POWER February 2015 - 40

ICS CYBERSECURITY
2. Secure connections for distributed equipment and diverse systems.
Tempered Networks' HIPswitch security appliances are transport and topology agnostic, supporting
any mix of cellular, Wi-Fi, wired Ethernet, or satellite communications networks. Courtesy:
Tempered Networks
HIPswitch Conductor™
SCADA &
Historian
HIPSwitch™
Corporate
Network
orchestration is based on the Trusted Computing
Group's IF-MAP protocol and follows
a specification purpose-built for secure networking
of industrial control systems.
The orchestration follows a concept from
Cellular
Network
Segment Process Control and SCADA
Networks to Isolate and Cloak Connectivity.
The industry's best practice for
protecting critical infrastructure and DCS
networks within power facilities is to segment
networks. The Tempered Networks
solution enables organizations to segment
and isolate connectivity to and between production
facilities, following the ISA-99/IEC
62443 zones and conduits model.
However, unlike traditional firewalls or
virtual private networks (VPNs), the Tempered
Networks solution goes beyond simple
inspection, adding authorization, confidentiality,
integrity, and availability protection to
the data as it traverses the control systems
network. It essentially provides a " VPN as a
service, " where you can provision individually
managed private overlay networks-at
unlimited scale.
Another difference is that the solution is
designed to be deployed and managed by OT
teams, whereas firewalls and VPNs require
advanced security skills and are resource intensive,
especially on a large scale.
Additionally, the solution is transport and
topology agnostic, which is crucial for many
of these remote facilities where there may be
any mix of cellular, WiFi, wired Ethernet, or
satellite communications networks.
The Tempered Networks solution provides
an overlay network to segment and
isolate critical production systems and devices.
It " cloaks " all devices within the
overlay network, leaving no configuration
footprint from outside the Tempered Networks
private network. This approach leverages
existing infrastructure to connect
plants, without exposing device communications,
and without the brittleness of complex
configurations.
Securely Connect and Monitor Remote,
Distributed Equipment. Customers
40
require an independent layer of connectivity,
security, and trust management that allows
management of devices-even across
a third-party's network infrastructure. They
also require easy connectivity and monitoring
of production equipment with centralized
supervisory control and data acquisition
(SCADA) and historian systems. As noted
earlier Tempered Networks' HIPswitch security
appliances are transport and topology agnostic,
supporting any mix of cellular, Wi-Fi,
wired Ethernet, or satellite communications
networks (Figure 2).
Manage Third-Party (Contractor and
Vendor) Connections. Most facilities have
vendors or contractors that need access to
their networks, but this creates yet another
security vulnerability. Tempered Networks
facilitates authorized third-party access to
SCADA networks, which can be granted
and revoked in minutes, and monitored and
logged. Once granted, access can be constrained
to a single isolated device or a group
of devices, for a specific period of time, using
only specific applications.
When no longer required, access can
be revoked quickly, without modifying
the shared network. The solution can be
configured to require user authentication
prior to enabling access, thus adding integrated
authentication services to automation
environments.
Overview of Orchestration/Control
Compliance with industry standards was
a key element when the solution was engineered,
and it continues to be a valued aspect
by customers. Tempered Networks provides
a purpose-built solution for ICS and critical
infrastructures, based on Trusted Computing
Group (TCG), the Internet Engineering
Task Force (IETF), and the International
Society of Automation (ISA) standards. The
www.powermag.com
networking called the control plane and is
used only for control and monitoring of the
deployed HIPswitches. This is a powerful
approach because it avoids making the Tempered
Networks Conductor a bottleneck in
the system. The HIPswitches handle the data
plane independently of orchestration and,
therefore, can continue to operate with their
current configuration if orchestration becomes
unavailable. Even with a highly available orchestration
service, this independence is vital
for a highly resilient network.
There are no silver bullets in security;
however, Tempered Networks believes its
new approach raises the bar very high.
The HIPswitches are transparent on the
ICS side, meaning that protected devices
cannot communicate with the HIPswitch.
On the shared network or uplink side,
the HIPswitch has only one listening service,
and that is for connections from peer
HIPswitches. And, unless the incoming
HIPswitch connection presents a trusted
cryptographic identity in the first packet,
the connection is ignored.
Insider attacks within the network are
mitigated with this approach because it is
easy to microsegment the customer's network.
If a compromise (whether human or
malware) occurs, the ability for that threat
to propagate to other parts of the network
is very limited, and log messages will be
generated to indicate these attempts. Furthermore,
authentication services can be
layered into network access for human users
to provide additional levels of security
control, awareness, and logging.
Human factors at the administrative
level will always be an important consideration
in any organization, and this issue
is present when using an orchestration service
to manage security and connectivity.
Tempered Networks has incorporated approaches
for managing this risk, including
role-based authorization, granular logging,
and increased visibility through an emphasis
on collaboration.
Works Well with Other IT Security
Systems
Customers often have invested in other IT
security solutions, such as firewalls, deep
packet inspection (DPI), security incident
and event management (SIEM) systems, data
diodes, and network intrusion detection systems
(NIDS). The Tempered Networks solution
works with any of these existing systems
and preserves the customer's investment.
POWER | February 2015

http://www.powermag.com

POWER February 2015

Table of Contents for the Digital Edition of POWER February 2015