Solution

BACKGROUND

SCADA systems, also known as ICS (Industrial Control Systems), are typically deployed in industrial sectors such as Energy production, Water Supply, Chemicals, Oil & Gas, Transportation, Renewable Energy and others, to monitor and control the core critical physical processes of the plant.

In addition, SCADA systems are also deployed in operational systems of the secondary circle, the support layer of the plant, such as within Data Centers and Building Management Systems.

Most of these sectors comprise of extremely complex facilities and machinery, with a large number of interdependent SCADA processes. In the past, Cyber Security efforts in these sectors have focused on mitigating IT focused risks and have not emphasized OT focused risks, due to the fact that each was created with separate operational missions in mind.

However, as the IT and OT networks are interconnected in almost all cases, the use of cyber security measures designed for IT to protect OT, is not sufficient. In recent years, there has been a significant expansion of the cyber-attack surface. Attackers are exploiting the fact that traditional IT cyber security systems are ‘blind’ to many attack types, as these systems lack visibility into common SCADA protocols and system types, and are crafting attacks which have the potential to cause substantial physical impact that can cause financial, environmental and life endangering damage.

Thus, dedicated OT Cyber Security systems are imperative.

RAFAEL SLI

SLI is Rafael’s proprietary and patent based SCADA security solution that monitors the physical industrial process, and alerts on cyber-attacks based on analyzing the data collected by physical sensors in the plant (i.e. pressure, temperatures, rpm).

The system includes proprietary sensors installed at critical points of the plant, in parallel and independent (out of band) of the plant’s SCADA system and sensors, without interfering with the control or physical process. In cases where SLI sensors installation is not possible, SLI operates in a passive mode, passively collecting the physical data of the SCADA system’s own sensors from the network. The data collected by SLI in either of the options is analyzed by AI learning algorithms, and any deviation in the physical process that can be attributed to a cyber incident is alerted, based on pre-defined attack vectors.

The primary problem addressed by Rafael’s SLI is the difficulty of detecting cyber and cyber-physical attacks against SCADA/ICS systems. SLI facilitates their early detection and generates actionable instructions regarding the location and the character of the attack.

An important SLI characteristic is its focus on monitoring the physical consistency of the protected system, as opposed to network traffic monitoring-based systems that solely look for the attack traces in the network traffic data and metadata. This unique approach provides an added value no other SCADAS Security vendor can offer.

Network Layer

The network protection layer includes Rafael technologies dealing with content inspection, along with a collection of best of breed commercial security solutions from market leading companies, such as Firewalls, Intrusion Detection and Prevention Systems, Unidirectional Diodes, Encryption solutions, NAC and PIM.

Architected and Integrated by Rafael’s expert engineers, full coverage for the various protection and monitoring requirements in the OT environment are implemented, with integration of events into Rafael SSA for complete end-to-end Physical OT, Network OT and IT events correlation

Computing Layer

The computing protection layer includes Rafael technologies dealing with operating system resources protection and IP protection. In addition it includes a collection of best of breed commercial security solutions from market leading companies, such as Endpoint Security suites, File Sanitization Systems, Data Leak Protection and more.

Similarly to the Network computing layer, these solutions are architected and integrated by Rafael’s experts as part of the entire OT cyber security system and forward events to Rafael SSA.

Rafael SSA

Rafael SCADA Situational Awareness (SSA) collects inputs from all of the relevant sensors to build a unified situation awareness security picture. The thousands of pieces of information that are collected from the physical world (OT) and cybernetic world (IT) are combined and fused into knowledge and operational recommendations.

This powerful Big Data system, includes a web based management control system with numerous dashboards, reports, filters and graphical representation of physical assets, allowing the security manager full control on his systems.

Cyber Physical Systems (CPS)

Nowadays, national critical assets are facing increasing cyber warfare threats and malicious activities by state actors as well as by individual rogue hackers. While these trends are developing rapidly, protecting countries’ critical assets and infrastructure has become an increasing challenge on the national level. A success of such attacks can be devastating with serious consequences

Moreover, Industry 4.0 revolution and its great benefits such as digital operations and cross-network connectivity, increasingly expose physical assets to new and broader attack surfaces, threats, and vulnerabilities.
Thus, it is time that power plants, oil rigs and refineries, water facilities, sea land and airports, healthcare institutes and other Critical Infrastructure, must be protected differently.

I3R

We address the growing needs of protecting CPS systems by leveraging battle-proven military-grade experience in cyber security and OT domains to detect the most subtle attacks.
Moreover, our unique OT Anlayst Bot (Robot), a result of years of experience in running SOCs, is revolutionizing analysts’ standard operating procedures (SOP) and efficacy towards decision making.

Finally, to ensure continuity and availability of any critical system without interfering operational processes, we developed a methodology for providing tailor made ML Algorithm to fit into your unique environment, so you can sleep well at night.

Contact Us