The Special Needs of SCADA/PCN Firewalls: Architectures and Test Results

E.J. Byres, B. Chauvin, D. Hoffman, J. Karsch and N. Kube; “The Special Needs of SCADA/PCN Firewalls: Architectures and Test Results”, The 11th IEEE International Conference on Emerging Technologies and Factory Automation, Institute of Electrical and Electronics Engineers, Catania Italy, September 2005

Industrial firewall traffic delays when under a DoS attackAbstract: The use of firewalls between business and process control networks is often suggested as an ideal solution for plant floor cyber security. But research shows that few firewalls are properly configured and that many control system security incidents bypass the firewall. If firewalls are to be effective, guidance on how to deploy them in industrial settings is badly needed.

The authors conducted a survey exploring the state of the art in industrial firewall deployment. Based on the survey results, four firewalls were configured, using one open-source and three commercial firewall products, and subjected to extensive analysis and testing. While the results indicate that commercial and open-source firewalls can be successfully used, the study also shows important differences between the configuration of firewalls in industrial and IT settings.

Downloadable PDF Data sheet for the Modbus TCP Enforcer - describes features and benefits for modbus security The Special Needs of SCADA/PCN Firewalls - White Paper (366kb)