Eric J Byres

Eric J Byres
aDolus Inc.

BASc, P.Eng.

About

64
Publications
21,034
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
996
Citations

Publications

Publications (64)
Patent
Full-text available
Methods, devices, and systems that may be used to secure networked devices are provided. One method includes receiving, at a security device, encrypted configuration data from a management server connected to a data network, from packets addressed to a networked device. The method further includes managing, by the security device, packets between t...
Article
As part of this special issue on control systems for the energy sector, guest editors Sean Peisert and Jonathan Margulies put together a roundtable discussion so readers can learn about the security challenges facing the industrial control system/SCADA world from those who are on the front lines. The discussion touches on some of the hard problems...
Article
Over the past decade, cybersecurity-related events have become an increasing problem for the oil and gas industry. The advances in industrial control systems (ICS) have made pipeline systems accessible through Internet-based technologies and tools. With the increasing connectivity of SCADA and ICS, and a library of free tools to attack ICS products...
Article
Attempting to use isolation as a security strategy for critical systems is unrealistic in an increasingly connected world.
Article
Anyone working with SCADA or industrial control systems (ICS) in the oil and gas industry is aware of the pressure to increase productivity and reduce costs through network integration. The demand for remote support has made many pipeline control systems accessible via Internet-based technologies. At the same time, SCADA systems themselves have cha...
Article
Full-text available
New network and PC-based technologies introduced into control systems have provided tremendous improvements in plant performance and productivity. In 2010, the Stuxnet malware showed us sophisticated viruses targeted at industrial processes exist and are likely to be more common in the future. The impact of these two trends will be to increase the...
Article
The Stuxnet worm that targeted Siemens HMI and PLC systems highlighted the fact that designing a good cyber defense for SCADA or process control system was insufficient to prevent such worms from attacking these systems. It was revealed that this worm was designed to let an outsider gain unauthorized access to control systems using the most widely...
Article
Control systems can no longer rely on security through obscurity. Instead, they need the same protection against network attacks and vulnerabilities that have long plagued enterprise IT system. Based on the ANSI/ISA 99 and IEC 62443 standards, key automation and control devices should be grouped into zones that share common security level requireme...
Article
Full-text available
OLE (Object Linking and Embedding) for Process Control (OPC) is the original name for a set of specifications developed in 1996 for industrial automation integration. Because OPC servers are free to use any port between 1024 and 65535, OPC becomes very firewall unfriendly. Configuring an IT firewall to leave such a wide range of ports open presents...
Article
Several companies are placing increased interest in the recognition of the similarities between industrial safety and security lifecycles and the integration of the two to achieve improvements and efficiencies in their functions. Safety and security in any industry are highly related as a weakness in security creates increased risk, which results i...
Article
Internal surveys at several major oil companies indicated that managers often misunderstand the situation they face when it comes to SCADA security. Many believe that the IT group automatically looks after SCADA security as well. Many managers also assume that all cyber security problems arise from outside the company premises, generally from hacke...
Article
Some of the significant factors that need to be considered for a secure and reliable SCADA and control system for hydrocarbon processing industry, are discussed. A reliable security system can ensure the functionality of control system for smooth production process. Industry need to install a right and efficient IT firewall with proper configuratio...
Article
These are few of the most important steps that the chemical industry needs to take if it's going to effectively protect itself from cyber attack. Many chemical industry managers find the number and variety of pathways into their control systems hard to believe. An analysis of 75 control-system security incidents between 2002 and 2007 showed that mo...
Article
The Jericho Forum membership, which includes the senior management of some of the largest corporations in the world, propose a security architecture called de-perimeterization. The single firewall model is not used by the corporate internet, due to a dangerous single point of failure that allows the hackers to break through it, leaving the entire s...
Article
The shared components, protocols, and manufacturers have created greater synergy, lower costs, and freer access to information for both Information Technology (IT) and Industrial Control (IC) members. The IT department has hired consultants to scan all the corporate computer systems for possible security threats so that the risks from software bugs...
Article
