The global site of the UK's leading magazine for automation, motion engineering and power transmission
25 February, 2021

Security module `listens` to find what is attached to a network

11 August, 2008

MTL Instruments and Byres Security have announced a security module that discovers and identifies what devices are on an industrial network, and creates the firewall rules to control the traffic flowing to them, without posing any risk to the industrial process. They claim that the Secure Asset Management module, designed to be used with their Tofino industrial security system, is the first of its type in the industrial security world, and possibly also in the IT market.

Although asset management tools have been available in the IT world for more than a decade, all rely on sending probing messages onto the network to discover what is deployed. But these messages can cause SCADA and process control systems to crash. In 2005, Sandia National Laboratories in the US released a report describing several serious events arising from the use of these tools, including one case where the system controlling the creation of semiconductor chips was disrupted, destroying $50,000 worth of wafers.

As a result, many manufacturers and energy suppliers have banned the use of IT-style asset tools on industrial networks.

The new Tofino module gives engineers a safe means of finding out what is on their control networks. The module, designed specifically for industrial control operations in critical industries, never probes the control devices. Instead, it listens for traffic on the network and uses special techniques to determine the control devices attached to the network.

When it discovers a new device, it prompts the system administrator to either accept its findings, or to flag the device as a potential intruder. The module also guides the user to create appropriate firewall rules to allow or block messages, based on what it has learned about the network traffic.

"Passive scanning techniques have been discussed in academic literature and released in open source projects before," admits Eric Byres, chief technology officer at Byres Security, "but as far as we are aware, this may be the first successful commercial application of the technology in the world."

He describes the Asset management module as "a key step in our Tofino intrinsically secure strategy. Our goal is to make security understandable for control engineers, so that they can focus on keeping their process running safely and efficiently."

  • To view a digital copy of the latest issue of Drives & Controls, click here.

    To visit the digital library of past issues, click here

    To subscribe to the magazine, click here



Drives Show 2022The next Drives & Controls Exhibition and Conference will take place in Birmingham, UK, from 5-7 April, 2022. For more information on the event, visit the Show Web site


"Do you think that robots create or destroy jobs?"



Most Read Articles