Wurldtech Achilles cyber security testing

When customers can't wait for standards organizations, testing protocols can come from other sources.

12/02/2008


What happens when you want to specify product requirements, but there are no relevant standards or testing bodies? Case in point: cyber security. How do you specify and test that your new control system will stand up to attack?

Let’s say you are going to purchase a new control system for some part of your process plant. Being an enlightened buyer, you are concerned with cyber security issues and want to make sure that your supplier has created a robust and secure platform. Your vendor says that of course the platform is robust and secure. So you look for ways to define and quantify those terms in a way that you can both agree. Unfortunately, while much has been written on the topic of what makes a system strong, there is little in the way of approved standards and few options for testing or certification. So what do you do? A group of oil industry companies found themselves in just that situation.

Dr. Nate Kube, chief technology officer of Wurldtech , has specialized in robustness testing and designed approaches to examine a network and its resilience to cyber attack and other bad network conditions. “Before our certification program, there was no real, easy way for the operator to specify a security or robustness requirement, and there was no real way for a vendor to demonstrate that he had a robust device,” he says. “So there was this big gap. There was work being done in standards bodies, ISA SP99 for example, but the completion date was fairly far off. There was no program, immediately available, that the operators could use.”

At the PCSF annual meeting in 2007, Kube made a presentation on testing methods developed from his academic work and industry experience, and how that could be used in a larger testing program. A group of users in critical industries liked what they heard and expressed their support to bring that work together in a form that they could use for testing and product evaluation. Wurldtech began to develop the Achilles program in earnest, and those users started to specify this preliminary testing to their vendors, and the process quickly became formalized.

“We follow IEC and ISO guidelines for proper product certification testing,” Kube adds. “In the absence of a standard, we followed our own experience, some industry pundits, and feedback from large end users to come up with a list of tests that should be executed in order to demonstrate and quantify a controller’s robustness. As the program developed and became more formal, it started to show up in procurement documents. So when a large company wants to put out a bid for a new facility, now Achilles Level 1 testing can be a requirement on the controllers and safety systems.”

In the development of Achilles, Kube worked to move past traditional testing methods, considering them inadequate for the growing sophistication of control applications. As he describes it, “Communication testing in the past has been mostly conformance based, i.e., does your device respond in accordance with some protocol specification? There is a whole realm of negative testing that is being missed, so let’s send a message that’s almost correct, and see how the device responds to that. We’ve found that it’s extremely easy to kill devices, kill their I/O routines, wipe out their programming, and do horrendous things to these devices based on sending slightly malformed network packets. So that’s why we call it robustness and resilience testing. There are increasing instances of converged network topologies where you have the management of safety and control sharing a bus and increased connectivity with the enterprise network. Now you have all these new avenues for malformed or bad traffic, or hacker traffic, to get on to your control network and affect critical systems. So it becomes increasingly important to do negative or robustness testing on the controllers proper. We’re simulating what a hacker or terrorist might take advantage of. Is the protocol implementation robust? Does it handle exceptional conditions? If I send it a bad packet, will the implementation fault? Can I send it high rates of traffic and have it retain its control functionality in such an event? When a device has an Achilles Level 1 certificate, it means that the device is solid at network layers two through four. It will maintain its operational functionality in the presence of some extremely harsh network conditions.”

Based on demand from end users and system builders, Achilles testing has taken off. At present, 12 control platforms have been certified to Level 1, and others are in the works.

ABB
Plantguard Controller
AC 800M Controller

Emerson
DeltaV Controller

Honeywell
Experion PKS C300

ICS Triplex
Trusted Controller

IPS
Trident Controller
Tricon Controller

Kongsberg
RCU 501 Controller

Yokogawa
Stardom FCJ Controller
ProSafe-RS Vnet/IP Safety Control Unit
CENTUM CS 3000 R3 Field Control Unit
CENTUM CS 3000 R3 Vnet Router

Other organizations are working on similar test strategies, but for the moment, Achilles Certification has established itself as a leading protocol within critical industries.

For more on cyber security, read our new blog with Matt Luallen and Steve Hamburg of Encari .

—Peter Welander, process industries editor, PWelander@cfemedia.com ,
Process & Advanced Control Monthly eNewsletter
Register here and scroll down to select your choice of free eNewsletters .





No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
Your leaks start here: Take a disciplined approach with your hydraulic system; U.S. presence at Hannover Messe a rousing success
Hannover Messe 2016: Taking hold of the future - Partner Country status spotlights U.S. manufacturing; Honoring manufacturing excellence: The 2015 Product of the Year Winners
Inside IIoT: How technology, strategy can improve your operation; Dry media or web scrubber?; Six steps to design a PM program
Getting to the bottom of subsea repairs: Older pipelines need more attention, and operators need a repair strategy; OTC preview; Offshore production difficult - and crucial
Digital oilfields: Integrated HMI/SCADA systems enable smarter data acquisition; Real-world impact of simulation; Electric actuator technology prospers in production fields
Special report: U.S. natural gas; LNG transport technologies evolve to meet market demand; Understanding new methane regulations; Predictive maintenance for gas pipeline compressors
Warehouse winter comfort: The HTHV solution; Cooling with natural gas; Plastics industry booming
Managing automation upgrades, retrofits; Making technical, business sense; Ensuring network cyber security
Designing generator systems; Using online commissioning tools; Selective coordination best practices

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role that compressed air plays in manufacturing plants.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me