Enhance Control System Security with Electro-Mechanical Process Switches
Modern industrial facilities rely on connected control systems to improve performance, enable diagnostics, and support predictive maintenance. But as control systems become more networked—using open operating systems, standardized communications, and remote connectivity—the attack surface expands right along with the benefits.
The challenge is that many protective measures still depend on the very infrastructure that can be compromised. That’s why more organizations are revisiting a proven, practical concept: adding an independent safety layer that does not rely on software, networking, or communications to do its job.
Connectivity Improves Operations—and Increases Exposure
Distributed control systems (DCS) and SCADA environments increasingly use open technologies and interconnected architectures. This supports information sharing between the plant floor and enterprise systems, but it also introduces cyber risk. Real-world events and testing have demonstrated that a cyber incident can create real physical consequences—especially when attackers can send conflicting instructions or override automated safeguards.
It’s not only sophisticated attacks that create risk. As systems become more complex, gaps can appear simply due to:
- delayed patching and updates
- new devices added over time
- changing network topology
- expanded remote access requirements
Why Traditional Cyber Defenses Can Still Fall Short
Most facilities already use common security measures such as patching, firewalls, intrusion detection, and network segregation. Those are essential—but they’re not always enough on their own, particularly when a control environment includes a mix of legacy and modern technologies.
Even strong programs can fail when:
- an internal device or application remains unpatched
- a trusted area becomes exposed through a new connection point
- industrial wireless, mobile devices, or newer field networks introduce an unexpected entry path
- critical systems are moved toward more digital/networked architectures
In short: software-based defenses are necessary, but they can be bypassed. That’s why an added layer that remains dependable even during a control system compromise is worth serious consideration.
A Practical “Independent Layer”: Electro-Mechanical Process Switches
Traditional cybersecurity measures—patching, firewalls, intrusion detection, and network segregation—are still essential. But even strong programs can fail if a vulnerability exists inside a trusted area, if systems aren’t updated in time, or as newer technologies (fieldbus networks, industrial wireless, mobile devices, and digitized SIS architectures) introduce new paths for intrusion.
That’s why the whitepaper recommends adding a complementary safety layer that can still function even if the control system is compromised: electro-mechanical process switches.
Electro-mechanical switches improve cyber resilience because they:
- Don’t have software or an operating system susceptible to cyberattack
- Can provide safety functions independent of a central control system
- Have no processor involved, meaning there’s “nothing to hack”
- Are fast acting, tripping quickly “when milliseconds count”
- In modern implementations, can deliver highly dependable performance with virtually no false positives
Use case example: Sandia National Laboratory oil refinery attack simulation
To illustrate why an independent safety layer matters, the whitepaper references a Sandia National Laboratory oil refinery attack simulation. One of the first actions in the scenario was to put the system into manual, overriding automated safeguards.
The paper notes that this hack attempt would have failed with an appropriately placed and configured electro-mechanical switch—because the switch would have tripped once the temperature exceeded a set point, and there would have been nothing the attacker could do through the control system to prevent it.
As a bonus, switch-based protection helps prevent both deliberate and accidental events. The switch doesn’t care why limits were exceeded—whether it’s malicious tampering or something like a coolant pump failure—either way, it initiates the required action.
Where Switch-Based Protection Fits
The “right” protective strategy depends on the process, but electro-mechanical switches are often used to monitor parameters that indicate an abnormal or escalating event, such as:
- overpressure risk in vessels and piping
- overheating risk where heat tracing or freeze protection is required
- abnormal operating conditions on rotating equipment (pumps, compressors, turbines)
From there, the switch is wired to take an appropriate action—ranging from shutting down a single asset to initiating a broader shutdown sequence, depending on the hazard review and SIS/SIF design approach.
Recommended Solution: UE 120 Series Pressure & Temperature Switch
For facilities looking to strengthen cyber-resilience and improve the reliability of local protective functions, Westech Industrial offers the United Electric Controls (UE) 120 Series Pressure and Temperature Switch.
Designed for heavy industrial environments, the UE 120 Series supports critical alarm, safety, and emergency shutdown functions—especially in hazardous locations—while operating independently of the control system. As an electro-mechanical switch, it avoids reliance on communications and reduces exposure to potential software or network-related failure modes.
Key benefits of the UE 120 Series include:
- SIL 2 certified (SIL 3 capable) for safety instrumented systems (SIS) applications
- Simplified installation with ample access to wiring compartments, terminal block, and set point adjustment
- Heat trace / freeze protection temperature models to help protect piping and vessels
- Flexible configuration with a variety of ranges, microswitches, sensors, and process connections
- Explosion-proof SPDT/DPDT and multi-switch outputs for control and safety applications
Typical applications include:
- rotating equipment protection (pumps, turbines, compressors)
- heat tracing and freeze protection
- combustion systems
- oil, gas, petrochemical, and chemical processing environments
Add a Cyber-Resilient Safety Layer—Without Adding Complexity
A switch-based protective layer won’t replace your cybersecurity program—but it can help reduce reliance on networked infrastructure for critical protective actions. It’s a practical way to complement software defenses with a layer that remains dependable under abnormal conditions.
Talk to Westech Industrial about applying the UE 120 Series in your facility—including selection support (pressure/temperature ranges, outputs, hazardous area requirements) and fit-for-purpose recommendations based on your application.