ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection.
My research highlights the multiple challenges with patching for SCADA and ICS systems
Since the discovery of the Stuxnet malware in 2010, industrial infrastructure has become a key target for security researchers, hackers, and government agents. Designed years ago with a focus on reliability and safety, rather than security, Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS) products are often easy to exploit. As a result, there has been exponential growth in government security alerts for these systems in the past two years. In addition, they have attracted some of the most sophisticated (Stuxnet, Night Dragon, Flame) and damaging (Shamoon) cyberattacks on record.
Eric Byres, CTO and vice president of engineering at Tofino Security, investigated the effectiveness of patching for protecting control systems from vulnerability exploits and malware. His work revealed that:
The number of vulnerabilities existing in SCADA/ICS applications is high, with as many as 1,805 yet to be discovered vulnerabilities existing on some control system computers.
The frequency of patching needed to address future SCADA/ICS vulnerabilities in both controllers and computers likely exceeds the tolerance of most SCADA/ICS operators for system shutdowns. Unlike IT systems, most industrial processes operate 24x7 and demand high uptime. Weekly shutdowns for patching are unacceptable.
Even when patches can be installed, they can be problematic. There is a 1 in 12 chance that any patch will affect the safety or reliability of a control system, and there is a 60% failure rate in patches fixing the reported vulnerability in control system products. In addition, patches often require staff with special skills to be present. In many cases, such experts are often not certified for access to safety regulated industrial sites.
Patches are available for less than 50% of publically disclosed vulnerabilities.
Many critical infrastructure operators are reluctant to patch as it may degrade service and increase downtime.
When patching is not possible, or while waiting for a semi-annual or annual shutdown to install patches, an alternative is to deploy a workaround, also known as a compensating control'. Compensating controls do not correct the underlying vulnerability; instead, they help block known attack vectors. Examples of compensating controls include product reconfigurations, applying suggested firewall rules, or installing signatures that recognize and block malware.
Another compensating control is Tofino Security Profiles, available in Belden's Tofino Security product line. Tofino Security Profiles are rule and protocol definitions that address newly disclosed vulnerabilities. They provide a simple way for automation system vendors to create and securely distribute malware protection. Operators benefit from a single, easy-to-deploy package of tailored rules that can be installed without impacting operations. The result is that critical industrial infrastructure facilities can quickly and effectively defend themselves against new threats.
My research highlights the multiple challenges with patching for SCADA and ICS systems, remarked Eric Byres. To secure facilities, critical infrastructure operators should pursue a Defense in Depth strategy that includes patching when possible, and use compensating controls for protection when patching is not possible.
Starting today, Belden is publishing a series of blog articles on its patching research and is accompanying them with useful documents. These documents include:
Patching for Control System Security - A Broken Model?; a presentation that summarizes its patching research,
Patching for Control System Security - A Broken Model? a peer reviewed published paper,
and Solving the SCADA/ICS Security Patch Problem, a White Paper.
Visit: http://www.tofinosecurity.com/blog/scada-security-welcome-patching-treadmill for the first blog article.
Tofino Security provides practical and effective industrial network security and SCADA security products that are simple to implement and that do not require plant shutdowns. Its products include configurable security appliances with a range of loadable security modules plus fixed function security appliances made for specific automation vendor applications. Tofino Security products protect zones of equipment on the plant floor, and are complementary to Belden's Hirschmann brand, which leads industrial networking solutions. Both groups service and secure industrial networks in the oil and gas, utilities, transportation and automation industries. www.tofinosecurity.com
About Belden
St. Louis-based Belden Inc. designs, manufactures, and sells connectivity solutions for markets including industrial, enterprise, and broadcast. It has approximately 6,700 employees, and has manufacturing capabilities in North America, South America, Europe, and Asia, and a market presence in nearly every region of the world. Belden was founded in 1902, and today is a leader with some of the strongest brands in the signal transmission industry. For more information, visit www.belden.co
Most recent headlines
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
04/08/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
04/07/2026
April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...
01/06/2026
January 6 2026, 05:30 (PST) Dolby Sets the New Standard for Premium Entertainment at CES 2026
Throughout the week, Dolby brings to life the latest innovatio...
30/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
30/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
30/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
30/05/2026
Zero in on one that says yes (and no)
Andy Marken May 29, 2026
0 Comments
Hero image courtesy of Deposit Photos
For content creators the most difficu...
29/05/2026
With InfoComm 2026 just weeks away, NDI is giving attendees plenty of reasons to...
29/05/2026
Reaffirming a partnership that has defined Canadian sports broadcasting since 19...
29/05/2026
Mobile/tablet is No. 2 device for watching TV, suggesting that the sports-production industry needs to take another look at the format
Ring Digital's Sprin...
