Schneider Electric's choice to secure critical industrial infrastructure

29 January 2013

Schneider Electric has selected Belden’s Tofino Security technology to protect its industrial automation systems.

Schneider Electric's new ConneXium Tofino Security Solution consists of a suite of products that hardens industrial systems against network incidents and cyber attacks, improving operational security, reliability and performance.

“Manufacturers are under continuous threat of new and increasingly dangerous cyber attacks, which requires greater vigilance and security,” explained Dave Doggett, program director for Industry Cyber Security at Schneider Electric. “The ConneXium Tofino Industrial Security Solution provides a key element in reducing risks, by managing the traffic to and from Schneider Electric automation devices before patches are applied, or new more secure products are deployed.

“In addition, this capability can be used to enforce plant procedure by blocking inappropriate programming commands to devices, preventing mistakes. By collaborating with the experts at Tofino Security, we are able to provide our customers with an easy-to-deploy industrial grade firewall that works seamlessly with our systems.”

The core of the new product line is the ConneXium Tofino Firewall. A rugged security appliance that inspects each network message passing through it, ensuring that only the right network messages, from the right computers, can be sent to critical controllers.

The Modbus protocol is further secured using the Deep Packet Inspection capabilities provided by the ConneXium Tofino Modbus TCP Enforcer module. Only ‘allowed’ Modbus commands from ‘allowed’ devices go through the firewall. This is said to prevent incidents caused either by inappropriate remote programming or by deliberately corrupted messages from malware, until appropriate patches or changes can be applied to the control system.

The firewall is configured using the new ConneXium Tofino Configurator, a Windows-based software that includes Tofino’s Plug-n-Protect technologies. “We have worked hard to make the ConneXium Tofino a solution that can be used out of the box,” said Eric Byres, CTO and vice president of engineering at Tofino Security. “Engineers don’t need to be security experts to secure their facility with Tofino.”

An example of the Plug-n-Protect technologies included in the ConneXium Tofino is the set of 15 pre-configured templates for major Schneider automation products. Engineers simply select the models of Schneider product they are using in their plant from the templates. They then decide which devices they want to allow communications to, and the ConneXium Tofino Configurator automatically determines the appropriate rules. The software also includes expert technology that looks for common mistakes in firewall programming, and proposes possible improvements.

Contact Details and Archive...

Related Articles...

Additional Information...

Print this page | E-mail this page