At the 2017 Global Petroleum show, Bedrock Automation demonstrated its newly upgraded control system firmware that extends its intrinsic cyber security protection to upstream and midstream control networks, the Industrial Internet of Things (IIoT) and third-party applications. The Bedrock control system provides cyber secure PLC/RTU control of compression, storage, treatment, processing, dehydration and other midstream and upstream functions.
“ARC is not aware of any other supplier implementing a cyber strategy as stringent and comprehensive. In examining the current portfolio, the Bedrock engineers and architects are tackling cybersecurity in a more intrinsic and holistic fashion than many end users have considered. The message? Air gaps and firewalls are not enough,” said ARC Analyst Mark Sen Gupta in his recent ARC View report, Bedrock Automation’s Cyber Defense Makes Cyber Security Easier for End Users.
Bedrock Cybershield 2.0 firmware enables authentication and encryption of I/O networks and field devices, and protects compliant networks and user applications such as controller configuration, engineering and SCADA. The firmware also includes an industrial control system (ICS) certification authority (CA) – drawing on the power and flexibility of public key infrastructure (PKI) and Transport Layer Security (TLS).
Attempting a similar level of protection with conventional, bolt-on cyber security technologies increases operational cost and complexity with minimal certainty of protection against inside-out or outside-in attacks. As cyber security hardening is a standard feature of all Bedrock system components, the cost of obtaining this protection with Bedrock is negligible. The Bedrock Open Secure Automation (OSA) system also offers:
- Intrinsic, military-grade cyber security that prevents intrusion while protecting company IP and data.
- Minimal downtime and maintenance, even under extreme conditions, including lightning strikes. This is also the first industrial control system certified for EMP immunity.
- Support for engineering and embedded custom PLC/RTU applications without additional software or equipment.
- Secure on-board power, I/O and OPC-UA server enables flexible configuration and deployment.
- Guaranteed non-obsolescence and secure local/remote upgrades without shutdown.
- Standards-based platform that enables multivendor solutions.
“Our first objective was to deliver a hardware-based endpoint root of trust, which we did with the Cybershield 1.0, which was built into last year’s product release. Cybershield 2.0 is our next giant leap. It validates our built-in versus bolted-on technologies and is forward and backward compatible. This 2.0 firmware upgrade demonstrates how we continuously enhance intrinsic defense and lead the digital convergence of OT cyber security with enterprise class technologies,” said Bedrock Founder and CEO Albert Rooyakkers.
Open and Secure – resolving the contradiction with third-party applications
Bedrock Automation created the Bedrock OSA as an open yet secure platform for hardware, networks and software. Software developers who want to take advantage of this opportunity can now receive certification authority (CA) to incorporate Bedrock encryption keys into their software, which will give their programmes secure access to Bedrock controllers.
The first cyber secure software partners include 3S of Germany, with its IEC61131 configuration and runtime engines now running over TLS with authentication to the Bedrock system root of trust, as well as a Field Device Tool (FDT) frame application by M&M Software for HART configuration. This will be followed closely with Inductive Automation’s Ignition SCADA and other SCADA partners later in 2017.
Cybershield 2.0 is currently available and will be standard in all Bedrock systems going forward.
Read the article online at: https://www.oilfieldtechnology.com/digital-oilfield/13062017/bedrock-automation-demonstrates-cyber-security-firmware/