SCADA
Supervisory Control And Data Acquisition (SCADA) referes to industrial control systems. Many protocols used within SCADA are proprietary, while the trend is to move to more standardized, open source IP solutions. Together with the process control solution we are able to 'talk' with virtually any SCADA protocol and provide a reliable and transparent solution within process control.
-
List of Supported SCADA protocols
The following is the list of SCADA protocols supported by the Fox DataDiode Process Control Application.
- ABB
- Acelia
- Acksys
- Acromag
- ACTL
- ADFweb
- Adv. Control Syst.
- Advantage Eng.
- Advantech
- Air Liquide
- Alerton
- Alien Techn.
- Allen-Bradley
- AMASS Data
- Amoco
- Antx
- Apex Automation
- Aprisma
- Aquametro
- AquaSensors
- Arcom
- Areva T&D
- Aromat OPC
- Aspentech
- Atlas Copco
- AUMA Riester
- Automated Logic
- AutomationDirect
- Axeda
- AzeoTech
- Bachmann Elec.
- BACnet OPC
- Bailey
- Balogh T.A.G
- Barber Colman
- Barix
- Barnett Eng.
- Beckhoff TwinCAT
- Belimo
- Bentek Systems
- Bihl+Wiedemann
- Bow Networks
- Bristol Babcock
- BUSWARE OPC
- CAS
- Castlerock
- Cimetrics
- Cirronet
- Cisco
- Citect
- COMET
- Comtrol
- connectBlue AB
- Continental Control
- Contrex OPC
- Control Microsyst.
- Control Technology
- Core Lab
- Coyote DataCom
- CTI
- Curry Controls
- Cutler-Hammer OPC
- CyberLogic
- Cybertec
- DAE Instrument
- Danaher Industrial
- Danfoss
- Daniel Measurement
- Data Comm
- Dataforth isoLynx
- DataLink Techn.
- Datalogic
- DataNAB
- DATAQ Instruments
- DDE
- Decision Europe
- Delta Controls
- DER
- DeviceNet
- DGH Corporation
- Digi Int.
- Distech Controls
- DLMS
- DNP3
- Doble
- Dorsett
- Dr. SCADA
- Eaton Electrical
- Echelon
- eelectron
- Efacec Engenharia
- Electro Industries
- Elite Techn.
- Emerson
- Empros Power Sys.
- Encore
- Endress+Hauser
- EnFlex Corp.
- ENGIBY
- eProductions
- Equustek Sol.
- European Telemetry
- Eurotherm
- EXEMYS
- FANUC CNCs
- Farell Instruments
- FieldServer Tech.
- Fischer and Porter
- Fisher
- Fisher ROC OPC
- Flowserve Corp.
- FOCUS Software
- Foxboro
- FRABA POSITAL
- Frontline
- Fuji
- Fuji Flex OPC
- Galil Motion Control
- Gaugetech
- GE
- GE Energy
- GE Fanuc
- Gensym
- GrayHill
- Grid Connect
- Grundfos
- GSE Scale Systems
- Hach
- Hewlett Packard
- Hilscher
- Hilscher
- Hirschman
- Hirschmann GmbH
- HMS
- Honeywell OPC
- Husky Injection
- IA Super SEL
- IBM
- ICP DAS
- ICS Electronics
- Idec OPC
- Infranet
- Innovatis
- Innoventor
- InStep
- Instr. Northwest
- Intellicom Innov.
- Intelligent Actuator
- Intellution
- Invensys
- Invensys Foxboro
- InvensysTriconex
- IOtech PointScan
- Ipact
- IPS
- IPS Triconex
- Ipsil
- ISEP
- Jetter
- Johnson Controls
- K-TEK Corporation
- KALKI
- Kele
- Kieback & Peter
- KK Systems
- Kontron
- Koyo OPC
- Krauss Maffei
- Lantronix
- Larsen & Toubro
- LiveData
- Lufkin
- M2M Comm.
- Maple Systems
- MathWorks
- MatrikonOPC
- Matrix Controls
- Matsushita
- McQuay
- Messung
- Metso
- Mettler Toledo
- Mettler Toledo
- Micon-Powell
- Micro-DCI
- Microsoft
- Minitab
- Mitsubishi
- MKS Instruments
- Modbus
- Modcomp
- ModemTec
- Modicon
- Monarch Instr.
- Moore
- Morningstar Corp.
- Motorola
- Moxa Technology
- MTL Open System
- Multenet
- MultiTrode
- National Instr.
- NDC
- Nematron
- NETdot3
- Network Innov.
- New Forest Electr.
