Category Archives: Automation and Process Control INSIDER

Emerson Acquires ProSys Inc.

Emerson Completes Acquisition of ProSys, Inc.

Deal adds new software capabilities to improve plant performance and brings new technologies to Emerson’s Operational Certainty initiative

Emerson (NYSE: EMR) announced on the 17th of January that it has acquired ProSys Inc., a global supplier of software and services that increase production and safety for the chemical, oil and gas, pulp and paper, and refining industries. By building intuitive processes for plant operators, these solutions make everything from everyday operations to responding during abnormal situations easier.

“The staff of ProSys are all friends of long standing and the INSIDER wishes them all well and congratulates them on their success,” said Walt Boyes, editor/publisher of the INSIDER.

“Adding ProSys’ differentiated technologies and expertise allows us to help our customers improve plant performance, safety and profitability by optimizing their human and automation resources,” said Mike Train, executive president, Emerson Automation Solutions. “With ProSys, we can provide innovative control and operator performance capabilities to make control room operators far more effective.”

Executive President Mike Train

ProSys’ portfolio includes solutions that help operators manage alarms critical to plant production and safety, and efficiently handle changing plant states. In addition, ProSys provides modern, high performance and intuitive graphics for better operator communications.

ProSys complements Emerson’s May 2017 acquisition of MYNAH Technologies, which provides dynamic simulation and operator training software. Together, these technologies embed expertise to help operators navigate plant systems safely and efficiently, and prepare customers to accommodate the changing state and age of the industrial workforce.

“Our specialization in software and services that increase operator performance builds on Emerson’s market leadership in automation control systems,” said Dustin Beebe, president and CEO at ProSys. “By working together as one, we can provide even more operational and financial value to customers.” Beebe will join Emerson Automation Solutions as vice president, control and operator performance.

Dustin Beebe will join Emerson as Vice President of control and operator performance

The ProSys software portfolio supports Emerson’s Operational Certainty™ program designed to help industrial companies achieve Top Quartile performance in areas of safety, reliability, and production.
Terms of the acquisition were not disclosed. For more information about ProSys Inc., visit https://www.prosys.com/.

Is Malware the Achilles Heel of the IIoT?

Insiderlogo3Is Malware the Achilles Heel of the IIoT?
By Walt Boyes

(Originally published in the December 2017 Industrial Automation and Process Control INSIDER)

The big appeal of the Industrial Internet of Things is the potential vast increase of meaningful information we could obtain by increasing the sheer number of sensors and the analytical methodologies of Big Data and the latest visualization tools for working with that data. The central axiom of the IIoT is that this information will be used to operate plants and even entire enterprises much more profitably.

There are some obvious problems with this axiom, It is pretty glaring that you have to collect the right information. It doesn’t help to add 100 or 1000 sensors to a process if the values of those sensors aren’t critical information. The problems don’t stop there.

We have pointed out before that the cost of sensors must decrease dramatically be- fore the IIoT can become a reality. I remember hearing a friend from Shell saying that if they needed a measurement, they’d be willing to pay for it. The flip side of that is that if the cost of making those measurements goes down substantially, the impetus for needing the measurement goes up.

But the real issue that IIoT boosters don’t want to talk about is security.
There are two basic schools of thought about IIoT security. One is that nobody would try to penetrate a network through its edge devices. The other is that the problem is so large that it is basically unsolvable, so who cares.

The first school of thought is the same old “security by obscurity” nonsense. Our concepts of cyber security have been formed by network-centric security experts. There have been some lonely security researchers, like Joe Weiss, and others like the INSIDER who have been pointing this bias out for years. And for years, we have noticed a steadily growing number of “security researchers” at Blackhat and other gatherings, who have concentrated their research on network penetration through the sensor network.

The other school of thought is much more pervasive and even more insidious. This claim is the reason that there is always the next patch coming out for software. You can’t solve the problem because there are always smarter black hats.

