|Organization:||British Columbia Institute of Technology, BC, CA|
|I.P. Brief:||Tofino is a distributed industrial security appliance that is functional in the process control environment and provides firewall and other security services tailored to the plant floor. The Tofino security solution is specially designed to provide industrial companies with an in depth solution to vulnerabilities in their critical control systems.|
|Summary of I.P.:||The Tofino security appliance is targeted at manufacturing and process control companies that wish to protect their critical industrial control systems from cyber attack. Control systems currently rely on centralized security from one or more firewalls protecting entire business networks. However, this design leaves control systems at risk, should a virus or hacker somehow get past (or already be inside) the central firewall. Currently, control equipment offers no authentication, integrity or confidentiality mechanisms and can be completely controlled by any individual that can “ping” the device.
The present invention creates “defense in depth” by deploying small, distributed firewalls directly in front of each control device, similar to the way personal firewalls are deployed on desktop computers.
Currently available firewalls fall short in the industrial setting – they do not understand SCADA protocols, are not industrially packaged and are almost impossible to manage in large deployments. Furthermore, they require an understanding of TCP/IP and firewall configuration that exceeds the knowledge level of the typical technician responsible for in-field service of these devices.
The Tofino security appliance would be installed in front of each control device requiring protection with a centralized management system supervising each appliance.
|Patent:||Provisional 60/723,902 (Converting April 2006)|
|Keywords:||distributed firewall, SCADA, process control, industrial control, security, cyber attacks, vulnerabilities, PLC, Fieldbus, central administration|
|Specific Market:||Process Control, Manufacturing, Power Generation|
|Market Size:||Frost & Sullivan (2001) project sales of 9.7 million Programmable Logic Controller units for 2006. Although we are currently commercializing a complimentary technology that improves security in new control equipment, demand for Tofino will be driven by|
|State of the Art:||The current method of protecting industrial control systems and critical infrastructure is to place central firewalls at access points to business/control networks. These firewalls are much more complicated to administer, and lack the ability to monitor commands sent through industrial equipment protocols.|
|Figures of Merit:||The well established network of control equipment distributors can sell this product through existing channels; it is a complimentary product to add to their lineup. The product fullfills the emerging security needs of end users.|
|Tech. Obstacles:||Finding a suitable industrial hardware platform to put the firewall on (each vendor will have a preferred platform)
Time: Converting prototype to platform, getting platform industrially tested and approved
Central Management Console GUI still needs development. Difficult to show off product functionality without it.|
|Market Obstacles:||-Patent Conversion: Provisional is segmented to be converted to up to 5 patents depending on our strategy
-Prototype Development: (est total cost $262,000)
-Firewall Appliance Completion
-Convert to approved hardware configuration
-Central Management Console GUI
-Device Protection templates for PLCs & RTUs
-Industrial testing and certifications
|Patent Landscape:||Innominate has a patent filed in Germany for a transparent firewall. Relates to stealth addressing features of Tofino, but from our interpretation we don\'t think there will be a conflict.|
|Publications:||“Why IT Doesn’t Work” paper at ISA Expo 2002, outlining the issues with conventional IT security technologies in the industrial setting. This was intended as a lead in to the solutions the firewall would provide, but the second paper was pulled to avoid IP disclosure.
ISA expo 2004: \"SCADA Aware Firewalls\"
NewsForge Nov 2004: \"Linux Micro Firewalls\"
-Linux industry newspaper runs a brief article on the firewall|
|Research Team:||4 members, >30 years combined experience
Eric Byres: Lead researcher BCIT cyber security and critical infrastructures lab. Developed core concepts and project definition
John Karsch: Co-developed firewall architecture and supervised students
Students: Darren Lissimore and Khai Lee|