- NICO
- Niobrara Research
- Noja Power
- Nova Biomedical
- Nova Weigh
- NovaTech
- Obvius
- Ocean Controls
- ODBC
- ODBC
- OILES
- OMEGA Engineering
- OMNI
- Omni Flow
- Omron
- OPC DA
- OPC UA
- Opternus
- Optimation OptiLogic
- Opto 22
- Oracle
- ORMEC Systems
- OZM Research
- Panasonic
- Parijat Controlware
- Partlow ASCII
- Partlow brand
- PCI Lighting Control
- Philips
- Phoenix Contact
- Phoenix Controls
- Phoenix Digital
- Polaron
- Precision Digital
- Procon Electronics
- Profibus DP
- ProSoft
- Provox
- Pyramid Solutions
- QEI
- Quantum
- QuickSilver Contr.
- RACO
- Raster Products
- Red Lion
- REINHAUSEN
- Reliable Controls
- Reliatronics
- Remsdaq
- Remsdaq
- Rika Kogyo
- RKC Instrument
- Rockwell
- Roper Associates
- Rosemount
- Rotork Controls
- RuggedRouter
- RUGGERCOM
- S&C Electric Comp.
- Sales Technology
- SAN People
- SAN Telequip
- SattBus
- Sauter
- Scanivalve
- SCHENCK AccuRate
- SCHENCK AccuRate
- Schlumberger
- Schneider
- Schneider Electric
- Sealevel Systems
- Seekirk
- Sena Technologies
- Sensa Control
- Seven Techn.
- Shikoku
- Siemens
- Siemens Energy
- Siemens Moore
- Simatic
- Simply Modbus
- SIPOS Aktorik
- SIXNET
- Smar UK
- Softing
- SoftPLC
- Solarwinds
- SOR
- SquareD
- Stanley
- StoneL
- Swegon
- Sybase
- SymCom
- Synergetic
- T&T Systems
- TAC
- Techno Trade
- Telemecanique
- Telvent
- Temytech
- Thermo Electron
- Thermo Westronics
- Thermoflow
- TIBCO
- TIWAY
- Tixi.Com
- Tops CCC
- TopWorx
- Torque Tool
- Toshiba OPC
- Toyopuc
- Trane
- Trend Control Sys.
- Triangle Microwks
- Triatek LIghting
- Triconex
- Triconex
- Tridium
- Trio Motion
- TROX
- TSI Incorporated
- Unitronics
- UPS Manufacturing
- Verano
- Veris Industries
- Vestas
- vHMI Automation
- Vibro-Meter
- Viola Systems
- Wago
- Warwick Wireless
- Watlow Electric
- WeatherBug
- Weatherford
- Webdyn
- WebFaqtory
- Weed Instrument
- West Instruments
- Western Reserve
- Westlock Controls
- Willowglen
- Windmill Software
- Wingpath
- Wonderware
- Woodhead
- Woodward
- WPS Energy
- Yamatake
- Yaskawa Memobus
- YieldPoint
- Yokogawa
- Zetron
- Zigbee
-
MatrikonOPC
A partnership between MatrikonOPC and Fox-IT enables Fox DataDiode to be embedded seamlessly into SCADA networks for the highest levels of systems security and interoperability. MatrikonOPC is a leading provider of data connectivity software based on the OPC standard. The company's products enable reliable data access to all major vendors' systems for industrial automation, such as: PLCs, sensor and monitoring systems, historical databases, HMIs and other devices for implementing complete OPC architectures.
The addition of Fox DataDiode enables MatrikonOPC and Fox-IT to offer customers higher security and operational efficiency of critical Process Control Systems (PCS) such as those used to manage power plants, water treatment facilities, gas and oil refineries, public transport and financial services.
Key MatrikonOPC products: Data Connectivity Software compliant with OPC specifications and certified by the OPC Foundation.
Key Fox-IT product: Fox DataDiode for safely connecting networks with different security levels and certified with the highest level of security certification (Common Criteria EAL7+).
Key take-away: Fox DataDiode, which is approved for connection of networks up to and including NATO Secret, gives SCADA networks the most secure protection on the market today. The combined MatrikonOPC/Fox-IT solution protects sensitive infrastructure from increasingly sophisticated cyber threats, including Stuxnet-class malware, yet allows information to be shared safely in real-time with back-office systems and other networks.
The highest levels of security and interoperability for SCADA networks
What is the need?
Operators of SCADA networks have conflicting requirements:
- Safety and security—Data and programming that controls critical infrastructure must be protected against threats of espionage, terrorism, extortion, vandalism and theft of proprietary information. A security breach of any critical infrastructure, whether accidental or intentional, can be catastrophic.
- Information sharing between high-security PCS infrastructure and less secure back-office systems and networks-- to improve business decision making, operational efficiencies and customer service. Just as manufacturers seek to integrate systems across their extended enterprise for real-time business visibility and decision making, critical infrastructure companies need similar access to data from their SCADA networks.
What are the gaps?
Even when fully compliant with the latest OPC standards, security measures for PCS networks are limited to DCOM-based access permissions, firewalls and “air gap” data transfers. These are still vulnerable to human error (wrongly configured firewalls or access permissions) and malicious intent (e.g., the Stuxnet worm that targets SCADA systems has been spread, either intentionally or accidentally, by infected air-gap devices, such as USB flash drives.)
