• No results found

Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation

N/A
N/A
Protected

Academic year: 2021

Share "Embedded Virtualization & Cyber Security for Industrial Automation HyperSecured PC-based Control and Operation"

Copied!
5
0
0

Loading.... (view fulltext now)

Full text

(1)

Embedded Virtualization & Cyber Security

for Industrial Automation

HyperSecured® PC-based Control and Operation

Industrial controllers and HMIs today mostly lack protective functions for their IT and network security. Upstream security appliances with dedicated hardware could provide an add-on solution. Cost pressure and the ever increasing processing power of CPUs though tend to result in a demand for hardware consolidation. Therefore, the IT mega-trend and cost-cutting technology of virtualization is about to make inroads into the industrial automation market as well, especially in embedded flavors.

Introduction

The networking of machinery and equipment results in new options for the IT integration of processes and for remote services across wide area connections but also in new challenges in the area of cyber security. Solutions with dedicated security devices are advantageous in that they physically separate the actual functionality of a system from its protective security measures, avoiding mutual side-effects and allowing independent development of both by respective specialists. Yet their deployment often fails due to the additional hardware needs and cost restrictions.

At the same time, the price-performance ratio of processors, memory, and peripheral components keeps constantly improving (Moore’s law). This gives rise to a shift from specialized hardware to software functions on a common platform, limited by the necessary degree of modularization to cope with technical risks and enable the integration of subsystems from different suppliers. Virtualization is the key to combine the cost savings of advanced hardware consolidation with such a modular design. This leads us to the concept of virtual security appliances for industrial automation.

Virtualization in IT and Automation

Virtualization of both client and server systems is state-of-the-art technology in enterprise IT today. Typically, the virtual systems are operated on a server farm in the network. The provision and coordinated operation of multiple virtual machines on a shared hardware are effected by a layer of software called

hypervisor or virtual machine manager.

Two types of hypervisors and two approaches to virtualization are usually being distinguished.

Type 1 hypervisors run directly on the bare hardware and only coordinate the available hardware resources.

(2)

The hardware virtualization approach presents each original guest system with a complete (simulated) computer of its own.

The unmodified guest system is run with its own time-slice scheduler not being aware of the virtualized environment which typically prevents real-time capability.

Depending on platform and implementation, the guest system may have direct access to (parts of) the underlying hardware components. Other components may be completely simulated, requiring a fairly complex hypervisor or a hardware platform with virtualization support. Guest system performance can be equivalent to a stand-alone system as long as no I/O operations are performed via simulated components.

Under the para-virtualization approach in contrast, the guest systems need to be modified for better cooperation with the respective hypervisor.

Time-slice and memory management can be more tightly integrated and real-time capability thus be achieved.

The internal communication between guest systems or guest system and hypervisor is carried out through efficient specialized interfaces.

In industrial automation and control however, the requirements are different from those in enterprise IT. The systems deployed here run on dedicated hardware with little or no operator intervention. Controller components typically have real-time requirements whereas human-machine interfaces (HMIs) are mostly applications on a Windows operating system.

In this environment, embedded virtualization taking a hybrid approach and combining native Windows installations with additional unmodified guest systems on a thoroughly partitioned multi-core PC platform with virtualization support is of particular value.

HyperSecured® Industrial PCs

Under the HyperSecured® concept developed by Innominate, automation components such as an HMI or controller and a virtual mGuard® security appliance are integrated onto a single hardware by means of an embedded virtual machine manager. This provides the automation components with all the benefits of an upstream security appliance at reduced hardware costs. The automation components can thus be

efficiently protected from unauthorized access and malware attacks.

With their exhibit of a HyperSecured® IPC, technology partners Innominate and TenAsys showcase a joint solution to demonstrate that embedded virtualization and cyber security are ready for production use. The exhibit uses TenAsys’ eVM® for Windows embedded virtual machine manager to integrate an original Windows operating system with a virtual mGuard® security appliance on a standard industrial PC.

(3)

HyperSecured® Industrial PC Architecture

Network communication between the Windows system and the external environment has to pass through and is controlled by the virtual mGuard® security appliance which provides firewall, virtual private network (VPN), and integrity monitoring services to the PC system. The internal communication between the Windows system and the security appliance is done through a virtual Ethernet interface.

