Dept. of Homeland Security awards contract for SCADA system security

Starthis Inc., a provider of software products for linking enterprise applications, industrial control systems and operations personnel, has been awarded a contract from the Department of Homeland Security Advanced Research Projects Agency (HSARPA) to develop software architectures that combine the standards-based security features of the Java 2 Enterprise Edition (J2EE) platform with the iTapestry industrial automation software product from Starthis.

By Control Engineering Staff June 10, 2004

Starthis Inc. , a provider of software products for linking enterprise applications, industrial control systems and operations personnel, has been awarded a contract from the Department of Homeland Security Advanced Research Projects Agency (HSARPA) to develop software architectures that combine the standards-based security features of the Java 2 Enterprise Edition (J2EE) platform with the iTapestry industrial automation software product from Starthis. This combination will make available upgrade solutions that increase security in supervisory control and data acquisition (SCADA) systems.

The existing iTapestry product suite is used to link enterprise software applications, running on robust J2EE application servers such as IBM’s WebSphere and BEA’s WebLogic, with industrial controllers and industrial automation networks. The enhancements to be added in this project will include support for encryption and secure communications over the link between the application server and the remote controls and sensors. This communication path might include a combination of Internet, telephone, and wireless links passing through multiple vendors’ industrial networking products that are installed to provide required security enhancements.

On the enterprise or control room side, user authentication and authorization services of the J2EE platform will be combined with the iTapestry product suite to ensure that only appropriately authorized individuals can access the protected remote facilities.

According to David Naylor, CEO of Starthis, “These same security enhancements are also applicable to other regulated manufacturing environments, such as food and pharmaceuticals processing where only appropriately trained and authorized individuals should be able to monitor or influence production systems.”

—David Greenfield, editorial director, Control Engineering, dgreenfield@reedbusiness.com