Bedrock Automation The Company 2 Bedrock Automation Bedrock
Bedrock Automation The Company 2
Bedrock Automation § Bedrock Automation - Incorporated October, 2013 § A subsidiary of Maxim Integrated (Nasdaq: MXIM 1983) § Engineering and management team with + 200 man years of ICS and semiconductor experience § 75 global patents filed § Strategic Technology Partners, example § § § 3 Green Hills Software - Incorporated 1981 Largest embedded software security company + 25 existing industrial control customers + 250 man years of embedded security experience Global presence
Bedrock. TM The System 4
Started with a blank sheet of paper… 5
Simple, Scalable, Secure. TM 6
Lowest Lifecycle Cost Advanced Technology for Platform Unification Embedded Cyber Security 7
Platform Unity PLC SCADA RTU Safety System DCS Bedrock™ Low High Medium Lowest Total Cost to Own Required Embedded Single Triple or Quad Si. L II, III and IV Single or Dual Single, Dual or Triple All Types Low Perf. All Types Medium Perf. All Types High Perf. Software Defined, Extreme Performance Control Network 10/100 Enet Wide Area Networks 10/100 Enet Cyber Secured Gbit Ethernet Control Loop Response 1 - 100 msec 1000 msec 100 - 500 msec 250 1000 msec < 5 msec Cost Cyber Security Redundancy I/O 8
Bedrock. TM Backplane Module Interconnect Secure Power Module 9 Secure Control Module Secure Input/Output Module
Backplane Module Interconnect - BMI • Radical patented electromagnetic interconnect improves reliability, performance, cost, security • No I/O module pins • Sealed all metal construction • Patented 4 Gbit parallel redundant communication topology and redundant power topology called Black Fabric Power 10 Controller Input Output
Secure Input/Output - SIO Backplane Power Controller • BMI power and communication without pins • Software defined Virtual Marshalling • Single/Dual/Triple redundancy • Layered and embedded security • Extreme galvanic Isolation, 1200 v Ct. C, 1500 v Ct. G • Extreme performance; speed, accuracy, temperature, isolation, density, SOE • Single universal cable for I/O terminations 12
Introducing! SIOU. 10 § AI/AO/DI/DO/Pulse/NAMUR § AO and DO Readback § Hart 7 I/O Modem every channel redefined Automation redefined ! § Single Dual Triple Redundant § Cyber Secure
Introducing the Universal I/O Cable 180 Degree One. Rotation 14
I/O Module and Cable Management 15
Secure Power Module - SPM Backplane • Universal AC/DC input + DC out • Backplane coupled with advanced diagnostics • Redundant and cyber secure • No fans and extreme reliability • Available directly-coupled lithium polymer UPS 16 Controller Input Output
Secure Controller Module - SCC • Universal controller for all control modes: Continuous, Ladder, SFC, MVC and User Defined Applications • Deeply embedded cyber security • Extreme speed and robustness • Advanced redundancy Backplane Power 17 • Advanced diagnostics Input Output
Lithium UPS - UPS 500 Backplane • 12 a. H capacity with 24 VDC output • Advanced lithium ion battery chemistry • Sealed all metal NEMA 4 X construction for remote mounting and extreme robustness • Cyber secure ARM processor with embedded 10/100 Ethernet communications • Embedded OPC UA Server • Advanced diagnostics 18 Controller Input Output
Secure Power Supply - SPS 500 Backplane • 500 W field mounted 24 VDC power supply • Sealed all metal NEMA 4 X construction for remote mounting and extreme robustness • Universal AC input with 24 VDC output • Cyber secure ARM processor with embedded 10/100 Ethernet communications • Embedded OPC UA Server • Advanced diagnostics 19 Controller Input Output
Extensive Testing Completed § UL Listed – E 362245 § § Class I Groups A-D, Division II IEC 60068 § 60068 -X-X Vibration, Relative Humidity, Cold and Dry Heat, Temp Shock, Drop, Shock Operating and Non Operating § Functional and Calibration Testing § CE Testing to EMC Directive 89/336 20 § EN 00 XX – 2 Emission, Immunity § IEC 61000 -4 X ESD, RFI, EFT/Burst, Surge, Conducted
Ongoing Testing and Certification § ISA Secure (IEC 62443) § GE/Wurldtech L 1 and L 2 § IEC 61508 Si. L II § Advanced HALT – stress to failure § Large scale system – continued regression § EMP 21
Bedrock IDE (Integrated Development Environment) • • • Based on CODESYS Developed from the ground-up Easy to learn and use Supports all IEC-61131 languages Broad user-base from microcontrollers to DCS Systems Leverages latest software environment technology Wealth of 3 rd party applications and libraries available More than 700, 000 licenses issued in 2013 Object Oriented Programming Extensions 22
Cyber Security 23
Status Quo 24
What if? 25
Russia a ttacks U . S. oil an audi S d e k c a t t A t rus tha i V n o o m to Date a s h u S o r e g n a D e Most h t s i o c m a r A Next generatio d gas co n Stuxnet worm at Greater s a G d n a il O. U. S Attacks Risk for Cyber mpanie s in mas in the works, s sive hac ays Iran news a k gency Flame: Massiv e cyber-attack discovered, researchers s ay tage Threat o b a S r e d n U s ie n ergy Compa n E rn te s e W : y fl n Drago S ompromises U c Hacker group companies y g r e n a e p and Euro Over 70% of energy and financial firm say cyberat s tacks comin g w ithin 12 months 26
