SCADA DPI decoder protects M2M comms from malicious code
SCADA (Supervisory Control and Data Acquisition), is an Industrial Control System (ICS) application for remote monitoring and control which helps secure M2M communication using standards such as IEC 60870-5-104, the protocol for network access for tele-control tasks. The integrated SCADA decoder licensed with the R&S PACE 2 engine from Rohde & Schwarz Cybersecurity supports this protocol and is capable of decoding specific M2M commands, employing deep packet inspection (DPI). This allows the identification of malicious code disguised as regular commands and helps prevent cyberattacks such as the power outage in Ukraine in late 2015 which affected 225,000 customers. CELARE, a provider of Cyber and Network Analysis, is now using this latest version of R&S PACE 2 in its innovative product T-SENSE. The software-based solution combines a variety of cutting-edge technologies and uses a non-intrusive approach to provide visibility over IT and SCADA networks.
R&S PACE 2 is a software engine capable of identifying thousands of protocols and applications. It is needed everywhere in the network where intelligent decisions need to be made based on the nature of the IP traffic, whether it is wanted or unwanted traffic, good or malicious. Industrial control systems (ICS) such as SCADA (R&S adds) present an attractive target for those who seek to cause disruption or to threaten critical infrastructure such as water, oil, gas and energy factory communications channels. With the rise of the Industrial Internet of Things (IIoT), more devices, sensors and controllers have access to the industrial network infrastructure. The infection of such devices is an additional threat to the M2M communication network, possibly resulting in halted production and damaged machinery.
CELARE, a partner of the Cybersecurity division of Rohde & Schwarz, is using the SCADA-ready R&S PACE 2 with its advanced decoding capabilities in its T-SENSE product to provide an innovative and scalable solution. T-SENSE overlays existing network infrastructure and is equipment vendor agnostic. It is designed to collect data from any information source while simplifying the network accessibility for real-time analysis and forensics methodologies. T-SENSE is bridging the gap between network, big data and cloud environments by providing a fast and seamless approach to collect, detect, analyze and transport valuable data, events and insights to any destination.
“Our customers are increasingly seeing the need to protect their highly sensitive IT and SCADA-controlled infrastructure against malware and attacks. We decided for Rohde & Schwarz Cybersecurity as we recognized their technical leadership in Deep Packet Inspection and behavioural analysis,” said Sharon Uziel, Vice President Product and Business Development at CELARE.
Rohde & Schwarz Cybersecurity; https://cybersecurity.rohde-schwarz.com/en/how-dpi-improves-security-and-reliability-industrial-systems
CELARE is the Cyber arm of BATM group and provides DPI based network monitoring solutions with integrated Big Data security analytics and threat detection; www.celarenet.com/
If you enjoyed this article, you will like the following ones: don't miss them by subscribing to :
