Since 2022, PSI has provided additional cyber security to its customers by cooperating with Rhebo, the German provider for industrial cyber security solutions.
Rhebo Industrial Protector is Rhebo's powerful monitoring solution which includes special anomaly detection for industrial networks. In realtime, this solution reports suspect communication within the networks which deviates from the expected, permitted and approved patterns. This enables security staff to quickly stop cyber attacks, to focus on and to correct erroneous configurations as well as technical errors in order to protect the energy supply.
Rhebo Industrial Protector expands the existing firewall protection at the industrial network boundaries by integrating dedicated anomaly and attack detection inside the operational technology (OT). Innovative deep packet inspection analyzes individual communication packets down to the value level.
This allows reliable detection of any changes of commands and access levels in systems. Even successful attacks using vulnerabilities (in particular zero-day exploits), brute force attacks, insiders, backdoors, or stolen credentials can be detected early. Security staff for critical infrastructures are updated in realtime about every anomaly which indicates a security risk or a technical error in the OT.
In order to not affect the industrial processes, the security system monitors only passively and without any interference.
The basic principle is the collection of detection-relevant data such as log entries, logs, subfilters, messages, malware, etc. Filtering these data requires an initial recording of the standard communication in order to create a filter baseline. Using this baseline, only those data are filtered which differ from the standard communication and therefore represent an anomaly or deviation. The filtered data are displayed on the Rhebo monitoring system and analyzed either immediately if the pattern is known, or later forensically by staff.
The PSI team assists our customers with the introduction, possibly required control system adaptations, and other aspects such as the documentation update.
Marco Bachmann
Division Manager Marketing & Sales MSO
+49 6021 366-882 | +49 152 545 377 30
mbachmann@psi.de
Rhebo offers simple and effective cyber security solutions for network control, telecontrol, and industrial control systems as well as distributed plant locations for energy companies, critical infrastructures, and industrial corporations. The German company supports customers in every step related to OT security, starting with the initial risk analysis and ending with assist-ed OT monitoring including anomaly and attack detection.
Since 2021, Rhebo has been part of Landis+Gyr, a leading global provider for integrated energy management solutions for the energy industry with a staff of over 5,000 in more than 30 countries.
Rhebo is a partner of the Alliance for Cyber Security of the Federal Office for Information Security and of the TeleTrusT - IT Security Association Germany.
Photos: © agsandrew - StockAdobe.com; © Rhebo GmbH