How do MatrikonOPC solutions with Fox DataDiode close these security gaps?
While MatrikonOPC software enables connectivity to virtually any PCS device, Fox DataDiode secures data transfers with one-way transmission. Fox DataDiode effectively disconnects the critical part of PCS infrastructure from other networks while still allowing access to information from that critical part.
The combined solution protects PCS from cyber threats, yet allows information to be shared in real-time with back-office systems and other networks. This means that organizations engaged in providing critical public services can make better business decisions to improve performance—operationally, financially, and in terms of customer satisfaction and shareholder value.
What makes MatrikonOPC connectivity with Fox DataDiode more secure?
Fox DataDiode eliminates the need for air-gap data transfers with USB devices or other portable media, and thereby the threat of introducing malware such as Stuxnet—accidentally or intentionally—in addition to online threats. Fox DataDiode does not contain decision logic, software or firmware that could compromise OPC architecture. It eliminates opportunities for software malfunctions, malware, tampering or online attacks. It cannot be misconfigured, eliminating the potential for human error.
The addition of Fox DataDiode to MatrikonOPC's security layer provides the highest protection possible for national critical infrastructures and other SCADA networks. Fox DataDiode is Common Criteria EAL7+ certified—the highest certified security assurance level. It is approved for connection of networks up to and including NATO Secret and is increasingly selected to upgrade the security of government networks. Security standards similar to those mandated by governments are needed for SCADA networks as well.
Why is the MatrikonOPC/Fox-IT partnership ideal for SCADA network operators?
The collaboration between MatrikonOPC and Fox-IT responds to SCADA operators greatest needs: interoperability and secure information sharing. The combination of MatrikonOPC with Fox DataDiode ensures data is sent securely from the SCADA network in real-time for business decisions without exposing the network to cyber threats.
Native support for the OPC Foundation's OPC Security specification is crucial for implementing secure OPC (SCADA) architectures. With Fox DataDiode, MatrikonOPC products offer complete control over information browsing, reading, and writing—on a per-user, per-PCS component basis. Instead of relying only on global, DCOM-based, "all-or-nothing" OPC data access permissions, MatrikonOPC with Fox DataDiode provides granular, role-based control over security to help prevent unauthorized OPC data access, whether accidental or intentional.
-
Process Control
Continuity is essential to Critical Process Control Systems such as power plants, water treatment facilities, gas and oil refineries and public transport. Improving IT-security measures can raise the continuity level further. An effective improvement to IT security is to physically disconnect the Process Control Systems (PCS) from other networks. Unfortunately a contradictory requirement is faced: the need for information sharing from PCS networks.
By implementing the Fox DataDiode automation application you can disconnect the critical part of your infrastructure from other networks while still having access to the information from that critical part. This is an effective way to enhance the security level of your network and securely share more information. Your PCS network is disconnected from cyber threats!
The need for disconnected networks
To enhance the continuity of critical industrial networks one can take many measures. One step is to segment networks and establish clear electronic security perimeters (ESP). This achieves separation of systems based on their role and controlled channels of communication. Another step is to use firewalls between those segments to actually control the flow of informa- tion between the segmented networks. There is however no guarantee that an intruder cannot find a way to circumvent those connection measures due to wrongly configured firewalls or vulnerable systems. The best way to restrict the flow of information between networks is to disconnect or air gap them. This method is often used to protect the most critical parts of a network.
The need for sharing information in PCS
Information from sensors, monitoring systems and logging is necessary to share from the PCS network with other systems. Some scenarios in which this information may be needed are; alerting, providing customers with up-to-date information, remote vendor support and backing up of systems. Undeniably the need for sharing information is there and its requirements will only continue to increase.
How to resolve the contradictory requirements
A solution to the two aforementioned trends is to connect a PCS network to other networks using a one-way network connection. This enforces the air gap from the perspective of the intruder and allows for information sharing from a business perspective. This can be done by using the Fox DataDiode.
What is a data diode?
The Fox DataDiode is a certified product that connects two networks while enforcing a one-way network connection. This is achieved at the physical layer by using a single fibre optic connection; there is no hardware to send data the other way. Because connection-oriented protocols require two- way communication the Fox DataDiode comes with two servers that act as proxies. Data is delivered using standard protocols to the proxy, pushed through the data diode to the receiving end using a proprietary one-way protocol and delivered on the receiving network. This results in transparent and reliable one-way communication; which amongst other things assist in achieving NERC CIP-compliancy.
How it works
The Fox DataDiode has a receiving and a sending proxy. The receiving proxy is placed in the supervisory network and sends information to the sending proxy in the administration network. Sensors, HMI's and other SCADA equipment can deliver their information to the receiving proxy using standard SCADA-protocols. The sending proxy forwards this information to systems in the administration network for further processing.