29/05/2026
Berliner Ensemble, one of Berlin's five major theater companies, has expande...
29/05/2026
Solid State Logic will showcase its new compact, fly-away TCA Tour audio product...
29/05/2026
Gerald (Jerry) Pierce, a pioneering technologist who helped shape the digital transformation of the motion picture industry, passed away last month on April 12 ...
29/05/2026
Paramount+ will be the English-language U.S. home for Barclays Women's Super...
29/05/2026
Further strengthening its virtualisation strategy to fully support broadcasters ...
29/05/2026
Swiss broadcaster Canal Alpha has deployed Harmonic's award-winning, software-based XOS Advanced Media Processor to modernize playout operations across cant...
29/05/2026
PTZOptics will showcase a new generation of intelligent video workflows at InfoComm 2026, June 17-19, Las Vegas. Visitors to booth N8227 will see how PTZOptics ...
29/05/2026
Arizona's Family has launched the Arizona's Family Sports (AZFS) streaming app, a new direct-to-consumer destination for live, local sports. The app is ...
29/05/2026
Starting in 2027, DAZN will be the exclusive home of The Canadian Football Leagu...
29/05/2026
Comcast Business has detailed the advanced network infrastructure it has deploye...
29/05/2026
In two-day event, leaders from academia and industry explored solutions to chall...
29/05/2026
The Basketball Tournament (TBT), now entering their 13th year of competition, ha...
29/05/2026
Roku has launched FOX One as a Premium Subscription on The Roku Channel in the U.S. Roku customers can now subscribe to FOX One using their Roku account for liv...
29/05/2026
In its sixth year, the broadcaster's coverage has become a global brand and ...
29/05/2026
Ratings Roundup is a rundown of recent ratings news and is derived from press re...
29/05/2026
The days are getting longer, the temperatures are rising, and playlists are filling up for the season. With summer around the corner, Spotify's global edito...
29/05/2026
New retro-inspired MPC announced
There are few devices that have gained the status held by Akai Pro's MPC range, and in recent years, the company have s...
29/05/2026
Save up to 30 on acclaimed titles
Following a successful launch at Superbooth 2026, Bjooks have revealed that they will be continuing the Kickstarter campa...
29/05/2026
Binaural monitoring application improved
Genelec have just released an update that brings some powerful new features to their HRTF-based binaural headphone ...
29/05/2026
6 June 2026 at SAE Institute, London, UK
IMSTA FESTA 2026 is almost upon us, with some of the biggest names in pro-audio set to descend upon SAE Institute i...
29/05/2026
Gerald (Jerry) Pierce, a pioneering technologist who helped shape the digital transformation of the motion picture industry, died April 12, 2026, at his home in...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Comparing 5 AI Video Enhancers for Restoring Old Video Quality
Kate Luvis May 29, 2026
0 Comments
Digitizing VHS, MiniDV, and other legacy formats doe...
29/05/2026
Studio Hamburg Builds New Post Pipeline with DaVinci Resolve Studio
Brie Clayton May 29, 2026
0 Comments
Workflow replaces a patchwork of legacy tools...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
Share
Copy link
Facebook
X
Linkedin
Bluesky
Email...
29/05/2026
At the Intersection of Music and Dance, an Epic Collaboration Boston Conservatory musicians and dancers found creative parallels in their recent performance o...
29/05/2026
May 29 2026, 09:00 (PDT) Dolby and rednote Bring More Immersive Storytelling to...
29/05/2026
Something fundamental has shifted in how people consume media. Audiences aren't abandoning television or radio content; they're just expanding how, wher...
29/05/2026
Youtube exclusive special drops today
Watch now
UKTV today announces another e...
29/05/2026
Back to All News
The Official Trailer of Physical 100 Italy, on Netflix From Se...
29/05/2026
At just 20 years old, Sean Melia from Summerhill Co. Meath has been revealed as the winner of Super Garden 2026. Sean is the youngest ever contestant and winner...
29/05/2026
Experimental HIV vaccine achieves a long-sought goal In a first for the field, all non-human primates given a new series of vaccines generated antibodies capabl...
ST. LOUIS--(BUSINESS WIRE)--Belden Inc. (NYSE: BDC), a global leader in signal transmission solutions for mission-critical applications, announces that its Tofino Security brand has published new research showing that patching is often ineffective in providing protection from the multitude of vulnerability disclosures and malware targeting critical infrastructure systems today. While patching such systems is important as part of an overall Defense in Depth strategy, the difficulties of patching for industrial systems mean that compensating controls such as Tofino Security Profiles are often a better method of providing immediate protection. 
