Home

Embedded Cybersecurity to Include Anomaly Detection

Jan. 17, 2018

Bedrock’s Open Secure Automation control system is getting an upgrade to help assure users that nobody is tampering with the automation.

Aaron Hand,

Aaron Hand

With its introduction a few years ago of an automation platform that was built from the ground up for cybersecurity, Bedrock Automation made a significant impact on the way the industrial world thinks about how it secures its systems. The security of its industrial control system has solidified even further since then, including the extension of embedded cybersecurity capabilities with Cybershield 2.0, which incorporates certification authority into its hardware root of trust.

In its latest development, Bedrock’s Open Secure Automation (OSA) firmware will include intrinsic anomaly detection (AD) to continuously monitor the controller’s network and system time to detect intrusions and anomalous behavior.

“Preventing control system intrusion is fundamental to holistic cybersecurity. In addition, users need to know when the system security is being challenged. This is the role of anomaly detection,” said Albert Rooyakkers, Bedrock founder and CEO. “At no additional cost or complexity for the user, Bedrock’s AD delivers additional assurance that no one is tampering with your automation.”

Anomalous behavior detected at the controller level signifies a high likelihood of a cybersecurity event, according to Bedrock. Embedding detection into the controller provides advanced cyber defense while reducing complexity and lifecycle cost.

Bedrock AD includes the following functionality:

Dynamic port connection monitoring, which records all attempts to connect any controller or communication point and captures identifying information on the intruder.
Network port scanning, which detects if hackers are scanning for open ports that might provide access to the control network.
System time monitoring, which detects attempts to manipulate log files to conceal malicious activity.
Cryptographic controller engineering key lock, which permits only users with valid credentials to change the configuration and operation mode of the controller. It also records all access.
Intrusion event logging, which records all detected anomalies and reports them to supervisory control and data acquisition (SCADA) software through OPC UA and standard database access for historian, alarming and trending functions. A tri-color status LED on the faceplate of Bedrock controllers also provides local indication whenever an intrusion is detected.

Bedrock AD will be standard on all Bedrock systems and will be available as a free firmware upgrade to installed systems as part of Cybershield 3.0 in March 2018.

About the Author

Aaron Hand | Editor-in-Chief, ProFood World

Aaron Hand has three decades of experience in B-to-B publishing with a particular focus on technology. He has been with PMMI Media Group since 2013, much of that time as Executive Editor for Automation World, where he focused on continuous process industries. Prior to joining ProFood World full time in late 2020, Aaron worked as Editor at Large for PMMI Media Group, reporting for all publications on a wide variety of industry developments, including advancements in packaging for consumer products and pharmaceuticals, food and beverage processing, and industrial automation. He took over as Editor-in-Chief of ProFood World in 2021. Aaron holds a B.A. in Journalism from Indiana University and an M.S. in Journalism from the University of Illinois.