Somehow, it seems to us, that both schools of thought are missing the point. Which is that if the potential users of the Industrial Internet of Things see that from a cost-benefit viewpoint the potential loss from an attack far outweighs the potential gain from all that beautiful information, adoption of the IIoT will stall.

We are already seeing this in the commercial IoT world. Sales of Nest thermostats and household control systems have stalled. People are concerned. Now, with the latest revelations about inherent design flaws in Intel, AMD, and other processor chips, they are becoming frightened. All they can see to do is to pray that nobody ever attacks them. And we see the same fear in the industrial space.
So, if the IIoT is to be a success, we have to focus on two things. First and foremost, we need to make security inherent in every de- vice and the firmware and software that runs on them, from field sensor to process controller to MES and ERP systems.

And, second, we need to focus on providing the right information at the right time, or there will be no value add with the IIoT.
End users vote with their feet, and their dollars, pounds, euros, pesos and yuan. For all the ballyhooed new IIoT centric plants, there are dozens more built to the old standards, because we are sure that they work, and the perceived risk is less.

Change the risk and the IIoT will grow to its potential.

If you liked this content, and want to see more, visit http://www.spitzerandboyes.com/insider to subscribe.

 

HIMA talks SIS Cyber

Insiderlogo3HIMA, the largest independent safety instrumented system manufacturer, today released this press release:

(Houston, TX, January 11, 2018)

In late 2017 the ICS cybersecurity specialist Dragos announced that a safety controller (SIS) of a HIMA competitor in a process facility in the Middle East had been targeted by a new malware attack and successfully hacked. The SIS was compromised, leading to a shutdown of the facility. The professional execution of the attack again clearly shows that facility operators need to take the subject of cybersecurity very seriously. HIMA, a leading global independent vendor of smart safety solutions for the process industry, therefore offers to provide expert consulting on the subject of cybersecurity in safety-critical systems.

The above-mentioned cyberattack represents a new dimension of cyber threats to critical infrastructure. According to current knowledge, it was specifically planned and designed to target the SIS of a particular manufacturer. This sort of attack on a SIS, the first ever seen worldwide, is very sophisticated and only possible with significant effort.

Dr Alexander Horch, Vice President Research, Development & Product Management at HIMA, comments: “The incident with our competitor should serve as a wake-up call for all of us and further enhance awareness of the subject of cybersecurity in the industry. Work processes and organizational deficiencies are by far the most common areas of vulnerability for successful cyberattacks. System interfaces that remain open during operation and can be used to program the systems concerned, for example, give attackers a potential point of access. We urgently advise facility operators to not rely solely on cyber safe components, but instead to establish a comprehensive security concept for their own facilities.”

To achieve maximum safety and security, it is especially important for facility operators to implement the requirements of the standards for functional safety and automation security (IEC 61511 and IEC 62443) for physical separation between process control systems and safety and security systems.

In addition to providing automation solutions conforming to relevant national and international standards, HIMA supports plant engineers and operators in developing security concepts for the entire life cycle.
“For facility operators it is important to constantly keep an eye on potential forms of manipulation. In this regard, safety-critical applications are fundamentally different from other industrial PLC or office applications. Considerable expertise is necessary to ensure cybersecurity in safety applications. Maintaining and constantly refining security often poses a challenge to facility operators. It is therefore advisable to draw on the services of experienced safety and security experts in order to jointly develop and implement effective concepts”, says Heiko Schween, a security expert at HIMA.

Happy Holidays!

Insiderlogo3The staff of the INSIDER and Spitzer and Boyes LLC want to wish you all Happy Holidays, whichever tradition you follow. May your holidays be merry, and may your next year be better than this one. We hope your lives are filled with love and plenty, and your families be happy and secure.

With All Our Best Wishes!

