Technology has moved on. ‘Self-contained’ electrical power control systems can no longer be considered isolated: most are now globally integrated, connecting with other corporate services. New levels of openness, combined with the pervasiveness of IT and Internet technologies in daily life (smart grids) leave these systems highly exposed, creating major challenges for the electric power sector. The risk of cyber-attack is greater than ever before, and security has shot up the agenda.
To meet these security challenges and more, we’ve adapted Kaspersky Industrial CyberSecurity (KICS) products for specifics of Energy sector.
KICS deployment in PRP/HSR networks
KICS for Energy provides:
- A support of power grid protocols IEC 60870-5-104, 60870-5-101, 61850 MMS GOOSE (ed. 1 and ed. 2), Modbus over TCP
- Deep Packet Inspection (DPI) functionality, including DPI of commands and DPI of tags. The flagged anomalous communications stream is visible on the payload-level
- Detection and reporting of known network attacks and anomalous behavior through:
- updatable database of IDS signatures of well-known network attacks
- proprietary technology of identifying low-level network anomalies such as TCP overlapping, IP fragmentation, ARP anomalies, etc.
- integration with network devices for real-time detection of protocol-specific anomalies such as GOOSE reply, spoof, DOS attacks, GOOSE misconfigurations, etc.
- A centralized monitoring and management capability through integration with a centralized management platform – Kaspersky Security Center (KSC)
- Integration to external security systems: syslog, SIEM, PACS, etc.
- Transmitting of overall security status over telemechanic protocol IEC 60870-5-104 and OPC DA 2.0
- An opportunity to choose a preferred industrial computing appliance vendor that the customer trust the most (Advantech, Siemens, MOXA, Schneider Electric, etc.) as soon as KICS is an appliance agnostic solution
- Because of that, a guarantee of any compliance including: 61850-3 62439-3, VDC 12-250 or VAC110-250 50 or 60 hz, power redundancy, etc.
International standard IEC 62443 3-3 defines system security requirements. KICS covers 6 out of 7 chapters with overall coverage rate is around 68%
KICS helps to cover the certain requirements of NIST Cybersecurity framework