IT departments make their best efforts to secure the overall network and expects that each device on the network is secure in its own right. They are sure that depending on a single firewall for all security protection is introducing a single point of failure into their system. The networks have become so complicated that it is difficult to find ou...
Article
Full-text available
Defence-in-depth security model is considered to be an effective cyber security model for securing refinery control systems. Defence-in-depth begins by creating a proper electronic perimeter around the control system, and the security perimeter for the control system is defined by effective policy and technology. The policy divided the overall syst...
Conference Paper
Full-text available
The ability to efficiently compare differing, security solutions for effectiveness is often considered lacking from a management perspective. To address this we propose a methodology for estimating the mean time-to-compromise (MTTC) of a target device or network as a comparative metric. A topological map of the target system is divided into attack...
Article
Full-text available
This article presented an overview of the security vulnerabilities of today's industrial control networks. These vulnerabilities exist despite abundant information, standards, and recommended practices published by such organizations as the IEC, IEEE, and ISA. While a good understanding of the issues is required to appreciate the problem, the good...
Article
OLE industrial standard based on the Microsoft Distributed Component Object Model (DCOM) interface of Remote Procedure Call (RPC), is being adopted for process control (OPC) on plant floor and business networks, to connect control networks with enterprise databases. OPC Unified Architecture (OPC-UA) is a new version of OPC based on protocols to rep...
Article
Many companies base their plant floor and SCADA security solutions on a single firewall between the business network and the control system network, while others depend on firewall security between business and the Internet to protect the control system. A typical IT-style firewall requires considerable expertise, such as programmable logic control...
Article
The need for the highest level of reliability for industrial communications networks which plays a critical role in today's control systems is discussed. Reliability requires both high availability and integrity of the system. A system that fails regularly can be as bad for production as a system that sends the wrong data. As long as there have bee...
Article
The need to increase security of commercial operating systems and office software to overcome computer related security concerns are discussed. The operating systems and personal computers will be attacked by hackers, viruses, and worms, which are increasing in the Information Technology (IT) sector if the systems are not protected regularly. Many...
Conference Paper
The use of firewalls between business and process control networks is often suggested as an ideal solution for plant floor cyber security. But research shows that few firewalls are properly configured and that many control system security incidents bypass the firewall. If firewalls are to be effective, guidance on how to deploy them in industrial s...
Conference Paper
Full-text available
Many automation and modernization programs are now employing Intranet/Internet technologies in industrial control strategies. The ensuing systems are a mixture of state-of-the-art and legacy installations and create challenges in the implementation and enforcement of security measures. Control system intrusions can cause environmental damage, safet...
Article
The ignorance of the control industry regarding security systems which has led to increased crbersecurity incidents is discussed. Failure to adapt to the changing threats and vulnerabilities can leave the control industry exposed to increasing cyber incidents. According to the control system manufacturers' side, supervisory control and data acquisi...
Article
Full-text available
Process control and SCADA systems, with their reliance on proprietary networks and hardware, have long been considered immune to the network attacks that have wreaked so much havoc on corporate information systems. Unfortunately, new research indicates this complacency is misplaced - the move to open standards such as Ethernet, TCP/IP and web techn...
Article
A report by British Columbia Institute of Technology indicate that nearly 70 percent of plant-floor security incidents come from external sources. Present day intrusions are more likely accomplished by means of dial-up modems, virtual private networks, or even someone bringing a diskette from home into the workplace. It is pointed that while many p...
Article
The role of information technology (IT) departments in the industrial settings is analyzed. It is observed that production unit and IT department in the industry mistrust and blame each other over security issues. It is pointed out that hackers and worms attempting to infiltrate the company systems are the main enemy of systems security in the indu...
Article
Full-text available
Protocol standards, particularly those for critical control systems in the petroleum and power industry, have traditionally been designed to address a specific application with little regard for security. At best, there has been only passing concern for security issues that may arise in deployment; at worst, protocol designers assume a closed (and...
Article
Standard is taking a more precise look at the security requirements for control systems. In process control, the edge device is far more important than a central host. Thus, standard architecture of commercial network security-the firewall protecting the server-may not be appropriate for industrial applications. Clearly industry needs some economic...
