Cyber Security

Metheus Control's security platform enables ICS engineers and security personnel to secure and control ICS networks by mapping all the controllers on the network, documenting their configuration, logging all activities and changes, and providing in-depth visibility into to their state. With real-time situational awareness effective security and change management policies can be applied to prevent unauthorized activities.

Metheus Control Prevents Operational Disruptions caused by Cyber Threats, Malicious Insiders and Human Error, by providing Visibility and Control to industrial networks. Provides situational awareness and real-time security for industrial control networks to ensure operational continuity and reliability.

Threats to Automation Controllers

  • Cyber Attacks (External Threats)
  • Targeted attacks
  • Collateral damage
  • Malicious Insiders (Insider Threat)
  • Disgruntled employees
  • Compromised IT devices
  • Human Error and Negligence
  • Unintentional mistakes
  • Insecure contractor equipment on site

Methods to protect Control Systems

Control Network Inspection (CNI)
Passive network activity monitoring. Data Plane activity (process parameters) and Control Plane activity (engineering activities)
Deep Packet Inspection for ICS networks
Deployed on mirror port or network tap
Full visibility into all OT activity, including vendor-specific IEC-61131 standard PLCs implementations
Comprehensive Audit Trail
Real-time security alerts for suspicious and unauthorized activities

Control-Plane Inspection (CPI)
Deep Packet Inspection for ICS networks
Full visibility into all OT activity
Real-time alerts on suspicious and unauthorized access to controllers
Comprehensive audit trail: Who,What,When,Where,How

Agentless Controller Validation (ACV)
Periodic validation of controller integrity of: State,Firmware,Control Logic,Settings & Configuration
Captures all changes performed locally
No impact on operations/performance
Benefits:
    Discovery
    Asset management
    Risk analysis
    Identify local changes
    Support backup and recovery

Major Incidents Happened in the past

  • Stuxnet (2010)
    Destroyed 20% of Iran's nuclear centrifuges
  • German Steel Plant Cyber Attack (2014)
    Second physical damage cyber attack reported in history
  • Dragonfly / BlackEnergy (2014)
    Over 250 ICS networks (Energy, Pharma, etc.) compromised
  • New York Water Dam (2015)
    Iranians hackers managing to get control of the flood gates
  • Ukraine Power Grid (2015, 2016)
    Large scale blackout’ as an act of Russian agression