Thales promotes Cybersecurity business line

The following review article was published in the May 2014 issue of the INSIDER Newsletter:

The Thales Group occupies one of the major office developments on the outskirts of Basingstoke in the UK: the building was known for many years as Thales Missile Systems, from the name on the outside – it was not a company that immediately sprung to mind as an expert in control systems and information technology. Over the past year the attitude from within Thales seems to have developed, and has recently seen much more information flow in press releases and meetings discussing their business. Last autumn saw the launch of a new ‘Cyber Integration and Innovation Centre’, and the associated business activity, housed within this building, a GBP2m ($3.2m) facility with fully isolated and screened computing laboratories, designed to allow improved cyber security and testing for critical national infrastructure, governments and companies.

Screened, because the centre has over 6000 pieces of computer malware, that can be used to test mirror copies of client networks, and where managed cyber-attacks from one lab onto an adjacent lab can be used to train staff how to protect systems, spot vulnerabilities and respond to breaches, including mass ‘Denial of Service’ (DOS) attacks.  “We can model networks for clients in a safe environment so we can upgrade, update and change things before they go live. This is particularly important in safety critical industries, such as a nuclear power station,” said Sam Keayes, a Thales vp, now presumably within a new business division formed recently known as the Critical Information Systems and Cybersecurity business line. Using equipment and technology from strategic partners like Spirent, Encase, FireEye and Mandiant, Cevn Vibert, the centre manager, commented that Thales experts can pick up and mirror a site computer system, bringing the whole infrastructure back to the lab, to stress test it against cyber-attack, jitter etc. This is a very necessary service when Thales systems run the majority of the world’s air traffic control, and their encryption is used to protect 80% of the world’s bank transactions, which include 3.7Bn transactions per annum via BACS.

Thales is a French owned group, which was originally called Thomson-CSF. The only slight problem with the simpler name is that it is pronounced “Talliss”. Their acquisition of the original business of Ferranti Computer Systems allows the claim that they have been providing technical support for the UK fleet of nuclear power stations for the last 25 years, which is a continuing responsibility, as the service life of these stations continues to be extended.

Based on Ferranti expertise

Here I have to admit that even your editor is not old enough to know the history behind some of the businesses that make up the current Thales Group. For that sort of archival knowledge we have to go back to Wikipedia, and even to Andrew Bond, the Founding Editor of the INSIDER, who remembers the original UK based DCS manufacturers and vendors from the 60s and 70s – Ferranti, Kent and GEC Elliott.

Ferranti was formed in 1882 as Ferranti, Thompson (yes- that Thompson) and Ince. Much later the company played a major part in WW2 in the development of radar, and gyro gunsights for the Spitfire. In 1949 they produced their first multi-input battlefield situation information system. At the same time they started to develop computer systems: eventually the Government under Tony Benn organized an industrial consolidation which led to the set-up of ICL, International Computers Ltd, in 1968. This deal restricted Ferranti to the industrial computing market, rather than the commercial, and Ferranti developed the Argus range. In 1987 Ferranti purchased International Signal and Control (ISC) in the USA, a defence contractor, whose business turned out to have been based on illegal arms sales. ISC was prosecuted for fraud, and this forced Ferranti into bankruptcy in 1993.

The Ferranti Computer Systems operations were acquired out of administration by Syseca, the IT arm of the French Group Thomson-CSF. Thomson then changed its name to Thales, and Syseca became Thales Information Systems.

The other UK producers 

Andrew Bond sees the rest of the UK history of DCS manufacturers as intertwined with the career of the late Tony Benn MP, who became Minister of Technology in the Labour Government of 1964-70, and secretary of State for Industry from in the 1974-79 administration. George Kent needed rescuing in 1974, possibly because of the strains of the investment in their new DCS, the P4000, and Benn wanted Arnie Weinstock’s GEC to take them over, out of the two options available: but his worker democracy approach backfired, and the workers voted to opt for Brown Boveri, as a better choice for their new owners. Following the Brown Boveri merger with ASEA in 1988, the P4000 became just another of the original control systems within the ABB group.

Meanwhile GEC under Arnie Weinstock was not enthusiastic about process instrumentation or automation, and already had business links with Fisher valves, so with Benn’s encouragement put all the GEC automation interests into a joint venture with Fisher, which included their own DCS and the systems made under license from ICI, Imperial Chemical Industries, which they had developed for their own plants. GEC had acquired the Elliott Brothers business within English Electric in 1968. Monsanto had acquired Fisher Controls in 1969, and much later sold the business to Emerson in 1992: at some time in this period Weinstock backed out of the JV and sold out from any involvement in process automation.

