Loading...

Follow Bedrock Automation Industry News on Feedspot

Continue with Google
Continue with Facebook
or

Valid

More proof that the instrumentation and control industry is concerned about supply chain security is evident in the fact that it was the topic of the two most popular articles recently run at ControlGlobal.com. The most widely read article was Joe Weiss’ detailed blog entry: “The ultimate control system cyber security nightmare,” which may have been triggered at least in part by the second most popular article: “Yokogawa announcement warns of counterfeit transmitters.”

Weiss’ concern was that although device knock-offs have been primarily motivated by financial gain, they could easily host moles and backdoors into other industrial technology, setting up opportunities for IP theft or more dangerous consequences, such as meddling with safety controls.

He supports this further pointing to an announcement from the North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC-CIP), which raises concerns that information and communications technology and industrial control system supply chains may provide various opportunities for adversaries to initiate cyberattacks. Authors of a recent article for the Manufacturing Leadership Council express similar concerns:

“Typically, the motivation of a hacker is to sabotage operations, steal intellectual property, personal or financial data, or to extract ransom by unlocking encrypted data. When it comes to manufacturing supply chains, the implications are much broader. Cyberattacks from malicious hackers or software can paralyze entire connected manufacturing ecosystems, affecting production, product quality, revenues, brand, and human lives.”

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

On the heels of its recent delineation of key components of the critical infrastructure, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is intensifying its emphasis and spending on both cyber security and supply chain integrity.

In its May 24, 2019 coverage of CISA Director Christopher Krebs’ recent remarks at the Georgetown University Cybersecurity Law summit, Inside Cybersecurity news service reported that Krebs identified supply chain and industrial control system security as two “pathfinder” initiatives that will receive top priority in the coming years.

Among the strategy he proposed to address supply chain security is a three-pronged approach “for determining the threat from a supplier,” based on a “bonding operational directive” that the DHS issued last year, with broad political support. That political support probably contributed to Krebs getting more budget than requested, as another source, FCW, reported.

“The bill allocates approximately $2 billion for the Cybersecurity and Infrastructure Security Agency, a $335 million bump from last year and $408 million above what was requested in the president’s budget. Lawmakers in both parties have expressed support over the past year for the idea of providing CISA with more resources to carry out its cybersecurity mission.”

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Bedrock Automation anticipated the possibility of supply chain counterfeiting and contamination when we designed the system five years ago and have addressed the issue in multiple ways: One is to make authentication and encryption intrinsic into the system electronics, throughout the signal path. This makes Bedrock systems impossible to counterfeit. Another approach is to build the electronic components ourselves, which provides total supply chain transparency.

Intrinsic cyber security begins at the silicon level. Secure computing requires a tamperproof startup process. The first code the processor executes cannot be encrypted. Protecting this code with signatures or checksums doesn’t help because if it can be tampered with, the checks come too late. This initial code must be built into the microprocessor chip. Later phases can use code that is signed and encrypted, but this again requires special silicon features to protect the secret keys. Intrinsic security rests on a foundation laid at the silicon level.

At the silicon level, Bedrock has the unique visibility and control over its silicon supply chain that comes from designing and sourcing custom manufactured chips. Bedrock circuit boards are made and assembled in the United States. All components are carefully sourced. The origin and lot number of every part from microprocessors to resistors on every circuit board is tracked in Bedrock’s manufacturing database. Each board has a unique serial number.

All boards are tested using custom test fixtures and software. The final assembly of modules is done at a secure facility. This is the point in the process at which each module is loaded with real production software and its unique package of cryptographic certificates and keys bound to immutable features of its silicon. These key packages are generated by a special high-security computing system and loaded directly into the modules by an automated process. Each module now has its full cryptographic identity. It cannot be cloned or counterfeited. The module next goes through a first heat soak test. If all goes well it is sealed into its tamper-resistant case and put through a final heat soak test. Although very few control system vendors manufacture their own chips and have this level of visibility, all are increasingly applying quality control standards.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

San Jose, California – February 13, 2019 – Bedrock Automation announced today that the editors of Design News have recognized the Bedrock® OSA® Remote Platform with a Golden Mousetrap silver award in the Automation & Motion Control: Controllers category. The winners were selected by members of industry and editors of Design News based on the level of innovation, benefits to user, and market differentiation.
 
