporation (SLSMC). The SLSMC operates over 30 locks and bridges on the Canadian side of the St. Lawrence Seaway, a major marine transportation system that carried over 43 million tonnes of cargo in 2007.
“Deep packet” or “content” inspection for web email or traffic has been offered in IT firewalls for several years, but nothing has been available for the process control or SCADA world. Modbus traffic could either be allowed or blocked by a standard firewall, but fine-grained control was impossible. And since the smooth flow of Modbus TCP traffic is critical to the average industrial facility, engineers usually opted to let everything pass and take their chances with security. Industry experts have been urgently calling for better control of SCADA protocols. This spring a major US Government agency warned major energy companies:
“A vulnerability has been identified and verified within the firmware upgrade process used in control systems deployed in Critical Infrastructure and Key Resources (CIKR)… development of a mitigation plan is required to protect the installed customer base and the CIKR of the nation. Firmware Vulnerability Mitigation Steps [includes] blocking network firmware upgrades with appropriate firewall rules.”
Two global energy companies and a major transportation company have trialled the Tofino™ Modbus™TCP Enforcer™ LSM and have been very excited with how it allows them to follow the government’s guidance and enhance both the security and stability of their systems. They have been able to restrict Modbus functions in numerous ways:
-
Blocking all firmware upgrades, while allowing normal HMI traffic.
-
Tailoring appropriate Modbus access permissions to PLCs for different stations, such as read-only for monitoring panels, read/write for HMIs, and full programming and diagnostics access for PLC engineering workstations
-
Restricting Modbus access permissions to specific memory locations in a controller
-
Providing enhanced security and protection for any Modbus TCP device, including filtering of invalid traffic that could cause denial of service or system failures
-
Enforcing read-only access to Safety Instrumented Systems for enhanced isolation and safety
“The ModbusTCP Enforcer™ is another key step in our Tofino™ Zone Level Security™ strategy”, notes Eric Byres, CTO at Byres Security Inc. “Tofino™ provides tailored protection for groups of PLCs, DCSs RTUs and HMIs and does it in a way that is simple to implement for control engineers. Security is taken care of, and focus can be maintained on keeping processes running safely and efficiently.”
Availability
The Tofino™ Modbus TCP Enforcer™ LSM is available worldwide as of Oct 14, 2008 from MTL Instruments.
About Byres Security Inc.
Byres Security Inc. develops industrial security technologies for critical infrastructure companies in the oil and gas, power chemical and manufacturing sectors. Its flagship product, the Tofino™ Industrial Security Solution, is a unique hardware and software security system that provides Zone Level Security™ (ZLS™) – tailored, protection for zones of control devices. Tofino is simple to implement, does not require downtime, and takes care of security while focus is maintained on keeping processes running safely and efficiently.
About MTL
MTL Instruments, a division of Cooper Crouse-Hinds, is a world leader in the development and supply of electronic instrumentation and protection equipment for the process control and telecommunications industries. Many of the world's most critical processes are monitored, controlled or protected by MTL equipment and the Group is distinguished by the quality and reliability of its products, its global network of sales-and-support centres and its acknowledged position as a thought-leader in this high technology marketplace. With 36 dedicated sales centres in 13 countries and a further 137 MTL representatives in 64 countries, MTL's expertise in Intrinsic Safety, Industrial Networks, Surge Protection and Operator Displays/HMI is unsurpassed.
About Cooper Industries
Cooper Industries, Ltd. (NYSE: CBE) is a global manufacturer with 2007 revenues of $5.9 billion, approximately 87% of which are from electrical products. Founded in 1833, Cooper's sustained level of success is attributable to a constant focus on innovation, evolving business practices while maintaining the highest ethical standards, and meeting customer needs. The Company has eight operating divisions with leading market share positions and world-class products and brands including: Bussmann electrical and electronic fuses; Crouse-Hinds and CEAG explosion-proof electrical equipment; Halo and Metalux lighting fixtures; and Kyle and McGraw-Edison power systems products. With this broad range of products, Cooper is uniquely positioned for several long-term growth trends including the global infrastructure build-out, the need to improve the reliability and productivity of the electric grid, the demand for higher energy-efficient products and the need for improved electrical safety. In 2007, sixty percent of total sales were to customers in the industrial and utility end-markets and 34% of total sales were to customers outside the United States. Cooper, which has more than 31,500 employees and manufacturing facilities in 23 countries as of 2007, is incorporated in Bermuda with administrative headquarters in Houston, TX.
About Modbus-IDA
Modbus-IDA is a group of independent users and suppliers of automation devices that seek to drive the adoption of the Modbus communication protocol suite. The organization provides the infrastructure for obtaining and sharing information about the protocols and their application. Modbus-IDA engages in a broad range of activities relating to the maintenance and proliferation of the Modbus protocol, including:
-
Participation in standards activities worldwide, leading the evolution of the Modbus protocol and its variants.
-
Encouraging and assisting in the use of Modbus across a broad spectrum of physical layers and transmission media.
-
Maintaining and evolving a conformance testing program to ensure greater interoperability of Modbus devices.
-
Providing information to users and suppliers to help them be successful in their use of Modbus.
-
Engaging in educational and promotional efforts including trade shows, newsletters, a website, and other outreach activities
For further information on this press release please contact:
|
Joann Byres
|
Dermot Coady
|
Lenore Tracey
|
| Industrial Networking - Tofino Security |
Marketing Director
|
Executive Director
|
| Customer Service: Monday - Friday 5am to 5pm PST |
MTL Instruments
|
Modbus-IDA
|
| +1 510-438-9071 or 1-855-400-9071 | ||
| inetsalesops@belden.com |
+44 1582 407266
|
+1 508-435-7170
|