Honeywell extends SIS security

10 January 2011

Honeywell has announced that it is to expand its use of Tofino technology with the release of its third Byres Security/MTL Instruments product in the form of the Modbus Read-only Firewall.

Kevin Staggs, Engineering Fellow, Global Security Architect at Honeywell Process Solutions, said: "In today's environment it is not sufficient for plants to simply depend on perimeter firewalls for security. They need multiple levels of security, and the Honeywell Modbus TCP Firewall, based on Tofino technology, provides our clients with a robust security solution from outside threats and improper network introductions."

Designed to secure any Safety Integrated Systems (SIS) used in industrial processes, the firewall detects and blocks network messages that may change data, programs or settings in critical systems, offering an additional layer of protection against unwanted and harmful network traffic.

Safety Instrumented Systems are the last line of defence against accidents in hazardous industrial processes. They continually monitor the process and automatically shut down the plant in a safe manner if they detect anomalous conditions. It is essential that SIS are secure from all threats, both accidental and malicious.

The Modbus Read-only Firewall is the first fixed configuration firewall to use Tofino’s ‘deep packet inspection’ technology with the Modbus TCP. Every network message is scanned and on a limited set of valid Modbus ‘Read-only’ commands are allowed through to the safety system. These are safe commands that cannot be used by malware to change the functionality of the safety system. The firewall’s fixed rule sets remove the possibility of tampering or misconfiguration and significantly reduces the effort required by the plant to maintain the firewall.

This new product is pre-configured so that the firewall is simply installed into live networks between the safety system and other control systems. There is no configuration needed. The Honeywell Modbus Read-only Firewall is not designed for use only with Honeywell safety systems. It can be used with any safety system product connected to Honeywell Experion systems via the Modbus TCP protocol.


Contact Details and Archive...

Related Articles...

Print this page | E-mail this page