Software Configurable Ethernet IO Module with Embedded Cyber Security
Bedrock Automation extends to the industrial Ethernet domain its commitment to deliver “Simple, Scalable and Secure” automation. The SIO4.E Ethernet I/O module plugs into the Bedrock pinless electromagnetic backplane to receive Bedrock’s patented Black Fabric cyber security protection.
Each of the module’s five I/O channels is independently software configurable. The initial library of Ethernet protocols includes EtherNet/IP. Modbus TCP, OPC UA, and Profinet are slated for future releases on firmware updates. All channels also deliver Power over Ethernet (PoE).
Ethernet as a real-time control variable
Tightly coupling Ethernet into the process control and I/O network enables deployment of a wide range of edge device and enterprise data into real-time control logic, much in the same way an engineer incorporates more typical process sensor and actuator data. This results in real-time communication channels for the exchange of data between OT production and IT enterprise systems.
“Unlike an Ethernet switch traditionally sitting at Purdue levels 3 to 5 with the operations and business networks, the SIO4.E module delivers Ethernet as secure I/O at levels 0 and 1 with the sensor, actuator and process control logic. This collapses the legacy hierarchical ICS model into a simplified and inherently more secure automation architecture. Equally empowering is the deployment of OPC UA on any of the SIO4.E Ethernet I/O channels, opening up a world of opportunity and innovation while reducing all aspects of software lifecycle cost. This is the way of the future,” says Bedrock CTO and Engineering VP, Albert Rooyakkers.
Securing Ethernet I/O
Ethernet is becoming widely adopted for open industrial control system (ICS) applications because it builds on proven, high-speed stacks that have been enhanced for use on industrial devices such as robots, PLCs, sensors, CNCs and other industrial machines. Bedrock secures Ethernet I/O in many ways, including by connecting the FIPS compliant anti-tamper SIO4.E I/O module on a pinless electromagnetic backplane, embedding authentication logic, true random number generation (TRNG) and cryptographic keys into the semiconductor hardware, and by isolating information flow within each channel by way of separation kernel functionality in a secure real-time operating system (RTOS).
“Robust ICS cyber security is just part of the tremendous value that the new Bedrock module brings to process automation,” says Bedrock Automation President Bob Honor. “The fact that each channel can be software configured adds new levels of flexibility and scalability. No other I/O module allows process engineers to program so much communications capability into one system component. We are especially excited about the positive impact for ICS users. That user experience is increasingly configurable and Bedrock uniquely offers the tools and platform to shape it securely to their advantage.”
Pricing and availability
The Bedrock SIO4.E Ethernet I/O module is available at a price of $2000, about the same as a traditional Ethernet IP card. But unlike a typical Ethernet card, the five channel SIO4.E is cyber secure, software configurable for multiple protocols, and has more bandwidth, higher computing power and additional performance advantages.