A Secure Information Gateway

Thursday, May 3, 2012 @ 07:05 PM gHale


By Gregory Hale
It is very easy to get lost in the everyday bits and bytes of the automation environment, but the reality is systems need to stay up and running and everyone within the organization needs to be on the same page.

Time is of the essence and systems need to run at full bore while being functional, safe, secure and profitable. No excuses.

That sense of urgency faced the City of Orlando and Orange County as they needed to expand wastewater treatment services and a state requirement to eliminate discharge of treated effluent to surface waters. The city and county joined forces to develop an integrated water reclamation program.

That is why they created the Eastern Regional Reclaim Water Distribution System (ERRWDS). This system circles Central Florida and provides reclaimed water to commercial and residential customers. Reclaimed water pumps into the system from Orange County and the City of Orlando and it is one of the largest water reuse projects in the country, and the first reuse program in Florida that involves irrigation of crops intended for human consumption. The project provides 28 million gallons per day of reclaimed water and will ultimately deliver 50 million gallons per day.

They also knew they needed a communication vehicle that would address the project’s major challenge, which was four different pump stations on the system all vying to pump at the same time creating competition to put water into the system and causing problems with pressure maintenance.

ERRWDS had to gather data from the different Supervisory Control and Data Acquisition (SCADA) systems from each pumping station to display on a single Human Machine Interface (HMI) screen. This way, operators would be able to view pump status, valve positions, flows, tank levels and pressure from each of the stations so they could make operational and maintenance decisions.

A physical connection already existed between the city and county networks, but the new solution required a firewall-friendly, cross-domain communications technology that interoperated with the existing OPC Classic-enabled systems. The city went with an OPC UA solution to provide secure, bi-directional data access between the different SCADA systems.

It’s called communication: Data and information from devices, tools and systems needs to be able to run through the enterprise to share as much intelligence as possible. In Orlando’s case, operators now have the appropriate data in the proper context to make quality operational and maintenance decisions, including pump status, valve positions, flows, tank levels and pressure from each pump station.

“There were four pumping stations, all competing to put water into the system at the same time,” said Tony Paine, president of Kepware Technologies, a communications and interoperability software provider. “They needed to manage the water pressure among the stations to effectively generate water into the delivery systems.”

The idea is to keep the operation moving quickly, efficiently, and productively. So, why should security get in the way?

Solving the Problem
That is where tunneling comes into play. In the past, tunneling would hardly be the answer. By its very nature, it was very insecure. That is where OPC UA comes in. OPC UA is the next evolution from OPC Classic. UA is a cross-platform service-oriented architecture for process control that enhances security and provides an information model. It also allows for secure communication during tunneling, which means data and vital information will be able to pass through and get to decision makers – quickly and securely.

OPC UA addresses the needs for information transfer in the automation environment. Its goals:
• Deliver technology capable of porting to a wide range of operating systems and technology platforms.
• Adopt a security standard that would be familiar to IT professionals.
• Support the intelligent transfer of information (not just data).
• Enable communications in the broadest possible scenarios (such as across the Internet and in business to business) not just between computers in an automation facility.
• Be firewall-friendly and easy to manage.

OPC UA also allows for users to bypass the bugaboos presented by Component Object Model (COM) and Distributed Component Object Model (DCOM) inherent in OPC Classic.

Since OPC fired up in 1996, automation professionals have been using DCOM technology in distributed automation applications. COM and DCOM were effective, but just did not have the capabilities to withstand the rigors of industrial automation or distributed operation in mind. As industry demands for a more stable protocol increased, UA evolved. That is why a more secure and stable tunnel acts as a solid DCOM replacement for distributed applications.

Tunnel Vision
In the classic World War II movie “The Great Escape,” Allied prisoners of war, in a move to disrupt their German captors and to gain their freedom, created a plan to dig three tunnels to escape their captors. The tunnels would snake under various parts of the camp avoiding anything that could slow down the escaping prisoners of war so they could flee into a nearby wooded area and gain their freedom.

Take that thought and concept and apply it to the tunnel concept for OPC UA. The OPC UA Client Driver creates a tunnel between two OPC servers. If there is OPC Server A and OPC Server B, to build a tunnel, users would create an OPC UA Client Driver channel on OPC Server B and then configure that channel to connect to the OPC UA Server Interface running on OPC Server A. Once a data client connects to OPC Server B, a tunnel would exist between the two servers. Through the use of certificates, and enabled security, all information exchanged between the server and driver ends up protected. Secure communication is born.