Article
Industrial control systems have seen a significant increase in the use of computer networks and related Internet technologies to transfer information from the plant floor to supervisory and business computer systems. Most industrial plants now use networked process historian servers to allow business users to access real-time data from distributed...
Article
In an ideal world, communications cabling for process control would be simple-buy all the computer, instrumentation, and electrical equipment from a single vendor, and connect it all together using a single cabling standard. But real life is never that simple; rarely are the programmable logic controllers (PLC), distributed control systems (DCS), d...
Article
In most industrial plants, there is a strong drive to provide business applications with some access to real-time data generated from process control systems. Often, this has been in the form of a process historian database server connected to both the distributed control systems/programmable logic controller (DCS/PLC) systems and the business user...
Conference Paper
Most modern industrial plants have a variety of different communication systems used for process control, including PLC/DCS data highways, remote I/O systems, local area networks (LANs) and fieldbuses. Installing and maintaining separate cabling structures for each of these systems can add substantially to the capital costs and result in future mai...
Article
Full-text available
With the evolution of data communications in process control, network problems have taken on new importance to process engineers. The data connections from DCS and PLC systems to the plant network are vital to production, yet can be an invitation to problems. This paper looks at several real-life network disasters and discusses strategies for avoid...
Article
The plant programmable logic controllers (PLCs), distributed control system (DCS), and motor control were all from different vendors, and they used four different control networks. The plant planned to add three new networks to connect overload relays and variable speed drive controllers. The company wanted to keep all its networks and still centra...
Article
Industrial users of fiber optic networks have different needs to commercial users. These include immunity to harsh environments, relatively short cabling distances, and ease of maintenance. The application of fiber optics at Finlay Forest Industries at BC, Canada for their new cross-direction scanning and control system is discussed including its c...
Article
This paper discusses the key facts about fibre optics in industrial environments and how fibre is selected for low maintenance and easy installation. A case history details the design of a fibre optics system in a pulp and paper mill.
Article
In late 1995, the data communications networks at the Fletcher Challenge Canada's Crofton pulp and paper mill had reached capacity and were suffering from overload. The large growth in process control information and personal computers over the past few years was straining the abilities of existing coaxial and fiber optic systems to reliably transf...
Conference Paper
In late 1995, the data communications networks at the Fletcher Challenge Canada's Crofton pulp and paper mill had reached capacity and was suffering from overload conditions. The large growth in process control information and personal computers over the past few years was straining the existing coax and fiber optic systems' ability to reliably tra...
Article
Full-text available
The recent introduction of information technologies such as Ethernet® into nuclear industry control devices has resulted in significantly less isolation from the outside world. This raises the question of whether these systems could be attacked by malware, network hackers or professional criminals to cause disruption to critical operations in a man...
Article
Full-text available
With the evolution of data communications in process control, network problems have taken on new importance to process engineers. The data connections from DCS and PLC systems to the plant network are vital to production, yet can be an invitation to problems. This paper looks at several real-life network disasters and discusses strategies for avoid...
Article
Over the past several years there has been a growing concern about security vulnerabilities in the SCADA and control system hardware, software and networks used in critical infrastructures such as the oil and gas, water and electrical generation/distribution industries. Unfortunately there has been little research on focused techniques to detect th...
Article
Full-text available
Over the past few years the world of industrial controls has borrowed substantially from the world of information systems. Technologies such as Ethernet and TCP/IP have made the interfacing of industrial equipment much easier, but there is now significantly less isolation from the outside world. Network security problems from the business network c...
Article
Full-text available
This paper presents research results on the detection of network security attacks in computer and control systems through the identification and monitoring of a synthetic "DNA sequence". Just as DNA characterizes the make up of the human body, and abnormal functioning of tissues can be traced to an altered DNA sequence, a "DNA sequence" of a comput...

Network

Cited By