Subscribe to be notified for updates: RSS Feed

Matt Cowell

Director of Industrial Markets, Ultra Electronics

With 15-plus years of experience in ICS and OT, Mr. Cowell is accomplished in automation cybersecurity for the energy and government markets. He has completed accreditation programs that include the Control Systems Security Program of the Department of Homeland Security in Idaho. He holds engineering and electronics degrees.

Deep Packet Inspection for Complete ICS Operational Awareness

Industrial Control Systems Cyber Security

Abstract: The newest standards to comprehensively protect ICS and SCADA systems today demand a secure design that locks down vulnerability-prone endpoints that are impervious to firewall protection.

Most who work in ICS are well aware of deep packet inspection (DPI), and recognize the technology's usefulness in countering malware and cyber-attacks. DPI provides visibility into, and greater control over, the critical commands and values shared between the devices and networks that drive a control system's overall operation.

Effective ICS security requires intelligent anomaly detection to holistically discern deviations from normal that include application-level details. A DPI solution is needed that is equipped to provide comprehensive operational awareness necessary for fully secured, safe and reliable network performance. DPI can supports this by providing visibility and controls for the critical operations shared between and among devices, networks and machines that direct ICS operations. It must fully parse and "understand" the protocols used for this communication, and with no impact to system performance.

This 15-minute presentation will highlight how DPI functionality can provide enhanced visibility to fill the voids left by existing ICS devices and technology. Participants will learn how this technology can be used, with relative ease, to enforce an application whitelisting policy that protects embedded devices at the network layer. We will also discuss how it can enhance network visibility for external software-based anomaly detection tools.

Copyright 2016 DMS Global - Design by DMS Cybernation