Eaton MTL

MTL Instruments Group



Invensys adopts Tofino security solution for Triconex OPC

2010 05 20
product image

Invensys Operations Management, a global provider of technology systems, software solutions and consulting services to the process and manufacturing industries, has teamed with Byres Security Inc. and MTL Instruments to deliver a ground-breaking cyber security solution that will harden industrial safety systems against network accidents and attacks. The new Triconex® OPC Tofino solution is the first firewall that protects integrated applications based on OPC Classic, the world’s most widely used industrial integration protocol.

To enable greater interoperability of its Triconex safety systems, Invensys pioneered embedding OPC servers within its Tricon® communications module (TCM). To ensure that these modules were cyber secure, Invensys teamed with Byres Security, which had recently introduced the world’s first content inspection firewall for the MODBUS TCP protocol, to create a firewall specifically for Triconex systems. The two companies then enlisted the services of MTL Instruments to build the security hardware. The result is the Triconex OPC Tofino firewall, which is now available for Invensys customers using the Triconex TCM with the embedded OPC solution.

“Processors and manufacturers are continuously threatened by new and increasingly dangerous cyber attacks, which requires greater vigilance and security,” said Joe Scalia, portfolio architect, Invensys Operations Management. “The Triconex OPC Tofino solution mitigates those risks by managing the traffic to and from the Triconex TCM, providing further assurance that a cyber incursion will not compromise integrated communications between the safety and critical control and distributed control systems. By collaborating with the renowned experts from Byres Security and MTL, we resolved a crucial client challenge to improve the safety and security of their overall operations.”

The Triconex Tofino firewall provides security features developed specifically for Triconex and its embedded OPC Classic server to protect against malicious attacks and other threats to network operations. Users deploy the new firewall in front of the Triconex OPC server, thwarting attacks and traffic storms before they reach the control system. It automatically mitigates risks related to previously published DCOM vulnerabilities, while providing packet management and rate limiting to prevent network traffic problems that have an adverse effect on the stability of the safety system.

For many companies, good network reliability, like that provided by the Triconex Tofino firewall, is just as important as good security, and with its unique features and capabilities, the Triconex Tofino firewall can help avoid multi-million dollar accidents and untold environmental damage.

“Past plant shutdowns, for example, haven’t been caused by hackers. Instead they were the result of badly configured software causing traffic storms that impacted critical controllers and other systems,” said Eric Byres, security expert and technical officer at Byres Security. “The Triconex Tofino firewall does much more than block hackers and viruses from accessing the safety system. Its dynamic port management and built-in traffic-rate controls prevent many basic network problems from spreading throughout a plant.”

“The next generation of the OPC Foundation interoperability specifications, the OPC Unified Architecture, incorporates similar cyber security protection, based on the excellent work of founding companies like Byres Security, MTL Instruments and Invensys,” said Thomas J. Burke, president, OPC Foundation. “Launching the unique Invensys OPC Tofino firewall allows the solution to be deployed now, which is the important milestone in demonstrating that users can secure the interoperability of OPC Classic within other applications without worrying about cyber security. As the use of OPC Unified Architecture expands, we look forward to collaborating with these market leaders to develop additional innovative, readily deployable solutions for the benefit of the entire OPC user community.”

“We were pleased to join Invensys in developing a firewall for their industry-leading Triconex safety solutions,” Byres said. “Together with MTL, we have delivered a solution that will improve plant safety and security, as well as enable manufacturers to deploy OPC to achieve new levels of interoperability for all of their operations, enabling, for example, tighter integration of safety and asset management systems to share data and help prevent trips.”

For further product information