Ferranti Argus computers

The Argus was first developed for military duties – in 1958 used for the ground-based control of Bristol Bloodhound missiles – and were also offered as industrial control computers from the 1960s into the 1980s, for factory and plant automation. They were widely used across Europe and in the UK: typical installations for the Argus 500 were in chemical plants for process control – and nuclear power stations, for process monitoring. The first such Argus sale in 1962 was to ICI, for a soda ash and ammonia plant in Lancashire. Another significant application was for Police command and control installations, where one of the most famous was in Strathclyde: here maps were provided by using a 35mm slide projected onto a VDU screen. The Argus 500 was one of Ferranti’s best-selling products, particularly to oil platforms in the North Sea in the 1970s.

The Argus 600 was an 8-bit machine, and the Argus 700 used 16-bit architecture, whose design started in 1968, and they were in production until the mid-1980s: these are still operational at several British nuclear power stations in control and data processing applications.

Current declared activity

Thales do not mention a significant part of their business activity – a necessary culture, developed over the years since WW2, because of involvement with military projects. This ethos remains, in particular in not declaring where security, cyber-security, and emergency management resources might be deployed, whether military or commercial. However, there is an interesting parallel between Thales and EDF, of France, who now owns all the operational nuclear power plants in the UK. Thales is quoted as a long term delivery service partner with EDF. Following the Fukushima event in Japan, EDF-Energy NGL undertook a rigorous assessment of the resilience of its fleet of UK nuclear power stations, against the highly unlikely occurrence of an extreme weather or other natural event. Part of a suite of safety enhancements resulting is the provision of a mobile emergency response capability that could be deployed should such an event occur.

Thales committed to provide 5 sets of a containerised DCIS (Deployable Communication and Information Systems) for this duty by 31st March 2014. As a nuclear emergency response capability, each DCIS provides a transportable and deployable containerised unit to monitor critical plant systems and relay essential data through a resilient communications network, to provide emergency response decision makers with the information that they need to make the best possible decisions.

Separately, Thales has a co-operation agreement with Schneider Electric for the development of cybersecurity solutions and services to protect command-and-control systems from cyber-attack in customer installations in France. This includes computer attacks launched from plant management systems, unauthorised access across wireless networks and malware introduced via USB memory sticks.

Critical national infrastructure protection also includes work with oil and gas installations, petrochemical plants and pipeline systems. Thales quotes their integrated security protection systems with perimeter and access control, using CCTV etc, for twelve of the SABIC sites, and advise that Aramco refineries have similar high technology systems, supplemented by video motion detectors – the Ras Tanura complex is another site where there is such a perimeter security system.

Crisis management systems

The authorities and forces responsible for public safety and security must contend with increasingly frequent and wide-ranging incidents, from crime and accidents to natural disasters and crisis situations. This is one of the areas Thales sees as a major activity area and strength of their capability. Thales has developed a new solution incorporating the key conventional functions — situation awareness, management of command information and crisis management system resources — combined with new modules, such as advanced decision support and asset coordination. These systems are quoted as deployed in the Ciudad Segura (secure city) project in Mexico, the crowd flow and density monitoring systems in Mecca, and the BDSP public security database for the Gendarmerie Nationale in France, with systems that incorporate the deployment of sensors in UAVs. There are many more examples that cannot be quoted. Whilst in the process industry we are becoming familiar with the iOps concept from Emerson, and the Honeywell Collaboration station, the Thales Command and Control Centre is maybe a couple of grades more advanced.

Part of the suite of labs in the Critical Infrastructure Protection Facility in Basingstoke featured a combined system for perimeter security, CCTV, process control – including a DCS and a PLC (both from well known names) with valves in control loops, fire and gas alarms and access control, which enabled demonstration of the possible effects of a cyber-attack. This has been used to show legislators and management – and train operators about – the vulnerability of such systems. Manager of this facility, Cevn Vibert, explained “Our customers manage mission critical infrastructures and benefit from our holistic integrated security solutions. The market has evolved from discrete bespoke islanded systems to multi-site networked control rooms which require our integrated security techniques. These solutions cover people, operations, security, process, maintenance, business and cyber security for holistic situational awareness. This facility enables Thales to test, educate, demonstrate and explore these innovative approaches to our customer’s real needs.”  It is no coincidence that Thales is exhibiting this part of their technology at International Security and Resilience exhibitions across the Middle East, and are targeting Governments and operators of critical infrastructure projects worldwide.

Regular news on Process Automation and Control topics is presented in the INSIDER monthly newsletter, supplied on subscription by Spitzer and Boyes LLC: Nick Denbow is the European correspondent for the INSIDER. For more information please consulthttp://www.iainsider.co.uk or http://www.spitzerandboyes.com

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: