Critical Infrastructure Security

Aug. 22, 2011
Integration of CoreTrace’s capabilities into Industrial Defender’s whitelisting host intrusion prevention system provides for stronger industrial and utility security.
This blog post may not be about “gear” in the physical sense, but it certainly is about “gear” in the virtual sense. And with real threats to automation security raising their heads in increasing numbers over the past few years, this virtual gear is every bit as necessary as the physical gear upon which the manufacturing and processing industries have so long relied.
The virtual gear I’m referring to here is a security process known as whitelisting. It differs from standard IT security practice in that, instead of searching for, locating and quarantining threats found on a system (based on continuously updated threat definitions), whitelisting is a process by which only pre-approved types of software can ever be loaded onto or used on a system. It’s a far simpler security process for systems that have to be on a network, as most modern manufacturing systems with Ethernet network connections and remote accessibility must be.
Now the critical infrastructure facilities, such as those in the global power, oil & gas, chemical and water markets, will have wider access to white listing security capabilities through a new licensing agreement between Industrial Defender (a provider of security and compliance management for automation systems) and CoreTrace (a provider of cross-platform application control and whitelisting software). Under the agreement Industrial Defender gains exclusive rights to deliver and further develop CoreTrace’s Bouncer 6-based host intrusion prevention system (HIPS) as part of its own HIPS capabilities.
Industrial Defender HIPS is whitelisting-based technology that enforces a limited “whitelist” of approved applications on each host system. By allowing only approved applications to execute, HIPS blocks all unauthorized applications. HIPS goes beyond “blacklist” technology by protecting against unknown and sophisticated attacks (e.g., rootkits, memory exploits and zero-day threats).

“Automation systems require security solutions that provide thorough protections against sophisticated attacks, including zero-day threats. At the same time, these systems have distinct requirements that many IT-centric security technologies, including anti-virus, fail to support,” said Brian Ahern, president and CEO at Industrial Defender. “This agreement provides our customers and partners, including ABB, GE Energy, Itron and Elster Solutions, with access to HIPS technology tailored specifically for industrial automation markets.” 

CoreTrace
www.coretrace.com

Industrial Defender
www.industrialdefender.com

About the Author

David Greenfield, editor in chief | Editor in Chief

David Greenfield joined Automation World in June 2011. Bringing a wealth of industry knowledge and media experience to his position, David’s contributions can be found in AW’s print and online editions and custom projects. Earlier in his career, David was Editorial Director of Design News at UBM Electronics, and prior to joining UBM, he was Editorial Director of Control Engineering at Reed Business Information, where he also worked on Manufacturing Business Technology as Publisher. 

Sponsored Recommendations

Optimize food production with SEW-EURODRIVE’s hygienic, energy-efficient automation and drive solutions for precision, reliability, and sustainability.
George Reed, with the help of Factory Technologies, was looking to further automate the processes at its quarries and make Ignition an organization-wide standard.
Goodnight Midstream chose Ignition because it could fulfill several requirements: data mining and business intelligence work on the system backend; powerful Linux-based edge deployments...
In the automation world, the Purdue Model (also known as the Purdue reference model, Purdue network model, ISA 95, or the Automation Pyramid) is a well-known architectural framework...