Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

Startup Uses Changes in Power Consumption to Detect Industrial Cyber Threats

PFP Cybersecurity Launches Physics-Based Solution to Protect SCADA Systems and Supply Chains

PFP Cybersecurity Launches Physics-Based Solution to Protect SCADA Systems and Supply Chains

Forget signatures, heuristics and sandbox analysis. PFP Cybersecurity, a Washington, D.C.-based cybersecurity startup, is taking a unique approach to detecting malware and threats within the IT supply chain as well as critical infrastructure such as industrial control systems.

According to the company, its anomaly-based detection technology uses changes in the pattern of power consumption or RF radiation, in order to detect a potential a security breach. By first creating a baseline by reading power fluctuations of a system under normal usage, and then through continuous monitoring, the startup claims that it can detect threats in milliseconds.

PFP explains in more detail that its technology uses fine-grained measurements of a processor’s power consumption to identify “unique patterns created by the specific sequence of bit transitions during execution”, an approach that it says is complementary to existing security solutions such as AV and Deep Packet Inspection (DPI).

With no added software, PFP offers air-gapped, real time monitoring of hardware, firmware, BIOS, and core OS components and can detect hardware Trojans and counterfeits in the supply chain, including chips, boards, devices & systems.

Funded by DARPA, DoD and DHS, the company has also raised $1 million, which it will use to expand the company and develop its security solutions.

While the company has been keeping a low profile until now, it did exhibit at SecurityWeek’s 2014 ICS Cyber Security Conference in Atlanta in October, but is officially making its public debut this week.

The company has already received contracts from NSF, US ARMY, USAF, DARPA and DHS.

“In the supply chain, counterfeit chips and reused parts go undetected until in production or deployment,” said Steven Chen, Cofounder and Executive Chairman of PFP Cybersecurity. “Hardware intrusions such as Trojan chips with ‘back doors’ installed by adversaries for spying, or the insertion of a kill switch, would render these systems useless at the moment of greatest need.”

In late 2012 Gartner analysts warned that IT supply chain integrity issues are real, and would have mainstream enterprise IT impact within the next five years. Additionally, a 2012 report from Northrop Grumman prepared for the U.S.-China Economic and Security Review Commission warned that “successful penetration of a supply chain such as that for telecommunications industry has the potential to cause the catastrophic failure of systems and networks supporting critical infrastructure for national security or public safety.”

PFP’s offerings currently consist of two products, P2Scan and eMonitor. P2Scan scans for deviations to determine whether an intrusion or cyber-attack has occurred, while eMonitor is a standalone appliance that pairs with the device(s) to be monitored and performs run-time monitoring. Because PFP is separate and does not use the target’s resources, there is also no impact on existing system performance.

“Over the past few years, we’ve seen an increase in sophisticated cyber-attacks against critical infrastructure and the supply chain that go undetected for months, even years,” said Dr. Jeffrey Reed, Cofounder and President of PFP Cybersecurity. “By leveraging digital signal processing technology, we developed a solution that is unique and for all practical purposes impossible to evade.”

The first generation of the company’s technology was developed at Virginia Tech in 2006 by Reed and its CTO, Dr. Carlos Aguayo Gonzalez, who joined Chen to form PFP Cybersecurity.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

ICS/OT

Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.

ICS/OT

The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

Data Protection

Artificial intelligence is more artificial than intelligent.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...