Since 9/11, protecting SCADA and distributed control systems against cyber attacks has gained much higher priority, especially for mission-critical operations -- and yet few solutions focus on the operations end of the business.
Verano, Inc. (Mansfield, MA) is one of the few. Since it bought the RTAP (Real-Time Application Platform) SCADA business from HP in 2000, Verano has been working on a security event-management solution. That effort involves Verano's Industrial Defender product, designed for mission-critical settings like power plants and water treatment facilities, and now spreading to manufacturing.
"What Verano does is unique," says Charles W. Newton, president of Newton-Evans Research Co., Inc. (Ellicott City, MD), and an analyst who studies SCADA usage. According to Newton, virtually no one else provides the combination of SCADA and cyber security products and services that Verano does or offers a product like Industrial Defender.
Verano's Industrial Defender product protects control systems and networks in real time against an array of internal and external threats. Those threats include hackers, viruses, malicious insiders, and authorized outsiders like contractors or automation vendors that connect to the network as part of their work or support function and can inadvertently or deliberately cause malfunctions, change critical files, or obtain data they are not entitled to see. The software also can provide alerts regarding the addition of unauthorized systems or devices as well as information-sharing violations.
Within the Industrial Defender system, a Unified Threat Management device at the gateway moves firewall functionality and antivirus filtering to the perimeter from its typical location at the critical process control server. This may sound like an enterprise security application, but Industrial Defender has several differentiating features, such as the ability to work with multi-vendor process control systems. Designed as a security wrapper, it functions with any system of any age from any vendor and can be deployed without shutting down the system.
"We simply unplugged one cable and plugged in another," reports Robert Byers, computer specialist, process control, for the Utilities Services department of the City of Boca Raton, FL, which installed Industrial Defender in March 2006 to separate its process control network from the departmental network. Once rules and settings were established, one result was the elimination of process network downtime due to general broadcast messages from the IT department. The solution has been so well received that Utilities Services may add a second firewall between the department and city networks.
Industrial Defender also monitors performance. "One customer discovered and was able to resolve memory leaks that had been responsible for intermittent system crashes for three years," reports Lori Dustin, Verano's VP of marketing.
The patent-pending Dynamic Lock-Down capability lets users predefine up to 10 threat levels and allows an administrator to change the level of access across all devices from a single interface as the threat increases or decreases. "Another feature customers really like is the ability to integrate all their security layers, including network and host monitoring as well as perimeter protection," Dustin says. "This makes it easier to know what's going on. It's also easier to run reports since all logs reside in a central repository."
Perhaps most important, running Industrial Defender does not impact availability of real-time control systems, even on older, slower networks. "We never consume more than 1% of the network bandwidth or 3% of CPU capacity," Dustin says.
Despite Industrial Defender's robust capabilities, manufacturers are moving slowly to embrace the technology. According to Newton, "cyber security 'defense spending,' including the monitoring of mission-critical, real-time control systems and networks, has been tabled by many companies and utilities until a real and urgent situation occurs."
For those who won't wait, Industrial Defender is at the ready.