According to the latest published research by Kaspersky about industrial cyber security, a wide majority of surveyed organizations have expressed concerns about OT (operational technology) security. However, only one-third of the survey respondents have deployed some degrees of OT security. Such findings have clearly revealed the vulnerability of utility-generating and mission critical organizations. Apparently, with such level of protection, any deliberate attack like DDoS would devastate a country’s supply of electricity, water, petroleum or gas. In short, the OT asset management remains a challenge for ICS (industrial control system) and SCADA owners and is apparently vulnerable.
A Europe-based real-time monitoring and security system provider approached Lanner to co-develop a anomaly-detecting system built with policies to identify cyber attacks. The system is designed with the following criteria:
Detecting threats for ICS or SCADA systems
To protect the ICS and SCADA systems, the joint solution must be able to detect and identify potential threats, such as DDoS and Stuxnet.
IEC 61850-3 compliance for substation environment
Regarding deployments in power plant or substation environment, IEC-61850-3 compliance is a must, due to unexpected ambient temperature, or other external factors.
Visualize the Industrial network
The deployment of the co-developed solution aims to provide visibility of the industrial network for threat detection and mitigation.
Automatically track the industrial assets
With visibility, owners and/or managers of the mission critical infrastructure will be able to automatically track their valuable assets and prevent potential attacks by continuously monitoring the ICS network.
Redundant power supply
Instability in power supply may occur in utility plants due to its demanding environment. Therefore, redundant power supply becomes a necessary feature to assure high-availability.
Various mounting options
OT environment is more complicated than IT field in the mounting aspect. Therefore, the joint solution shall come with various mounting options such as rackmount and DIN Rail.
Throughout the collaboration, Lanner presented LEC-6032 for the OT edge and LEC-3340 for the network across DMZ and IT zones, to provide real-time visibility, gather asset status data and remotely monitor SCADA network.
LEC-6032 is a compact fanless cyber-security platform powered by Intel® Atom™ E3845 CPU for industrial applications. The desktop hardware supports isolated Serial ports and multiple LAN ports for connections with instruments on the field. LEC-6032 also supports wide range of operating temperature from -40 °C to 70 °C and comes with wallmount and DIN Rail mounting options.
For the DMZ and IT networks, LEC-3340 is an industrial-grade, fanless rackmount system. LEC-3340 is empowered by processor options of Intel® Xeon® E3-1505L V6, Core™ i3-7100E, or Core™ i5-7442EQ (formerly Kaby Lake-H) processor, to offer outstanding performance. Designed to be robust, LEC-3340 is IEC-61850 and IEEE 1613 compliant. This industrial-grade edge consolidation server provides rich I/O functions, including 4 x PCIe slots, 4 x RJ-45 GbE LAN ports, 5 x USB 3.0 ports, 2 x 2.5” swappable drive bays, DP/DVI display port, and 2 x isolated COM ports.