 

 

Schneider Releases Triconex Malware Advisory

Insiderlogo3From the Schneider Electric announcement:
Malware Discovered Affecting Triconex Safety Controllers V1.1 December 14, 2017
Overview
____________________________________________________________________________
Schneider Electric is aware of a directed incident affecting a single customer’s Triconex Tricon safety shutdown system.
____________________________________________________________________________
We are working closely with our customer, independent cybersecurity organizations and ICS- CERT to investigate and mitigate the risks of this type of attack. While evidence suggests this was an isolated incident and not due to a vulnerability in the Triconex system or its program code, we continue to investigate whether there are additional attack vectors. It is important to note that in this instance, the Triconex system responded appropriately, safely shutting down plant operations. No harm was incurred by the customer or the environment.
Triconex user documentation contains detailed security guidelines and recommendations on how to protect Triconex systems from attack. We strongly encourage all our customers to follow these recommendations regarding product use and security, as well as apply and follow industry-recognized cybersecurity best practices at all times to protect their installations:
• Ensure the cybersecurity features in Triconex solutions are always enabled;
• Never leave the front panel key position in the “Program” mode when not actively
configuring the controller;
• And ensure all TriStation terminals, safety controllers and the safety network are isolated
from the rest of the plant communication channels.
Also, review and assess your site’s cyber preparedness. Schneider Electric is a proponent of the NIST Cyber Security Framework and is ready to assist should this be necessary.
The Schneider Electric Product Security Office continues to work with ICS-CERT and will update this advisory as more information becomes available.
Details
The modules of this malware are designed to disrupt Triconex safety controllers, which are used widely in critical infrastructure. The malware requires the keyswitch to be in the “PROGRAM” mode in order to deliver its payload. Among others, the reported malware has the capability to scan and map the industrial control system environment to provide reconnaissance and issue commands directly to Tricon safety controllers.

Emerson Acquires New Temperature Company

Insiderlogo3No, not Emerson Automation Solutions, it’s Emerson Commercial and Residential Solutions. It is automation, just not process. This is an example of the pervasiveness of automation, and how the Industrial Internet of Things can be applied to supply chain management, including preservation ing the cold chain.

This is more important than it sounds. Here’s a simple example. Years ago, Haagen Dazs ice cream wanted to extend distribution to the West Coast. The attempt almost failed. The ice cream tasted terrible when it got to LA and San Francisco. Finally, Ball Datatrace encapsulated temperature dataloggers were inserted directly into the ice cream containers. What was happening was that the truckers were turning off the reefers to save money on fuel. So the ice cream melted and re-froze. Yuk! Preserving the cold chain was critical to their business expansion.

From the article in the St. Louis Business Journal:

Emerson is acquiring Cooper-Atkins, a manufacturer of temperature management devices for the foodservice, healthcare and industrial markets.

Middlefield, Connecticut-based Cooper-Atkins makes automated temperature management and monitoring products for restaurants, supermarkets and other establishments that prepare and store food. The company’s offerings will complement Emerson’s existing global cold chain business, which includes its ProAct Services portfolio for supermarkets and Cargo Solutions business for tracking perishable cargo.

Terms of the deal were not disclosed.

Major Cyber Attack on SIS Systems–and we told you so!

Insiderlogo3The late Bob Adamski didn’t live to see his prediction from the early 2000s come true, but it has. Here are some of the reports:

From FireEye, on 12/14/17:

Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure

And on 12/15,

New TRITON ICS Malware is Bold and Important

Bob and I, and Joe Weiss, have been continuously predicting this development since at least 2004. Yet it is now 2017, and the systems are still vulnerable. This is stupid.

Although the attack apparently only accidentally shut down the plant, during a search for operational data, the attack could have easily been used to destroy the plant utterly by spoofing the SIS system and using it to cause extremely unsafe conditions leading to catastrophic accidents.

At some point, somebody has to be willing to recognize how fragile OT systems are, really, and how easily they can be disrupted. It is said that our civilization is three days from anarchy. The late Dr. Jerry Pournelle, inventor of the Star Wars Defense for Ronald Reagan, said we were three weeks from cannibalism if the lights went out and stayed out.