“We are honored to have been selected once again for a Design News Golden Mousetrap award.  The judges recognized us in 2017 for our flagship Bedrock Open Secure Automation (OSA) platform, which provides embedded cyber security and virtually unlimited scalability. They have selected us now for our compact OSA Remote solution, which provides the same degree of intrinsic cyber security in a smaller package for applications requiring only 10 or 20 I/O,” said Bedrock Automation Founder and CEO, Albert Rooyakkers.
 
The Bedrock OSA Remote is ideal for applications that need secure, high performance control of remote operations such as upstream and midstream petroleum operations and water and wastewater plants. Like all Bedrock products, the OSA Remote controller embeds more than 40 cyber security technologies, including public key infrastructure (PKI) with secure keys inserted at birth, and advanced authentication and encryption capabilities for SCADA. All of this is in a system device that fits in the palm of the hand and available immediately at prices often below conventional PLCs or RTUs.
 
For more information about the OSA Remote, contact Bedrock Automation at +1-781-821-0280, send email to info@bedrockautomation.com or visit www.bedrockautomation.com.
 
About Bedrock Automation
 
Bedrock Automation, based in San Jose, California, has developed the world’s most powerful and cyber secure automation platform. This Silicon Valley company has assembled the latest technologies and talents from the automation, cyber security and semiconductor industries to build unprecedented automation solutions for industrial control and power based on three prime directives: simplicity, scalability and security. The result is an award-winning automation platform called Open Secure Automation (OSA®), with a revolutionary architecture and deeply-embedded ICS cyber security that delivers the highest levels of system performance, cyber security and reliability at the lowest lifecycle cost.  Build on Bedrock®! For more information about Bedrock Automation, visit www.bedrockautomation.com.
 

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

March highlights, industry news, and happenings from Bedrock Automation.

  
This issue features:
  

  • White hats needed
  • Securing the component supply chain
  • OSA Remote wins Design News Innovation Award

  

Read more in the Bedrock March 2019 Newsletter.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

February highlights, industry news, and happenings from Bedrock Automation.

  
This issue features:
  

  • Extending Bedrock OSA® to legacy systems
  • Integrated Cirrus Link Sparkplug B protocol support
  • Cybershield 4.0 Announced

  

Read more in the Bedrock February 2019 Newsletter.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

January highlights, industry news, and happenings from Bedrock Automation.

  
This issue features:
  

  • Bedrock OSA® is the IIoT
  • OSA® Remote shipping – with GE Digital (Wurldtech) Achilles L2 Cyber Hardening
  • Bedrock Certified Channel Partner Community continues rapid expansion

  

Read more in the Bedrock January 2019 Newsletter.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

System engineer Evan Hewitt of Corso Systems recently published a technical review of Bedrock Open Secure Automation offering on his company blog. The review is based on his having attended a weeklong Bedrock training session in Dallas.
  
Where most Bedrock reviews focus on the high value of its industry-leading intrinsic cyber security, this one calls out Bedrock’s uniqueness in many other areas, including its pinless backplane, wide temperature operating range, universal I/O cabling, free Codesys IDE engineering environment, side-by-side live window and editing window allowing for online changes of not just programs and routines but also of subroutines and AOIs, and a “Help” section in the IDE that is actually helpful, which is great when learning on a new platform.
  
Like other reviews and awards, Hewitt did tout the value, backed by “device longevity and support,” (Bedrock offers a 5-year warranty and lifetime support).
  
