Advanced Cyber Defense Controller

Bedrock Open Secure Automation (OSATM) firmware includes intrinsic Anomaly Detection (AD) and will be available as standard integrated functionality that continuously monitors the controller’s network and system time to detect intrusions and anomalous behavior.

Bedrock Anomaly Detection includes the following functionality:

• Dynamic Port Connection Monitoring records all attempts to connect any controller or communication point and captures identifying information on the intruder.
• Network Port Scanning, which detects if hackers are scanning for open ports that might provide access to the control network
• System Time Monitoring detects attempts to manipulate log files to conceal malicious activity.
• Cryptographic Controller Engineering Key Lock permits only users with valid user credentials to change the configuration and operation mode of the controller, and records all access.
• Intrusion Event Logging records all detected anomalies and reports them to SCADA  software through OPC UA and standard database access for historian, alarming, and trending functions.
• Tri-color status LED provides indication locally whenever an intrusion is detected.

Anomalous behavior detected at the controller level signifies a high likelihood of a cybersecurity event. Embedding detection into the controller provides advanced cyber defense while reducing complexity and lifecycle cost. Bedrock AD will be standard on all Bedrock systems and is available as a free firmware upgrade to installed systems as part of Cybershield 3.0 in March 2018.