This is seriously dangerous, folks, and I am tired, and Joe Weiss is tired, and Bob Adamski was tired before he died, of being told we are fear-mongering. We aren’t. And now we can prove it.

 

 

 

Nobody Is Doing Anything About Cyber Security

Insiderlogo3At the INSIDER we’ve been saying this for years. The adoption of even basic cyber security actions in the industrial space is very low. Many companies believe that they are “pretty safe” because they are relatively obscure. But I recall a conversation with the head of IT of a regional potato chip company about 7 or 8 years ago: “I never thought anybody would cyber attack us. We make potato chips, for God’s sake.”

Honeywell, which has maintained a very high emphasis on cyber security in the industrial environment for over a decade now, sponsored a report by LNS Research on adoption of cyber security practices.

Here’s the press release with the study’s findings. All we can say is, “Wake up, people!”

The issue has gone beyond lack of knowledge. As Joy Ward, Spitzer and Boyes LLC’s director of research says, if you put together a good intellectual argument, and nobody is buying, you are looking at high emotional barriers. She recommends doing some serious qualitative research to determine what those barriers are, so that the intellectual argument can be adjusted and become effective.

Either that, or we need to prepare for a cyber disaster of enormous proportions.

 

HONEYWELL SURVEY SHOWS LOW ADOPTION OF INDUSTRIAL CYBER SECURITY MEASURES

Almost two thirds of surveyed companies don’t monitor for suspicious behavior

HOUSTON, December 6, 2017 – Honeywell (NYSE: HON) today released a new study showing industrial companies are not moving quickly to adopt cyber security measures to protect their data and operations, even as attacks have increased around the globe.
The survey – Putting Industrial Cyber Security at the Top of the CEO Agenda – was conducted by LNS Research and sponsored by Honeywell. It polled 130 strategic decision makers from industrial companies about their approach to the Industrial Internet of Things (IIoT), and their use of industrial cyber security technologies and practices. Among the findings were:
• More than half of respondents reported working in an industrial facility that already has had a cyber security breach.
• 45% of the responding companies still do not have an accountable enterprise leader for cyber security.
• Only 37% are monitoring for suspicious behavior.
• Although many companies are conducting regular risk assessments, 20% are not doing them at all.
“Decision makers are more aware of threats and some progress has been made to address them, but this report reinforces that cyber security fundamentals haven’t been adopted by a significant portion of the industrial community,” said Jeff Zindel, vice president and general manager, Honeywell Industrial Cyber Security. “In order to take advantage of the tremendous benefits of industrial digital transformation and IIoT, companies must improve their cyber security defenses and adapt to the heightened threat landscape now.”
The study suggests these three immediate actions for any industrial organization to capture the value of the new technologies:
1. Making industrial cyber security part of digital transformation strategies;
2. Driving best practice adoption across people, processes and technology, from access controls to risk monitoring, and tap external cyber expertise to fill gaps
3. Focusing on empowering leaders and building an organizational structure that breaks down the silos between IT and OT.
“Cyber security needs to be part of every CEO’s agenda to ensure the effective, immediate and long-term deployment of strategies and technologies such as IIoT,” said Matthew Littlefield, president and principal analyst, LNS Research. “In short, in order for a business to succeed on its digital transformation journey, it needs to succeed with industrial cyber security.”
LNS Research is a global leader in research and advisory for digital transformation of industry, delivering technology insights for business executives. Its analysts focus on identifying the metrics, leadership, business process, and technology capabilities effecting change.
​Honeywell’s industrial cyber security technologies and expertise address many of the issues identified in the LNS Research study. For more information, please visit https://hwll.co/uhrgs and www.becybersecure.com.

 

Dick Morley’s Obituary…from the pages of the INSIDER

Insiderlogo3My editorial this month in the Industrial Automation and Process Control INSIDER(TM) is an homage to my friend Dick Morley.

