Israel-based APERIO Systems today emerged from stealth mode with a new data forgery protection technology designed to defend industrial control systems (ICS) from internal and external cyber threats.
APERIO’s Data Forgery Protection (DFP) technology is deployed on a server at the customer’s facility. The product connects to the plant’s historian server, which collects and stores physical process data, and leverages its existing capabilities.
The solution uses an algorithm to create unique signal fingerprints that can be used to validate that data’s authenticity. When data manipulation is detected, the product alerts the operator, pinpoints the targeted equipment, and recommends a course of action.
“The product gradually reads the historic data that is stored in the historian, using AI to learn the physical patterns of the systems, gradually improving its protection efficiency (the learning stage can be done before the installation at our headquarters),” Michael Shalyt, APERIO’s co-founder and VP of product, told SecurityWeek via email.
Researchers showed recently at the Black Hat Europe conference how attackers can cause physical damage in industrial environments by using specially crafted signals that trick sensors into believing that values are normal. This is one type of attack APERIO says its product can defend against.
“The additional frequencies of operation that the attacker uses to create damage will change the statistical properties of the signal and noise that will be measured - as well as other fingerprint parameters - revealing the signal as not physically consistent,” Shalyt explained.
The product can be deployed in less than a day and it does not cause any disruption to normal operations. Since the only point of contact with industrial control systems is the historian server and its existing capabilities, the company says the chance of accidental disruption caused by the product is practically zero.
“We use [the historian server’s] existing data collection capabilities for cyber security purposes - which means zero intrusion into the operation of the OT network or the engineering endpoints,” Shalyt said.
APERIO has raised $2 million in a seed funding round led by Doron Bergerbest-Eilon, Liran Tancman and Shlomi Boutnaru. The company’s product, available to organizations worldwide, is currently being deployed at several power plants in the EMEA region.
Related Reading: Industrial Cybersecurity Firm Nozomi Networks Raises $7.5 Million
Related Reading: Kaspersky Launches Industrial Control Systems CERT