It seems like there is a data breach every day now: Facebook, 50 million records; Anthem Blue Cross, 80 million; Adobe Systems, 152 million; Google, 500,000 (what pikers they are). Even the US Government personnel service was hacked. The list is long and illustrious.
I am reminded of something that General John Kelly said at a conference a while back.
- If you think your manufacturing system hasn’t been hacked, YOU’RE WRONG
- If you think you can prevent your manufacturing system from being hacked, YOU’RE WRONG
- All you can do is to identify your core processes and take them offline
He went on to say that there are nation states, with endless amounts of money and very talented people, that spend all day long probing for holes in your manufacturing system. They don’t exploit them, they just catalog them for later use, if needed.
That was all pretty incredible coming from the guy that was Director of Homeland Security at the time. You’d think he’d know what he’s talking about.
Manufacturing security is now a big issue in corporate boardrooms. The C-suite guys and gals know that a hack could seriously damage them. It’s one thing to get hacked if you’re making Slinkys (I love Slinkys) but it’s another if you’re DuPont. Remotely open the right (wrong) valves and you lose not only the plant but a lot of the city.
Anyone remember what happened in Bhopal, India on December 2, 1984? Over 500,000 people were exposed to methyl isocyanate (MIC) gas. It was the worst industrial disaster in the history of manufacturing. It’s scary to think that a hacker might cause a disaster like that deliberately.
Cyber security is a real threat, and we need to be concerned about it. But that doesn’t mean we have to engage in silliness. And that’s what I think about the effort to add security to Modbus. Yes, that’s right, there is an effort to add security to Modbus. It’s ridiculous in my opinion for any number of reasons:
- Will a customer running a Modbus network decide to upgrade the network to Secure Modbus or, if they do have a budget for an upgrade, will they simply choose another, more secure, more functional network like OPC UA?
- Modbus and Modbus TCP are old technologies. Modbus lacks a usable data model, has only two data types, no ability to provide any meta data and a master/slave architecture in a world that is rapidly moving to publish/subscribe. Why would customers choose to keep that?
- Even if you do add Modbus Security, what are the chances that all the Modbus devices in your network are going to have the new technology. Likely, most of those Modbus devices are so old they are verging on obsolete and can’t be updated. What good is it to partially protect a network?
- If you have a Modbus chart recorder that is obsolete, what are the chances of finding a similar chart recorder with Modbus Security? Will a vendor want to invest time, resources and funds to add security to devices like that old Modbus chart recorder that they already consider obsolete?
I could go on, but you get the idea. If you need to secure Modbus data use a Modbus/OPC UA gateway on every Modbus node. You can pass Modbus commands through that gateway, have them secured by the OPC UA infrastructure and turned back into OPC UA at the other end.
Modbus with security is an idea whose time has not come. But if it intrigues you, you can find out more about it on the Modbus.org website.