Read the full review here.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

San Jose, Calif. – February 4, 2019 – Bedrock Automation, the world leader in Open Secure Automation (OSA®), has announced new offerings that extend intrinsic security to legacy automation, support secure MQTT messaging, and enable Role Based Access Control (RBAC) across the Bedrock OSA platform. At the 2019 ARC Industry Forum, Bedrock Automation is demonstrating the following new OSA offerings:
 

  • Bedrock OSA® Proxy, a unique solution that brings advanced cyber security, protocol conversion, and data concentration to the edge, all in one industrial appliance.
  • Integrated Cirrus Link Sparkplug B protocol support, which empowers companies to easily build a secure MQTT infrastructure.
  • Availability of Cybershield 4.0 firmware, which enables RBAC and multi-factor authentication.

 
“Last year we extended cyber security protection from the OT layer — where it must begin — to the SCADA network by authenticating and encrypting OPC UA. Today, we are announcing a secure gateway that uniquely blends OT & IT technologies to protect legacy automation system networks. We are also announcing Cybershield 4.0 firmware, which Includes RBAC and multi-factor authentication,” said Bedrock founder and CEO Albert Rooyakkers.
 
All Bedrock solutions are built on Public Key Infrastructure (PKI) functionality designed into its computing core using sealed all-metal anti-tamper construction. The crypto keys in the Bedrock root of trust are authenticated by Bedrock’s certificate authority (CA) and use advanced signing and encryption technologies like those used by secure military, aerospace and online financial transaction systems.
 
Advanced security solution that understands industrial protocols
 
The Bedrock OSA Proxy is an automation-savvy firewall-type system. This unique approach to cyber defense allows customers to secure legacy devices behind the Bedrock root of trust. Unlike conventional firewalls, in addition to the embedded Bedrock PKI, the OSA Proxy also connects to industrial protocols such as Modbus, Ethernet IP, and Common Industrial Protocol (CIP), then translates the legacy protocols in real time to open and secure communications standards including OPC UA and MQTT. Built-in anomaly detection monitors all traffic across the control network. A 64-bit, quad core processor provides a modern computing platform for advanced cyber analytics and end user applications. These features enable the OSA Proxy to provide cyber defense for a legacy control network at minimal cost and complexity and avoid rip and replace.
 
More security at the edge through MQTT
 
Bedrock Automation is releasing a secure implementation of the Cirrus Link Sparkplug B protocol. The Sparkplug specification defines how Edge of Network (EoN) gateways or native MQTT-enabled end devices, and MQTT Applications communicate bi-directionally within an MQTT Infrastructure, including support for complex data types, datasets, lower bandwidth requirements, and access to historical data. The Bedrock Sparkplug B implementation is the only MQTT authentication and encryption agent providing a secure root of trust built on an intrinsically secure control platform.
 
Managing user access with RBAC
 
Bedrock Automation is also announcing Cybershield 4.0, with RBAC and multi-factor authentication. Bedrock’s RBAC enables unlimited granularity and specificity within a Bedrock system, allowing restrictions by function, command, or controller. Bedrock users can choose between pre-defined role definitions or create custom roles and privileges. This significantly improves the security posture of an industrial control system.
 
Multi-factor authentication allows user access only after successfully presenting divergent identity information, such as a password or pin, and a physical component such as a smart card or fingerprint. This reduces risk of stolen credentials through common threat vectors like phishing/spoofing. The Bedrock OSA platform works with commercially available multi-factor authentication technologies that empower users to choose the security solution that is right for them.
 
Availability
 
The OSA Proxy solution is targeted for summer 2019, and while Bedrock already offers advanced connectivity solutions to legacy devices, the release of the OSA Proxy solution will provide even greater defense in depth at all levels of the network. MQTT Sparkplug B support is available in all new projects beginning in March 2019.
 
Cybershield 4.0 will be standard on all Bedrock OSA control systems starting in Q2 of 2019 and will be made available to current Bedrock users as a free upgrade.
 
About Bedrock Automation
 
Bedrock Automation, based in San Jose, California, has developed the world’s most powerful and cyber secure automation platform. This Silicon Valley company has assembled the latest technologies and talents from the automation, cyber security and semiconductor industries to build unprecedented automation solutions for industrial control and power based on three prime directives: simplicity, scalability and security. The result is an award winning new platform of automation called Open Secure Automation, OSA®, with a revolutionary architecture and deeply embedded ICS cyber security to deliver the highest levels of system performance, cyber security and reliability at the lowest lifecycle cost. Build on Bedrock®!
 