Graphic of OPC UA Tunnel.

“It is about keeping the communication process as simple and as robust as possible,” said Thomas Burke, president of the OPC Foundation. “If one PC gets data from the control system, it is able to securely send that information over to another PC for further analysis.”

The OPC UA Client Driver and the OPC UA Server interface provide an OPC Tunnel. The tunnel uses Client/Server architecture to transfer data over an Intranet, Internet, or wide area network (WAN) and provide a secure tunnel through firewalls. This tunneling solution is easy to use while being more secure and maintainable.

“It truly is like riding through a tunnel, you go in one end and come out the other and you have no idea what is going on all around the tunnel to keep you secure,” Burke said. “The provider supplies the technology to make the communication secure. It guarantees data will not leak.”

UA works over a VPN connection, and completely eliminates DCOM configuration and the need to expose applications to unauthorized or anonymous users. An OPC tunnel compliments existing OPC DA applications.

The ability to define ports for service access and the control of traffic is straight forward. That ends up being another benefit over COM and DCOM, which required a great deal of Windows security configuration and did not give precise control over the machine PC to PC communications in terms of ports. That made it difficult to manage through firewalls.

By using OPC UA, it is possible to leverage a compressed and binary data transfer, while managing secure access through security certificates. OPC UA builds on OPC data specifications, while extending them with new complex data that gives the ability to have clients access information to keep everything in context from the plant floor right through the enterprise.

Security Boost
A secure tunnel is an important cog in the communication process because of the heightened need for cyber protection today as hackers’ sophistication levels continue to ratchet upward. That, however, does not mean security needs to get more complicated for end users. To the contrary, by building security into the solution it can be an easy transition from the old insecure way of doing things to the next generation of secure communication. By understanding the security threat, the user can then work through a solution.

Investing in multiple layers of security to protect endpoints and the data stored on them pay off in mitigating cyber attacks and reducing downtime, according to one report from Symantec.

Organizations that invest in stronger defenses and train its employees to be more aware are in a better position to stop or survive attacks, the study showed. “Top tier” organizations are 2.5 times less likely to experience a major cyber attack, and 3.5 times less likely to experience downtime compared to other enterprises, the report said.

The policies and practices of top tier responders differed sharply to those that are less proactive in the bottom tier, the report said.

Less than half of the organizations in the bottom group reported being current with all operating system and application updates, and roughly half had considered encryption, access control, data loss prevention and reputation-based security technologies.

The bottom tier organizations did not train employees on security best practices as often. These organizations were likely to suffer heavier losses after a successful cyber attack, the report found.

In the end, it is a simple math equation, manufacturers want to increase productivity and raise profitability. Bottom tier organizations suffered 2,765 hours in downtime, compared to the 588 hours suffered by the top-ranked organizations. How many companies would flourish with a bonus of an additional 2,177 hours of uptime?

Also, consider the costs. Cyber incidents cost organizations $558,000 in revenue losses, $480,831 in brand damage, $366,301 due to compliance fines, and $174,309 in lost productivity, the survey found.

Looking at those numbers it is easy to become paralyzed with fear or indecision over security. Open and interoperable technology does have big advantages that can reap great rewards by keeping the enterprise informed on all aspects of the operation. However, the fact remains if manufacturers today have a solid understanding of security and understand working in an open environment means bad guys are lurking around the cyber corner at all times, they can break down the walls of fear and prosper.

With more than two-thirds of malicious attacks coming through some sort of electronic exploit, detection and escalation costs declined to $433,000 in 2011 from $460,000 in 2010, according to a survey by the Ponemon Institute. This suggests organizations are starting to understand the threat and put the appropriate processes and technologies into place.

No need to feel lost, enabling a stronger security posture means there will be less unplanned downtime, which means there will be higher productivity and more profitability.

Fear of the unknown didn’t stop ERRWDS. They knew time was paramount and moved forward and created a solution using OPC UA that provided secure, bi-directional data access between the different SCADA systems. They are now reaping the rewards of a solution that will be able to safely and securely grow with the network. No excuses.

Gregory Hale is the Editor and Founder of Industrial Safety and Security Source, ISSSource.com.



Leave a Reply

You must be logged in to post a comment.