As the industrial sector embraces Ethernet communications on the manufacturing floor and in the power grid, a whole new set of security risks loom.
While Ethernet connectivity does provide key redundancy, data sharing and remote access benefits, the fact that it’s an Internet-based protocol makes it far more vulnerable than the closed serial communications systems previously used in these industries.
Recognizing the gravity of this issue, the German government passed the IT-Security Act (ITSA), which requires operators of critical infrastructures to implement minimum IT security measures to reduce the risk of attack.
To help German companies comply with regulations and give manufactures worldwide protection against increased security threats, Rhebo is pioneering new systems and analysis techniques designed specifically for the challenges these organizations face.
“Although typical corporate networks have complex, highly variable traffic patterns that are difficult to characterize, communications within industrial control systems should remain relatively stable,” said Oliver Desch, Business Development Manager at Rhebo. “Any anomalies and deviations in these continuous communications streams need to be investigated immediately.”
The Rhebo solution combines purpose-built sensors and deep packet inspection with traffic analysis and machine learning to create a solution for alerting companies to possible breaches. Before a solution is deployed, the company analyzes traffic to create a baseline, tuning the system to recognize anomalies. The solution eventually learns to recognize “acceptable deviations” such as when technicians access the network for maintenance.
“It’s not surprising that we're seeing the first set of industrial Ethernet security solutions in Germany. After all, it is a key center for manufacturing from a global perspective and many industrial innovations come from this area,” said Chris Bihary, CEO and co-founder of Garland Technology. “Rhebo has created an elegant solution to a growing problem. With a deep understanding of both network security principles and industrial operations, they are well positioned to help organizations of all types safely transition from serial to Ethernet communications systems.”
Adapting standard network monitoring technology for industrial applications has its challenges. Sensors and analyzers must be designed to work in rugged environments and ensure that atmospheric contaminants, vibration and heat don’t affect their readings. While industrial Ethernet applications themselves don’t generate traffic spikes, the solutions monitoring them will have to deal with the heavy loads sporadically created in other parts of the organization.
“To ensure that we see all the traffic without packet loss, our recommended implementation plan uses passive network TAPs.” said Desch. “Because Garland network TAPs are purpose-built hardware solutions, they cannot possibly introduce new packets into the environment, a critical requirement of any industrial Ethernet monitoring solution.”
While Germany may be ahead of the US in terms of mandating change, it’s clear that industrial organizations worldwide will soon need to secure their infrastructures against cyber attacks. Downtime is extremely expensive, but the idea that a third party could inject subtle changes into an automated manufacturing process and impact quality is particularly frightening. By providing a streamlined approach to securing the industrial Ethernet, Rhebo is helping to ensure that the financial impact of regulatory compliance won’t force companies to skimp on protection systems.