Dick Morley loved his Harley. He rode until he was forced by ill health to give it up in his mid – 70s. He told me that after he dropped out of MIT because he didn’t want to learn German, he went down to Brooklyn and got a job as a bouncer in a biker bar. He had a rare genetic mutation that made him not feel pain. So he could go after big bikers fearlessly. He said he met his wife, Shirley, there. “She was a real biker chick,” he said. Together, he and Shirley raised their own and over 35 foster children. When she passed, it was clear to his friends that Dick had lost the will to live.

But what a life he led. You’d think that the man who invented the floppy disk, the handheld terminal, zone building HVAC, was the father of the PLC, and created the people mover for Detroit and Disney World, among the more than 100 patents he held, would be a household name, but Dick was a surprisingly private individual who didn’t really want or enjoy credit for all that, and the limelight. So names like Bill Gates and Steve Jobs became famous, while Dick Morley just went on inventing.

linked (his and hers) choco- late. He was working in his last years with several Chinese firms who were trying to use stem cells to cure cancer. He said they were very close, too.

Dick and Shirley, and Odo Struger (of Allen – Bradley) and his wife were skiing buddies. I’m sure that the ideas that led to the Modicon PLC were discussed on the chairlift and in the lodge in the evening. But Dick hated long lift lines. He went to his boss and said, I want to work Wednesday through Sunday, please. His boss said, “No, and why aren’t you wearing a necktie?” Dick, as you might guess, quit on the spot.

Shirley told him they had about six months’ savings, so he’d better invent something good, quickly. Bedford Associates was born and started doing work in programming for CNC machines. One night, Dick said, he got drunk and the concept of the PLC came to him as if in a dream.

“It was always a computer,” Dick told me, “but we had to call it something else so that the plant floor electricians would be allowed to operate it. So we called it a PLC, and we programmed it in ladder logic, which most of the electricians knew.”

Ladder logic is the most widely used industrial programming language to this day, and his other brainchild, Modbus, may be the oldest network protocol in common use. They were simple, elegant, easy to use, easy to learn to use, and very powerful…all hallmarks of the Morley touch.

If Dick thought you were worthy of it, he’d talk to you for hours. I loved spending time with him in his later years, listening to his stories, and his no – nonsense theories about manufac- turing. For example, he believed that the prop- er ratio of engineers to sales people was about 10 sales people to every engineer.

Very different beliefs than most entrepreneurs.

Dick on his Harley, with his famous Javahoe remotely operated backhoe.

He and his friend Jim Pinto spent years as angel investors, specializing in helping young inventors be successful. And he always made sure that there were a couple of young entre- preneurs at the annual Geek Pride Day at his barn in New Hampshire.

Some of Dick’s friends are planning a memorial Geek Pride Day next June in his memory. If you are interested in being part of the planning, let me know.

Dick was a good friend, a brilliant and unconventional mind, and a very great man. I will, we all will, miss him very much.

Farewell to MIT’s most famous drop – out. May your Harley ever run sweet, Dick.

If you like content like this, you should subscribe to the INSIDER. Visit http://www.spitzerandboyes.com/insider to subscribe.

Help a Saint Louis FLL (Lego League) Team Do Research!

I received this from the coach of the FLL team:

Phil Speth, Shaw

Please send this far and wide. It isn’t just for St. Louis, but anyone who can take the survey.

Our Lego Team needs your help.
Our 4th Grade Lego Team is looking at how we dispose of medicines.
This year in FLL (Lego Robotics) we are all about our water. One BIG!! problem is the incredible amount of medicines that end up in our water system. To get to the heart of this problem our kids decided to send out a survey to help us all understand the problem and ask everyone to help us do better.

Please take 1 minute to take our survey!! Thanks
https://goo.gl/forms/jAL2v3nunsmzSDws1

Medication Disposal Survey
We are a team of 3rd and 4th graders from SMOS and LPA schools. Our FIRST Lego League team has spent the semester studying Hydrodynamics, building robots, and learning about water. For our final project, we are collecting information from our community. All of your information will be kept anonymous. Thank you for helping us!