“The only truly secure way to protect Industrial Control Systems is to embed security in the foundation, namely in the controller itself which requires a complete rethinking of how to architect and build Industrial Control Systems. Based on my review, Bedrock has rethought the architecture from a clean sheet of paper and embedded the security. ” Joe Weiss, ISA Fellow and author of Protecting Industrial Control Systems From Electronic Threats 27
Cyber Threats • • • 28 Viruses Worms Logic bombs Cloned devices Cloned software Operators Maintenance Engineering Bad code Do. S attacks Client Management Computers Networks Controllers Sensors/Actuators
Defense in Depth Across Security Domains Product Security Domain - Hardware Firmware OS Applications Manufacturing Security Domain - Contract Mfg Chip Providers Board Providers Test Houses ISVs Operations Security Domain - Networks Users Administrators Hackers Security Must Exist in All Domains 29
Bedrock Cyber Security 30
Compare Bedrock System Today’s Industrial Control Systems Secure OS Yes No Authenticated Modules Yes No Authenticated Software Yes No Authenticated Supply Chain Yes No Secure Remote Updates Yes No Authenticated Messages Yes No Anti-counterfeit protection Yes No Security Element 31
Life Cycle Cost 32
Bedrock Reduces Cost in All Areas System Engineering Cyber Security Life Cycle Cost Management Installation Maintenance Commissioning 33
System Perpetual Non-Obsolescence. . for Reduced Cost The Problem: § Component lifecycles span years while product lifecycles span decades § Component companies adversely affect product companies The Bedrock Solution: § Component company is the product company § Perpetual Non-Obsolescence possible with advanced component lifecycle management 34
Engineering System Engineering. . for Reduced Cost § I/O is installed, terminated and software configured in the field § Eliminating junction boxes reduces cable termination requirements § Reduced construction project BOM simplifies design requirements § Loop diagrams can be eliminated Engineering is reduced by 33% 35
Platform Unity Installation . . for Reduced Cost Type An example system IO Count Description AI (2 -wire) 40 4 -20 m. A GI AI (4 -wire) 24 4 -20 m. A Isolated AO 32 4 -20 m. A Isolated DI 72 120 VAC DO 40 120 VAC System Cabinets DCS PLC BEDROCK Improvement Bill of Material Count 71 60 47 28% Cabinet Volume (ft 3) 90 90 18 87% $19, 800 $21, 100 $5, 500 73% Installation Cost Installation cost is reduced by 73% 36
Universal Configurability Commissioning . . for Reduced Cost § Confirm assets against design criteria, accelerate construction completion, turnover and startup § Issue control panels for fabrication and installation prior to completing engineering § Reduce control system commissioning spares § Reduce the impact of late design changes § Simplify the documentation and red-line processes I/O universality 37 reduces cost & startup time
Maintenance Platform Unity. . for Reduced Cost Module Typical ICS BEDROCK Improvement Analog I/O 15 1 93% Contact Input 17 1 94% Contact Output 18 1 94% Power Supplies Multiple 1 >50% System Cables Many 1 >80% Module types reduced by >90% 38
Embedded Security Cyber Security . . for Reduced Cost Solutions OEMs Bedrock Assessment $ To Do By Design Remediate $ To Do By Design Manage $ To Do By Design Assure $ To Do By Design Application Whitelisting $ To Do By Design IP and Counterfeiting Theft Protection X Military and Aerospace Technology X Transparent to the User X 39 ICS Supplier Security offerings require § Service and support ($) § Implementation resources ($) § Additional training & monitoring ($) = Added Cost & Time Bedrock Cyber Security is embedded into the processors, memory, communication, interconnections, backplane and package technology at no extra cost
Solutions Summary Bedrock. TM Solutions Industry Challenges Maintenance and inventory Repair cycle and End Of Life (EOL) Complex installation Hardware defined functionality Cost Security § Accelerated cyber attacks § Compromised IP § Compromised infrastructure § Layered and embedded cyber security § Authenticated and secured IP § Secured infrastructure Safety § Outdated technologies § Fragmented systems § Advanced technologies § Unified systems § § Reliability § § 40 Bent pins, cable failure Complicated configurations Environmental wear and failures Fragmented platforms § § Extreme reduction in module types High reliability and non obsolescence Easy installation Software defined functionality § § § § No IO pins, reduced failure modes Simplified system configurations Extremely rugged design Unified platform
Unique Features That Improve Automation or Reduce Cost Unified automation platform, ideally suited to PLC, DCS and RTU applications Electromagnetic backplane for maximum robustness and security Digital and physical cyber security embedded in the platform Automation engineered to it’s simplest and most elegant functions Perpetual non obsolescence to address primary lifecycle cost issue Fiber control and I/O networks for maximum distribution flexibility All metal construction for highest environmental and cyber protection Advanced technologies and massively integrated semiconductor component designs for performance, 41
Thank You
- Slides: 42