Energy / Utilities / ICS / OT Security Solutions
The threat of cyber-physical systems (CPS) attacks is increasingly evident across the critical infrastructure landscape, e.g. energy grids and industrial control systems, with the proliferation of successful attacks such as Sandworm, INDUSTROYER2.0, Triton, CADDYWIPER, and others. Motivations behind cyberattacks on energy infrastructure are generally linked to economic competition and strategic positioning between nation-states. As Distributed Energy Resource Management Systems (DERMS) worldwide strive to integrate more renewable energy, reduce carbon footprint, decrease cost, and improve optimization (ROI); industry continues to push more decision making (intelligence) to the edge (i.e. microgrids) through the use of digital sensors, increased bi-directional connectivity/communications, AI/ML, EV charging and smart meters, thus expanding the adversary’s attack surface.
Attacking energy critical infrastructure, adversaries are employing Tactics, Techniques, and Procedures (TTP’s) to blend in and act as legitimate traffic/protocols/domains by leveraging the functionality in these general purpose compute applications, operating systems, and industrial control systems. In the operational technology (OT) Supervisory Control and Data Acquisition (SCADA) environment, attacks are difficult to identify, prevent, and respond to due to a lack of threat data, real-time operating systems, and resource constrained environments. These deficits challenge the current NIST Cyber Security Framework (CSF) paradigm of Identify, Protect, Detect, Respond and Recover because common monitoring and detection systems rely on looking for abnormalities and/or signatures associated with prior attacks. While the proliferation of “Known Unknowns” is predictable, cybersecurity analyst reliance on AI/ML to sort through the massive amounts of data to find adversary activity will increase – analysts are constrained to the application layer, the need for the collection of massive amounts of data, the computational resources adequate to support, and the inherent statistical probability of no detection . Most attacks and system infiltrations begin between 45-95 days prior to detection. Ransomware and other attacks are now frequent with increasing economic and national security implications.
In accordance with Executive Order 14028, BedRock Systems designed and built a formal methods proven unbreakable trusted virtualization platform with active security™ that provides feature capabilities to countermeasure next generation Advanced Persistent Threats (APTs). BedRock Systems follows the Zero Trust (ZT) Model to “Deny All Allow by Exception” and extends the concept of Least Privilege to Least Functionality. Least Functionality enhances the NIST Cyber Security Framework category of “Protect” with “Prevent” while also providing a Zero Trust policy enforcement point. Through a combination of finer grain segmentation, segregation, isolation, maintenance of kernel integrity, and denial of functionality, BedRock Systems stops attacks that others cannot. BedRock Systems’ virtual introspection and logging of events in the compute stack provides situational awareness and policy enforcement, complimenting SIEMs, Firewalls, Software Defined Networks (SDNs), and other ZT architecture elements.
Energy and Utilities Use Cases
Grid & Substation
Choose the Only Preventative Cyber Secure Solution. Use BedRock Systems to build a secure future for your power generation, transmission and distribution systems. Utilities across the U.S. are digitizing operations and enhancing the interconnectedness of their systems to gain efficiencies and include the growing demand for renewable resources. Due to these enhancements, cyberattacks on energy infrastructure are escalating in quantity and sophistication. Recent government mandates and executive orders are trying to address these growing problems. BedRock Systems helps proactively fight against attacks. BedRocking Industrial PCs in the COMM and Security panels would greatly help the locking down of each substation. BedRock Systems is collaborating with several Power Manufacturers to propose this IPC strategy.
BedRock Systems’ policy technology helps document cyber-attacks attempts and shares information with the existing SCADA system. Historically, the NIST Cybersecurity Framework (CSF) featured five core functions: Identify, Protect, Detect, Respond, and Recover.
Now, it is time for more focus on a sixth function: prevention mechanisms to counter the risk of zero-day exploits. The concept of least functionality does this on a broader basis, as a key characteristic of this mitigation strategy’s approach to ZT is preventing actions before they execute.
Safe & Secure Software-Defined Anything (SDx)
Software-defined is the future of infrastructure, bringing scalability and innovation to critical markets like utility and energy. Our bulletproof virtualization and separation software layer allows for innovation while under attack, with policy for communication and resources at the hypervisor level.
Secure Application Platform
Businesses across the energy and utilities sector are now producing apps to help customers manage consumption more efficiently. Unfortunately, web apps are a notorious target for cyber-attackers looking to exploit vulnerabilities and steal data. BedRock provides a secure platform for these applications, ensuring the privacy of user data.
Secure Cloud Infrastructure
The Commercial Facilities Sector includes a diverse range of sites that draw large crowds of people for shopping, business, entertainment, or lodging. These are based on the principles of public access, but are privately owned and operated. In order to reduce cost and better scale convenience functions, more and more automation and cloud based systems enter this market. At the same time, this also requires the applications to run securely and separately, while depending on communication.
Virtualization in the cloud and on the edge can reduce operational expenses and make information sharing easier. It also puts applications at risk of exposure if not executed with care. The BedRock Hypervisor enables organizations to run critical applications and securely store data on the cloud, even if cyber-attacks are attempted.
Secure Healthcare Cloud Infrastructure
More healthcare organizations are migrating their data to the cloud. While virtualization can reduce operational expenses and make information sharing easier, it also puts protected health information at risk of exposure if not executed with care. The BedRock Hypervisor enables healthcare organizations to run critical applications and securely store data on the cloud, even if cyber-attacks are attempted.
Secure Mobile Devices
As mobile devices become more commonly used in healthcare services, threats to protected health information increases. Security-conscious mobile devices can be built and maintained when based on the BedRock Hypervisor. We ensure that security, availability, and integrity are guaranteed, down to the resource partitioning of hardware devices involved in securing the different operating modes of the device.
Secure Edge-to-Cloud Virtualization
The transportation industry relies on edge computing to log data collection where connection to the cloud isn’t always possible. Trains, for example, have event recorders to log data that can be used to investigate accidents or explore operational efficiency. This information can then be sent to the cloud, when possible, to be stored or analyzed. BedRock Systems provides virtualization from edge to cloud, ensuring data is secure across infrastructure.
Secure PTC Backend Infrastructure
Positive Train Control (PTC) monitors and controls train movements to improve railway traffic, but it also creates a critical infrastructure cybersecurity risk. The BedRock Hypervisor provides an extra layer of protection for the PTC wireless communications network beyond existing encryption keys. This further minimizes the opportunity for malicious attack and theft of sensitive data.