• Detecting Attacks for PSI control Systems

    » PSI and Rhebo cooperate to secure the energy supply


More than an IDS: monitoring and communication anomaly detection, designed for control systems

PSI is an authorized Rhebo partner. The Rhebo security solution goes beyond conventional intrusion detection (IDS) and provides continuous communication monitoring including powerful anomaly detection for industrial networks.

Since 2022, PSI has provided additional cyber security to its customers by cooperating with Rhebo, the German provider for industrial cyber security solutions.

Rhebo Industrial Protector is Rhebo's powerful monitoring solution which includes special anomaly detection for industrial networks. In realtime, this solution reports suspect communication within the networks which deviates from the expected, permitted and approved patterns. This enables security staff to quickly stop cyber attacks, to focus on and to correct erroneous configurations as well as technical errors in order to protect the energy supply.

The "Guideline for using systems for attack detection" by the Federal Office for Information Security (BSI) specifies clear requirements for an attack detection system for critical infrastructures according to the updated IT security law. Our partner Rhebo provides full support for planning and implementing your security system in time so that you can prove your cyber resiliency by May 1, 2023 and achieve attack detection level 3 or better for your system.

Rhebo Industrial Protector: OT Monitoring and Anomaly Detection

Rhebo Industrial Protector expands the existing firewall protection at the industrial network boundaries by integrating dedicated anomaly and attack detection inside the operational technology (OT). Innovative deep packet inspection analyzes individual communication packets down to the value level.

This allows reliable detection of any changes of commands and access levels in systems. Even successful attacks using vulnerabilities (in particular zero-day exploits), brute force attacks, insiders, backdoors, or stolen credentials can be detected early. Security staff for critical infrastructures are updated in realtime about every anomaly which indicates a security risk or a technical error in the OT.

In order to not affect the industrial processes, the security system monitors only passively and without any interference.

Concept for implementing attack detection and monitoring for Operational Technology and network control/telecontrol systems by Rhebo in your PSIcontrol system

The basic principle is the collection of detection-relevant data such as log entries, logs, subfilters, messages, malware, etc. Filtering these data requires an initial recording of the standard communication in order to create a filter baseline. Using this baseline, only those data are filtered which differ from the standard communication and therefore represent an anomaly or deviation. The filtered data are displayed on the Rhebo monitoring system and analyzed either immediately if the pattern is known, or later forensically by staff.

The PSI team assists our customers with the introduction, possibly required control system adaptations, and other aspects such as the documentation update.

Your contact

Marco Bachmann
Division Manager Marketing & Sales MSO

+49 6021 366-882 | +49 152 545 377 30

About Rhebo: OT Security made simple

Rhebo offers simple and effective cyber security solutions for network control, telecontrol, and industrial control systems as well as distributed plant locations for energy companies, critical infrastructures, and industrial corporations. The German company supports customers in every step related to OT security, starting with the initial risk analysis and ending with assist-ed OT monitoring including anomaly and attack detection.
Since 2021, Rhebo has been part of Landis+Gyr, a leading global provider for integrated energy management solutions for the energy industry with a staff of over 5,000 in more than 30 countries.

Rhebo is a partner of the Alliance for Cyber Security of the Federal Office for Information Security and of the TeleTrusT - IT Security Association Germany.

Photos: © agsandrew - StockAdobe.com; © Rhebo GmbH