CERN seeking secure COTS controls, networking for collider
Scheduled to switch on in 2007, LHC is a particle accelerator that will probe deeper into matter than ever before. It will collide beams of protons with an energy level of 14 TeV. Beams containing lead nuclei also will be accelerated, and smashed together with collision energy of 1,150 TeV. A unit of energy used in particle physics, 1 TeV is approximately the energy of motion equivalent of a flying mosquito. LHC will squeeze this energy into a space about one trillion times smaller than that mosquito.
The Internet, which CERN helped invent, also will be used to give physicists and others remote access to LHC’s capabilities and resulting data. To make this access secure, CERN has evaluated dozens of control and networking devices to achieve a “defense-in-depth” strategy that provides security at each level, including PLCs and other devices, firmware, hardware connections, network protocols, software and third-party software, as well as requiring cooperation by users, developers, and manufacturers.
Stefan Lüders, cybersecurity coordinator of control systems at CERN IT’s controls group, reported at the Process Control Systems Forum’s (PCSF) meeting earlier this year that CERN used Nessus5 and Netwox6 software to test the security resilience of 25 devices, mostly PLCs, from seven manufacturers as part of its Teststand on Control System Security (TOCSSiC) program. Though the PLCs were minimally configured and running idle, only 68% passed Netwox’s test, and only 57% passed Nessus’ test, usually due to communication failures, system crashes, and unprotected servers.
To improve security, CERN has initiated its SCADA Honeynet project to examine malformed data packets and other problematic traffic on its network, and emulate several PLCs to avoid compromising, implement network authorization mechanisms, and generally make industrial security a key ingredient of CERN’s controls and networking.