Bedrock Automation announced upgraded control system firmware that extends its cyber security protection to networks, the Industrial Internet of Things (IIoT) and third-party applications. Bedrock Cybershield 2.0 firmware enables authentication and encryption of I/O networks and field devices and protects compliant networks and user applications such as controller configuration, engineering and SCADA. It achieves this with the industrial control system (ICS) certification authority (CA) – drawing on public key infrastructure (PKI) and Transport Layer Security (TLS). Bedrock Automation also announced today a controller that enables end users to obtain customized, company specific root keys and certificates.
With the inclusion of more than 40 technologies, the Bedrock Open Secure Automation (OSA) platform initially delivered on two fundamentals of cyber defense: a secure control platform and secure component supply chain. The resulting endpoint root of trust leverages hardware-based secret root keys and certificates for cryptographic authentication of Bedrock hardware and software components, which are further fortified with layers of anti-tamper protection.
Bedrock Automation created the Bedrock OSA as both an open and a secure platform for hardware, networks and software. Several software providers are releasing or testing this secure integration. The first cyber secure software partners include 3S of Germany, with its IEC61131 configuration and runtime engines now running over TLS with authentication to the Bedrock system root of trust, as well as a Field Device Tool (FDT) frame application by M&M Software for HART configuration. This will be followed closely with Inductive Automation’s Ignition SCADA and other SCADA partners later this year.
Bedrock Automation also announced an option for users who want to increase protection of their IP, infrastructure and human resources by restricting access to only registered, company-controlled assets. The SCC.X Controller is injected at factory birth with company-unique root keys and certificates, effectively limiting connections to company mandated, approved devices.
Cybershield 2.0 is available today and will be standard in all Bedrock systems going forward. Current customers receive it through a firmware upgrade. Customers who want to apply Bedrock technology in maintaining their own custom root of trust can do so by specifying the Bedrock SCC.X Controller at time of purchase. Software developers who want to release applications on the Bedrock OSA platform should contact Bedrock Support.
- Download/View the Bedrock Automation Control System Spec Sheets (PDF)…
- More Information…
A generation ago, “cyberspace” was just a term from science fiction, used to describe the nascent network of computers linking a few university labs. Today, our entire modern way of life, from communication to commerce to conflict, fundamentally depends on the Internet. And the cybersecurity issues that result challenge literally everyone: politicians wrestling with everything from cybercrime to online freedom; generals protecting the nation from new forms of attack, while planning new cyberwars; business executives defending firms from once unimaginable threats, and looking to make money off of them; lawyers and ethicists building new frameworks for right and wrong. Most of all, cybersecurity issues affect us as individuals. We face new questions in everything from our rights and responsibilities as citizens of both the online and real world to simply how to protect ourselves and our families from a new type of danger. And yet, there is perhaps no issue that has grown so important, so quickly, and that touches so many, that remains so poorly understood.
In Cybersecurity and CyberWar: What Everyone Needs to Know®, New York Times best-selling author P. W. Singer and noted cyber expert Allan Friedman team up to provide the kind of easy-to-read, yet deeply informative resource book that has been missing on this crucial issue of 21st century life. Written in a lively, accessible style, filled with engaging stories and illustrative anecdotes, the book is structured around the key question areas of cyberspace and its security: how it all works, why it all matters, and what can we do? Along the way, they take readers on a tour of the important (and entertaining) issues and characters of cybersecurity, from the “Anonymous” hacker group and the Stuxnet computer virus to the new cyber units of the Chinese and U.S. militaries. Cybersecurity and CyberWar: What Everyone Needs to Know® is the definitive account on the subject for us all, which comes not a moment too soon.