Securing Industrial Control Systems: Barry-Wehmiller Design Group and TXOne

Sep 21, 2023

Blog: Securing Industrial Control Systems with Barry-Wehmiller Design Group and TXOne

Barry-Wehmiller Design Group is a TXOne Certified Partner and one of the largest System Integrators in the United States providing automation and control system integration services to the food and beverage, life sciences, semiconductor, and advanced technology sectors. They are also one of ten operating companies within the Barry-Wehmiller family, a leading supplier of engineering consulting and manufacturing technology across a broad spectrum of industries.

“We’re a full-scope system integrator. We can do everything from finding land for clients, designing and constructing a building, designing process and packaging lines, and integrating data to their ERP system” says Josh Rabaduex, a Director in the Information Solutions practice. Josh runs the cybersecurity and networking initiative for their client projects to ensure the software and network are being handled properly.


OT Security Was Becoming an Issue

BW Design Group has been involved in automated manufacturing for nearly 40 years. “Networking for the manufacturing floor came into play around 2005 and it started to take off,” Josh explains. “We jumped on it and learned how to do it, and we’ve grown into an organization that now prides itself on the manufacturing network.”

As the need to greatly improve the cybersecurity around OT networks was becoming hard to ignore, he wanted to be able to offer clients a more robust, proactive approach. Finding a partner with expertise entirely in OT cybersecurity was essential.

“Cybersecurity is so big and new, no single company will be able to provide everything,” Josh said. “We were introduced to TXOne at a technology conference. I could immediately see the benefits of getting their equipment into our projects.”


Why BW Design Group Partnered with TXOne

“TXOne has the only OT intrusion prevention system on the market today,” Josh explained. “It helps us create networks that are secure by default.” He’s successfully introduced customers to several TXOne solutions, but beyond any particular product, he appreciates TXOne’s expertise in the intricacies of OT networks, as opposed to more straightforward IT networks.

“There’s not a lot of diversity in IT networks. A computer, cell phones, maybe some access points and printers,” he says. Manufacturing has all kinds of technology from different eras and different vendors that bring in their own protocols. “Right alongside brand new technology, some of our clients still have hundreds of 1985 Rockwell PLC5s that are older than our new hires.” Of course, no one is arguing that 40-year-old technology on the network is safe, but replacing lots of old equipment is not a viable solution, not financially and not operationally. So what do you do?

“That’s where TXOne’s solutions come in. Their intrusion prevention systems allow us to protect the end devices from these threats without having to remove them from operations,” according to Rabaduex. These include many commonly used devices such as programmable logic controllers, variable frequency drives, and input/output modules (PLCs, VFDs, and I/Os.)

“For example,” he explains, “the way TXOne Stellar is designed lets us protect computers that an IT group would NEVER allow on their networks.” He’s referring to technological antiquities like Windows 7 and 8 that remain part of some OT networks. “We could even use TXOne’s intrusion prevention systems to protect Windows XP machines that are still out there. So, their devices allow us to continue to run that older equipment while still protecting them from current threats.”


What OT Admins Need to Know

In Josh’s experience working with OT administrators, he’s found the thing that still surprises them the most is that their networks, or networks just like theirs, are the primary focus of ransomware attackers. “And that includes financial markets, healthcare, everything,” he says. “Manufacturing is the number one target for ransomware.”

Ease of attack is a major reason. He finds many OT networks still rely on the regrettably popular “Security by Obscurity” protocol, a who-cares-about-little-old-us approach that’s out of sync with today’s technology. That’s because attackers aren’t necessarily going after specific companies, Josh advises; they’re just hunting for easy weaknesses to exploit. “They’re using search engines to find vulnerabilities and see what they can get into.”

Josh believes the most alarming threats are those we don’t know about. “That’s the scariest stuff. The zero-day threats,” he says, referring to unknown vulnerabilities lurking in the forest. “The stuff that’s being written to target a specific nation-state’s manufacturing capabilities, but it gets loose in the wild and is used to attack areas we don’t think it’s supposed to go.”

One thing he finds indispensable is TXOne’s ability to aggressively protect against zero-day threats by stopping bad packets from moving through a system. “They’re watching below the known software level, working on a conceptual level that lets them know if packets are bad and then block them,” he says. “That protects us from zero-day threats that we’re not even aware of today.”


Protecting BW Design Group’s Clients

“I’m always looking for technologies that are specific and fill a need,” Josh says. “TXOne does that by being able to microsegment vulnerabilities in real time; there’s nothing else on the market that can sit on the network and do that.” And with TXOne’s Stellar, Josh can offer his customers an antivirus, anti-malware endpoint detection and response mechanism that’s also the only one on the market.

“Really, TXOne is the only solution that’s bringing a specific OT mentality,” he says. “How old the equipment and operating systems are, all the different protocols that are running around, needing to take it easy on ancient computers. TXOne has already thought about that, and they let me offer customers a product that I can use in manufacturing without adapting it.”


Discover your OT cybersecurity strategy

To learn more about Barry-Wehmiller Design Group and its implementation services for TXOne solutions, please visit: BW Design Group CybersecurityContact Us

TXOne image
TXOne Networks

Need assistance?

TXOne’s global teams are here to help!

Find support