For more information, contact Bedrock Automation at +1-781-821-0280, send an email to info@bedrockautomation.com, or visit www.bedrockautomation.com.
 
Media Contacts:
John Nero – Tiziani Whitmyre, jnero@tizinc.com; 781-793-9380.
Robert Bergman – Bedrock Automation, robert.bergman@bedrockautomation.com; 626-824-0404.

  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

San Jose, California – February 4, 2019 – Bedrock Automation, the maker of the world’s most secure open industrial control system (ICS), has established a partnership agreement with Wood, a globally recognized integration provider. Under the agreement, Wood’s automation and control group will deliver Bedrock Open Secure Automation (OSA®) to its clients in energy and industrial markets. Wood has active membership in The Open Process Automation™ Forum, which is focused on the development of a standards-based, open, secure, interoperable process control architecture.
 
“This partnership centers on combining our diverse capabilities and innovative solutions in automation with Bedrock’s OSA® technology to bring open and secure systems to our clients, advancing our position as a world leading automation provider and bringing greater cyber protection to our client’s projects,” said Jeff Shannon, Senior Manager of Strategy and Development in Wood’s automation and control group.
 
Wood’s automation and control group is a system-independent integrator comprised of over 1,400 automation professionals, with access to more than 5,000 technical experts that provide full engineering, consulting, procurement and construction services to customers around the world. Wood’s core automation experience spans the full spectrum — from small integration projects to main automation contractor programs for large, multi-EPC projects, including a diverse portfolio of vertical markets. The company’s expertise extends across the full spectrum of hardware, including instrumentation, programmable logic controllers (PLC), distributed control systems (DCS), logic solvers and higher-level applications.
 
“We are delighted with this new partnership, which is another significant step forward in delivering Open Secure Automation to everyone. Bedrock’s focus will be to work with Wood in applying the vast knowledge and expertise of both companies to deliver secure and open control systems technology,” said Robert Bergman, Vice President of Marketing and Business Development, Bedrock Automation.
 
The Bedrock® OSA® control system is known for its patented Black FabricTM Cybershield architecture, which provides an intrinsic cryptographic and physically secure platform to protect control components against unauthorized access. Unlike other conventional industrial control systems, it was designed from the semiconductor components up to be secure, simple, powerful and scalable. The system is also capable of extending security up to the network and down to the instruments to create a holistic solution.
 
About Wood
 
Wood is a global leader in the delivery of project, engineering and technical services to energy and industrial markets. It operates in more than 60 countries, employing around 60,000 people and has revenues of over $10 billion. The company provides performance-driven solutions throughout the asset life-cycle, from concept to decommissioning, across a broad range of industrial markets, including the upstream, midstream and downstream oil and gas, power and process, environment and infrastructure, clean energy, mining, nuclear and general industrial sectors. For more information about Wood, visit www.woodplc.com.
 
About Bedrock Automation
 
Bedrock Automation, based in San Jose, California, has developed the world’s most powerful and cyber secure automation platform. This Silicon Valley company has assembled the latest technologies and talents from the automation, cyber security and semiconductor industries to build unprecedented automation solutions for industrial control and power based on three prime directives: simplicity, scalability and security. The result is an award-winning automation platform called Open Secure Automation (OSA®), with a revolutionary architecture and deeply-embedded ICS cyber security that delivers the highest levels of system performance, cyber security and reliability at the lowest lifecycle cost. Build on Bedrock®! For more information about Bedrock Automation, visit www.bedrockautomation.com.
 
Media Contacts:
John Nero – Tiziani Whitmyre; jnero@tizinc.com; 781-793-9380.
Renie Deanda – Wood, Renie.Deanda@Woodplc.com; 346- 269 3953
Rob Bergman – Bedrock Automation, robert.bergman@bedrockautomation.com; 626-824-0404.

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview