Demonstrators

authUSB safeDoor is a hardware device that acts as a barrier between USB drives and an organisation’s equipment, identifying threats at three levels:

1. Electrical: identifying and stopping UsbKiller-type destructive oversurge attacks.
2. Hardware: detecting and deactivating attacks from the BadUsb family, HID attacks (rubber ducky and the like), false network cards, composite interfaces, etc.
3. Software: integrated antivirus that does an analysis prior to the download of any contents.

Wind turbine components are designed to last for 20 years. This means they must withstand more than 120,000 hours of operation, often under extreme weather conditions. The more the digitalisation, the more the security risks. The large wind turbines are equipped with various OT/IoT safety devices and technologies that guarantee safe operation during their useful life (Sensors, Rotor blades, Runaway protection, Aerodynamic brake system, Mechanical brake system, orientation mechanisms, power control, anti-fall devices, etc.)

Real time Cybersecurity and Comprehensive Security monitoring system with a connection to CRA/iSOC.

The demo presents the complete deployment of a smart threat detection service for IoT based on:

• Honeypot intelligence capturing based on real cyber-attacks.
• Threat Detector analysis of IoT device traffic taking advantage of Honeypot intelligence.
• SOC Response tools for security operations.

The demo consists of three steps:

1. Step 1: Holistic view of the security environment.
2. Step 2: Access to Honeypot and sample of detected cyber-attacks.
3. Step 3: IoT End 2 End Attack and threat detection.

It is a demonstrator that simulates a utility (power grid or water treatment plant) on which cyber-attacks will be carried out to show its vulnerabilities.

Enigmedia's Mercury solution will be applied transparently to this demonstrator and will show its ability to stop and detect these cyber-attacks..

ORBIS is a tool to support the arrival of Industry 4.0 in manufacturing sector companies and therefore improving operational excellence. To do that, ORBIS combines classic methodologies, such as Lean Six Sigma, with the most innovative features at the ICT level, applying Internet of Things technologies for flexible data capture in the plant and the integration of OT/IT networks, Big Data architectures for the efficient management of generated data and advanced data analysis techniques for knowledge extraction and helping decision making. All this done with a modular and highly flexible design that makes it possible to adapt the tool’s features to the needs of the client.

SANTI consists of an industrial network device that is responsible for:

• Inventory of assets connected to the plant’s network
• Network activity data collection
• Application of complex rules on factory activity to protect it from cyber attacks

It will demonstrate how Adaptive Digital Defense is able to quantify and qualify all assets connected to an OT environment and how it can establish the dependencies that exist between the assets. The organisation is offered a continuous logical view of the environment, as well as a simple static photo.

The demonstration will show how organisations can manage assets, assigning specific variables to incorporate the organisational logic. For example, label assets by control levels. That is why an organisation establishes zones and conduits according to IEC IEC6443-3-2.

With this information an operational process from the console can be graphically visualised.

The model is intended to represent type and specific scenarios of industrial environments likely to face malicious or involuntary actions, where the operations may be affected. It is made up of a set of both physical and virtual equipment and systems, in order to carry out different demonstrations and approximations of protection on a case-by-case basis.

When the perimeter security is non-existent, insufficient or fails, the combined probe and intrahoneypot solution is the way to detect attacks internally. Adaptable to both IT and OT (industrial) and domestic (IoT) environments. Users will be able to manage, review, program alarms in a centralised way in case of possible internal attacks or strange traffic.

The demonstrator consists of a Raspberry Pi device pretending to be a RTU (Remote Terminal Unit) type device, with an agent that monitors the status of several files that change when a user logs into the system and sends the hash of those files to a Blockchain.

The Smart Contracts of that Blockchain compare the hashes received with the ones it has stored and reports if there has been a modification, which makes it possible to quickly detect intrusions. If the user can access the RTU, a green and red LED lights up in case of unauthorised access.