VDAMP Methodology

Multidimensional Cyber Security Methodology for Critical Infrastructure

VDAMP Principle reflects CRITIFENCE vision to a stable, secure and survivable cyber defense methodology of physical processes in Critical Infrastructures, SCADA and Industrial Control Systems. CRITIFENCE is committed to ensure a stable methodology that consists from the most comprehensive cyber security perception to protect Critical Infrastructure, ICS and SCADA Systems, and the cyber security principles of: Visibility, Detection, Analysis, Management and Protection.

Visibility

OT Network Discovery (OND) and PLC Models Classification (PMC) Modules provide full visibility of ICS and SCADA hardware over the OT network, OT network topology, active hardware components and the relation between them in real time.

Detection

Anomaly Detection Engine (ADE) and Auto-Discover Module (ADM) allow detection of malicious activities and cyber-attacks over the OT network, and for passive detection of new guests devices and hardware equipment the OT network.

Analysis

Machine Learning module (MLM) collects OT network traffic and to analyzes the behavior of OT network and hardware equipment. Process Learning Engine (PLM) analyze process related commands, values and set points.

Management

Inventory Management Module (ILM) and the OT Cyber Security Policy Management (OTSPM) allow to manage OT network hardware and large-scale of SCADADome Agent appliances in order to manage and control cyber security policy in large and complex OT environments.

Protection

Detection of SCADA cyber-attack vectors. Detection of abnormal access and connectivity to target devices over the OT network. Detection of cyber-attacks tools and different behavioral patterns of other tools include scanners, fuzzers and enumeration tools.

Vulnerabilities & Threats Database
1570
IDS Signature Database
850
SCADA, ICS & IIoT Vendors
96
SCADA, ICS & IIoT Hardware Models
471

SCADADome Solution

Secure and Survivable Critical Infrastructure Cyber Defense

When Cyber Security Becomes Critical

Most of our Critical Infrastructure, factories and plants are managing and operating their processes through Supervisory Control and Data Acquisition (SCADA) systems. Originally, SCADA networks and systems were designed with no security under the assumption that they will stay disconnected from other corporate IT networks and from the Internet. Most SCADA protocols were never intended to be used on publicly accessible networks, and in some cases, not even on IP networks. With the growing connectivity of networks today, alongside the evolution of cyber threats, SCADA networks are exposed to cyber-attacks. These are hapening all over the world and are evolving exponentially. Criminals, anarchists, terrorists and state actors are targeting today's critical infrastructure and Industrial Control Systems (ICS).

Industrial process management

Nuclear power stations, Production, Chemical and power plants, Fabrication, Refining industries and more.

Infrastructure management

Electrical power transmission and distribution stations, Water pumping and waste treatment plants, Oil and gas processing facilities and more.

Industrial Facility management

Manufacturing, Large communication systems, Offices, Data centers, Control rooms and more.

Transportation Communication

Airports, Ports, Train-stations, Truck and vehicle fleets, Connected cars and more.

Secure and Survivable Critical Infrastructure Cyber Defense

Protecting critical infrastructure from cyber-attacks introduces unique challenges. The OT environments can be harsh and often use legacy systems and proprietary protocols. CRITIFENCE® SCADADome is a new generation of cyber security technology which monitors and controls OT networks passively through a server/agent architecture and enables remote sites connectivity. This cuƫng edge technology gives a multilayered defense to the OT networks. It is able to detect, to alert and to prevent both known and unknown or 0-day cyber-attacks, using different techniques such as machine-process learning and anomaly detection.

SCADADome Solution White Paper

Learn more about CRITIFENCE® Cyber Security Solution for Critical Infrastructure, SCADA and Industrial Control Systems.

Latest Vulnerability Disclosures

Cyber security threats and vulnerabilitites which discovered
by CRITIFENCE® Critical Infrastructure and SCADA/ICS Cyber Threats Research Group

The use cases identified demonstrate the ability to generate a freeze conditions on the HMI, that can lead to a denial of servicedue to incomplete error management of HTTP requestsin the Web Gate Server.

CVE-2016-8374e has been assigned to this vulnerability. Schneider Electric’s CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).f

Schneider Electric has become aware of a vulnerability. It impacts the Modicon family of PLCs, specifically when replaying run/stop and upload/download requests in the Modbus protocol commands. Because the vulnerability concerns the replay of run/stop and upload/download Modbus requests, it could potentially allow a malicious attacker to execute unwanted commands on the target PLC.

Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download. CVE-2017-6034 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been assigned; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)