S
AFETY
& S
ECURITY
July 2013
14
n
The networking of machinery and equipment
results in new options for the IT integration
of processes, not only for remote services
across wide area connections but also in new
challenges in the area of cyber security. Solu-
tions with dedicated security devices are ad-
vantageous in that they physically separate the
actual functionality of a system from its pro-
tective security measures, avoiding mutual
side-effects and allowing independent devel-
opment of both by respective specialists. Yet
their deployment often fails due to the addi-
tional hardware needs and cost restrictions.
At the same time, the price-performance ratio
of processors, memory, and peripheral com-
ponents keeps constantly improving (Moore’s
law). This gives rise to a shift from specialized
hardware to software functions on a common
platform, limited by the necessary degree of
modularization to cope with technical risks
and enable the integration of subsystems from
different suppliers. Virtualization is the key to
combine the cost savings of advanced hardware
consolidation with such a modular design.
This leads to the concept of virtual security
appliances for industrial automation.
Virtualization of both client and server systems
is state-of-the-art technology in enterprise IT
today. Typically, the virtual systems are operated
on a server farm in the network. The provision
and coordinated operation of multiple virtual
machines on a shared hardware are effected
by a layer of software called hypervisor or vir-
tual macine manager. Two types of hypervisors
and two approaches to virtualization are usually
distinguished. Type 1 hypervisors run directly
on the bare hardware and only coordinate the
available hardware resources. Type 2 hypervi-
sors run as applications in a host system. The
achievable performance is reduced by the ad-
ditional operating system layer.
The hardware virtualization approach presents
each original guest system with a complete
(simulated) computer of its own. The unmod-
ified guest system is run with its own time-
slice scheduler not being aware of the virtual-
ized environment which typically prevents
real-time capability. Depending on platform
and implementation, the guest system may
have direct access to (parts of) the underlying
hardware components. Other components may
be completely simulated, requiring a fairly
complex hypervisor or a hardware platform
with virtualization support. Guest system per-
formance can be equivalent to a stand-alone
system as long as no I/O operations are per-
formed via simulated components.
Under the para-virtualization approach in con-
trast, the guest systems need to be modified
for better cooperation with the respective hy-
pervisor. Time-slice and memory management
can be more tightly integrated and real-time
capability thus be achieved. The internal com-
munication between guest systems or guest
system and hypervisor is carried out through
efficient specialized interfaces.
In industrial automation and control however,
the requirements are different from those in
enterprise IT. The systems deployed here run
on dedicated hardware with little or no operator
intervention. Controller components typically
have real-time requirements whereas human-
machine interfaces (HMIs) are mostly appli-
cations on a Windows operating system. In
this environment, embedded virtualization
taking a hybrid approach and combining native
Windows installations with additional unmod-
ified guest systems on a thoroughly partitioned
multi-core PC platform with virtualization
support is of particular value.
Under the HyperSecured concept developed
by Innominate, automation components such
as an HMI or controller and a virtual mGuard
security appliance are integrated onto a single
hardware by means of an embedded virtual
machine manager. This provides the automa-
tion components with all the benefits of an
upstream security appliance at reduced hard-
ware cost. The automation components can
thus be efficiently protected from unauthorized
access and malware attacks. With their Hyper-
Embedded virtualization and cyber
security for industrial automation
By Torsten Rössel,
Innominate
Industrial controllers and
HMIs mostly lack protective
functions for their IT and
network security. Upstream
security appliances with
dedicated hardware could
provide an add-on solution.
But cost pressure and the
ever-increasing processing power
of CPUs result in
a demand for hardware
consolidation, meaning
virtualization is about to make
inroads into industrial automation.
Figure 1. Typical off-the-shelf
IPC that can be hypersecured.
1...,4,5,6,7,8,9,10,11,12,13 15,16,17,18,19,20,21,22,23,24,...76