Bedrock’s Security March Continues

Wednesday, April 25, 2018 @ 09:04 AM gHale

Bedrock Automation continues its push to secure the manufacturing automation sector with two new offerings.

In one, Tatsoft will authenticate the latest version of its SCADA software to the Bedrock Automation control system root of trust.

RELATED STORIES
Pipeline Firms Hit; Gas Still Flowing
Cyber is ‘Core’ to Digital Future
SANS: ‘Unique’ Safety System Attack
Feds Alert on Russian Cyber Activity Targeting ICS

In the other, Bedrock introduced a lower-cost and high-performance controller.

Tatsoft’s FactoryStudio 2018 developers will now be able to generate Certificate Signing Requests (CSRs) for the Bedrock Certificate Authority (CA). These certificates provide users with a cyber secure connection between their control system and their HMI and SCADA applications.

“Our users are looking for ways to take advantage of open systems but are increasingly concerned about cybersecurity,” said Tatsoft Chief Executive Marcos Taccolini. “FactoryStudio 2018 software gives users new functionality for building open applications and by supporting the Bedrock platform, we can provide a secure path for those applications to interact with PLC functionality. We could not do this with any other control platform, because none has authentication certificates embedded in their firmware as Bedrock does.”

Tatsoft FactoryStudio is an application development platform for real-time enterprise information management. It provides a complete set of modules via a unified engineering user interface built on Microsoft.NET and sharable with other open applications via OPC UA. FactoryStudio users building control logic for critical infrastructure industries such as water treatment, power, and oil & gas can incorporate the Bedrock encryption keys directly into their applications and enjoy end-to-end cyber secure protection.

FactoryStudio 2018 includes the following enhancements:
• IoT tools for developing HTML5 clients displays for access on any glass, including JavaScripting
• Standard, sharable user-created components and plug-Ins
• Project build rollback
• TreeView listing and access to all objects in current display
• Multi-lingual support built into the engineering environment, including German, Spanish, French, Italian, Portuguese, and Russian

Bedrock added cybersecurity to FactoryStudio 2018 by drawing on the power and flexibility of public key infrastructure (PKI) and Transport Layer Security (TLS) technology comparable to what is used to secure online financial transactions.
This technology leverages hardware-based secret root keys and certificates for advanced cryptographic authentication of Bedrock hardware and software components.

Bedrock began offering advanced cryptographic authentication to third party developers earlier this year. The process begins when developers seek authorization for their digital identities by submitting the certificate signing request (CSR) to the Bedrock Automation Cloud SaaS Certificate Authority (CA). In response, the CA returns a certificate which contains the digital signature that developers place into their applications to allow access to the Bedrock controller.

In addition, Bedrock introduced a lower-cost and high-performance controller that combines PLC, RTU and edge control; intrinsic cybersecurity; and universal I/O into a compact standalone module for remote monitoring and control applications.

Bedrock’s OSA Remote is a lower-cost and high-performance controller that combines PLC, RTU and edge control; intrinsic cybersecurity; and universal I/O into a compact standalone module for remote monitoring and control applications.

“Many users automating remote operations in public utilities, oil & gas pipelines and other applications have wanted the intrinsic security, software-definable I/O, open engineering environment, and high performance of our Bedrock OSA system, but needed fewer than 20 I/O and thus did not need the higher channel count and redundancy our backplane provides,” said Bedrock Automation Founder and Chief Executive, Albert Rooyakkers. “For those applications, we have packed our core Bedrock functionality into a unified small footprint. This drives to record lows the cost of engineering, implementing, operating and securing edge automation, reducing barriers to IIoT and Industry 4.0 business innovation.”

Introductory pricing starts at $2900 for the OSA Remote R10 model, which has 10 channels and $3900 for OSA Remote R20 model, which has 20 channels.

Elements of the OSA system include:

• Universal I/O: Each OSA Remote channel can be programmed for analog, discrete and digital connectivity supporting, pulse, AI/AO, DI/DO, HART 7, BSAP, RS-232/485/422, Ethernet IP, ModBus TCP, 61850, DNP3, PROFINET, DeviceNet, CAN Bus and BACnet. Such a broad array of options reduces engineering time, maintenance and spares management.
• Open Connectivity: Much of the benefit of the IIoT and Industry 4.0 innovation depends on open connectivity, but that comes with risk. Bedrock OSA Remote provides a secure SCADA uplink for OPC UA, and will also support MQTT and DDS later this year.
• Small footprint: OSA Remote takes up minimal cabinet real estate, which is important in remote areas where space is at a premium.
• Free engineering software: Bedrock Automation provides IEC 61131-3 standard software for an unlimited number of users.
• Broad temperature range: All Bedrock OSA Remote controllers operate at temperature ranges between -40° C and +80° C without fans or forced draft.
• Computing power: With an array of cyber secure and multi-core ARM processors, 512Mbytes of RAM, 8Gb or 32Gb Flash, MRAM for retained variables and a supercapacitor to retain firmware for years without power, OSA Remote has the computation and communication bandwidth to run the advanced edge control and analytical software.
• Intrinsic cybersecurity: Bedrock intrinsic cybersecurity reduces the need for costly external firewalls, intrusion detection and other devices, which are of only limited effectiveness. Everything is embedded in into OSA Remote.



Leave a Reply

You must be logged in to post a comment.