(4)

The hardware used for the exhibit is an off-the-shelf Valueline IPC from Innominate’s parent company PHOENIX CONTACT featuring an Intel Core 2 Duo CPU with VT-d support, 2 GB RAM, and dual Gigabit Ethernet ports.

The TenAsys eVM® embedded virtual machine manager is a very compact package installed and

administered through Windows. It partitions the CPU into two cores and system domains for Windows and the mGuard® guest system. Both Windows and the mGuard® guest system boot natively, exactly as if they were running stand-alone. Peripheral components, in particular the Ethernet interface, are exclusively assigned to one of the systems.

Virtual mGuard® Security Appliance

Thanks to TenAsys eVM®, no para-virtualization and modification of the mGuard® system is necessary on Intel platforms with VT-d support. The original Linux-based mGuard® firmware image runs on a dedicated core of the shared x86 CPU. The virtual mGuard® ensures comprehensive protection of the PCs network communication as the physical Ethernet interface to the external environment is exclusively assigned to it. Its DoS protection against denial-of-service attacks will be effective, too, thanks to this direct hardware control: even in an extreme case, only the virtual security appliance could be overloaded and external network packets get delayed or dropped. Due to the strict partitioning of the CPU cores and system domains this will not affect the Windows partition or potential other guest systems.

Access to the PC and its Windows system will be blocked by the mGuard® firewall unless authorized by a general static or user-specific dynamic firewall rule. Integrated virtual private network (VPN) functionality enables secure remote access with authentication and encryption. VPN tunnels are terminated by the virtual mGuard®, the Windows system gets to see regular IP communication only.

Summary and Outlook

Virtualization with an appropriate embedded virtual machine manager enables trendsetting consolidation of industrial automation and cyber security functions onto a cost-optimized hardware, preserving the modular design and benefits of dedicated devices.

The HyperSecured® solution as presented is not generally limited to just one protected Windows system. It will be possible to use additional CPU cores with their own native guest systems including real-time

operating systems and controllers.

(5)

About Innominate Security Technologies AG

Innominate, a PHOENIX CONTACT Company, is a leading supplier of components and solutions for controlled and secured communication in industrial networks. The German company specializes in the protection of networked industrial systems and the secure remote diagnosis and maintenance of machinery and equipment over the Internet. Its mGuard® product line of network security appliances provides router, firewall, virtual private network (VPN), as well as quality of service (QoS) functionalities and helps with intrusion detection and antivirus protection. The mGuard® portfolio is complemented by highly scalable device management software and a Cloud-based Remote Services Portal. Innominate products are marketed worldwide under the mGuard® brand through system integrators and OEM partners. Further information can be found at www.innominate.com.

About TenAsys Corporation

Real-time virtualization expert, TenAsys Corporation, specializes in operating software for the embedded computer industry, designed and optimized for Intel® x86 platforms using the Microsoft® Windows® OS and the Visual Studio® development environment.

Since 1980, customers worldwide have entrusted TenAsys RTOS products to provide reliable deterministic control in a wide array of mission-critical applications including: medical, telecom, industrial control, robotics, test and measurement, and military applications.

References

Related documents

Up through the 1870s, just about all economists (including both Adam Smith and Karl Marx) subscribed to the labor theory of value, which says that the value of a good was equal to

The FMIs supervised by the Bank sit at the heart of the UK economy and financial system in the form of, for example, the payment systems which allow goods and services to be

meritev hitrosti in uspešnosti učenja glede na izbrano število kategorij, uspešnost CNN s povečevanjem števila vhodnih podatkov slik pri enakemu številu izhodnih kategorij,

The course is a mix of theories, methods, and applications geared towards helping students: (1) develop an understanding of the important theoretical concepts in spatial

of queer sexuality and gender inform contemporary art education theory and practice; and in what ways does the utilization of border epistemologies become relevant for

• The continual identification of relevant explicit and tacit knowledge • Communities of practice with organizational support?. • Appropriate technology to support the

In accordance with Article 90 paragraph 2 of North Toraja Regency Regulation on Building related to supervision on the feasibility of building function in Toraja Regency,