Cybersecurity has been a frequent topic lately at The Manufacturing Connection. Bedrock Automation founders built on a secure chip set as a foundation for an Industrial Control System (ICS) that is secure in many ways. Founder and CEO Albert Rooyakkers has devoted hours explaining the details and nuances of the many ways the product is nearly invincible. (He would take issue with my qualifying word.) This case study offers a few details about a utility bolstering its defense with an upgrade to Bedrock control platform.
A Colorado utility is transitioning legacy PLCs and RTUs to the intrinsically secure Bedrock OSA (Open Secure Automation) platform. The transition is part of a multi-year automation upgrade plan, which utility management saw as an opportunity to deepen its cyber security protection while also modernizing its controls.
“Like most other public utilities, we must adapt to an ever-changing world and that includes cyber security. We’ve always had robust physical security and required usernames and passwords for access to critical systems and controls, but we saw the world around us changing quickly. Many of today’s automation technologies are not as secure as they could be because they were developed long before security was a major issue in the industry. Most of the security added to them was an afterthought,” said Shay Geisler, I&C Administrator for Colorado’s East Cherry Creek Valley (ECCV) Water & Sanitation District.
ECCV’s legacy control architecture involved SCADA software that is housed on a dedicated Windows desktop or server along with a communications driver, in this case, an OPC Server that speaks to the PLCs via legacy protocols. Each ECCV upgrade target was using two PLCs to concentrate field data for use by the plant SCADA system, which had also been upgraded to a more secure version.
“We knew security could not be limited to the SCADA software only. There were too many downstream systems and assets that, if left untouched, would present a huge vulnerability. We determined that the vast majority of these potential vulnerabilities could be solved by addressing the PLC and SCADA communications system,” said Geisler.
Securing SCADA and control networks
Geisler and his team concluded that the most secure and cost-effective approach would be to connect the SCADA network and control networks with a secure communications channel. Fully implementing this, however, would have required ripping and replacing their entire system immediately, which would have been costly and required significant disruption. Instead, working with automation supplier Process Control Dynamics and system consultant RSI Company, they adopted a phased-in approach using secure Bedrock OSA Remote control units as proxy servers to enable transition ultimately to a full Bedrock platform.
“We are slowly upgrading the remote sites that have been serviced by legacy data concentrators, one-by-one as we convert each to use the secure Bedrock controller. The new controllers at the remote sites bypass the legacy concentrators and now report directly to the Bedrock proxy. Once all sites are converted, we will remove the legacy concentrators,” said Russ Ropken, with RSI Company, the system integrator who developed the architecture that enabled the seamless transition.
The ultimate result is secure, certificated communications from the SCADA software down to the Remote PLCs/RTU. The Bedrock OSA Remote proxy units will switch over to a peer-to-peer network of infinitely scalable secure Bedrock control units connected by an encrypted radio network.
ECCV already has field data running through 12 of its target sites, with some 74 left to go. For more details, including the architecture of each phase, download the case history here.