SOLUTION

Aperio's solution ensures Sensor Data Integrity for critical infrastructures and large-scale Industrial facilities.

Using sophisticated machine-learning algorithms that learn the characteristics of each individual sensor signal, Aperio dynamically detect in real-time malicious sensor data manipulation, and faulty or misconfigured sensors.

Aperio seamlessly integrates into existing systems with minimal setup and works alongside OSIsoft and other industry-standard vendors.

Aperio is the only technology with credible capability of preventing a large scale, destructive cyber-attack after attackers have gained access to the OT network. In recent years, attackers have successfully breached critical infrastructure networks numerous times and it is safe to assume that such incidents will increase dramatically in the coming years.

Aperio adds a powerful layer of security to industrial systems. Once deployed, it connects to all the sensors in a SCADA environment and in a short time, is able to detect even the most subtle data anomalies. If these anomalies are not addressed in a timely manner, they have the potential to cause loss of life and catastrophic damage.

KEY CONCEPTS

...
RESILIENCE
FOR INDUSTRIAL SYSTEMS
...
FINGERPRINTING
PHYSICAL SIGNALS
...
DATA FORGERY
DETECTION AND LOCALIZATION
...
SENSOR MALFUNCTION
DETECTION AND LOCALIZATION
 

DATA FORGERY PROTECTION

Any physical device and process has a unique fingerprint, due to its particular history and features. This fingerprint is manifested within the exact fluctuations of reported signals, in the physical micro-noise, in the unique behaviour while the system is within a certain mode of operation. The physical patterns and fingerprints are present in every sub-system - from single sensor data all the way up to the whole plant manufacturing process. Using advanced proprietary algorithms, machine learning and signal processing, our patent-pending Cyber-Fingerprint™ tracks these unique fingerprints and verifies that the physical signal from each device is authentic, and has not been manipulated.

Once a subset of signals is identified to be forged, Aperio system identified the location of the forged signals, and provide actionable recommendations to address the attack.

The product uses as input historian data (e.g. from PI/historian, the predominant market leader), static databases or lab measurements. Its output is displayed on a dashboard, while generating alarms in various medias. The output Integrates into the SIEM system, (Security Information and Event Management System).

Aperio assumes that persistent attackers with the right skillset and resources will eventually find a way to bypass network security measures and gain unauthorised access to the OT network of an industrial system. After gaining access, an intruders' ability to carry out a devastating attack on physical assets relies on remaining undetected through the forgery of sensor data. This technique leaves the operators blind to the true state of the system so they can't take preventative measures during an attack.

Aperio's propriety algorithms ensure the integrity of sensor data at all times and safeguards against devastating attack during this 'worst case scenario'.

 

SENSOR FAULT DETECTION

The data gathered by sensors and control system during operations, is used to understand the health of the process and the associated equipment. These data streams, known as “time-series data” are collected at specific frequencies, often at second or sub-second intervals.

Historically, business stakeholders have not had real-time access to this data and have instead made decisions based on outdated data (a day, month, or even a quarter old data). The result can be a reactive approach to managing operations. Integrating operational data into business systems in real time provides the opportunity to see emerging issues and address them as they occur, greatly reducing the risk of extended downtime and associated loss of revenue. It can also help the business optimize processes for more efficient and productive day-to-day operations.

Leveraging its access to operational data and its algorithmic capabilities, we found out that our software can also enhance the operator's state awareness and monitoring capability by detecting broken or faulty sensors - a daily problem in many plants that disrupts production and has already caused devastating damage and human casualties. By doing so, we not only provide resilience against severe cyber attacks, but also improves the day-to-day safety and productivity of the plant. The technological challenge is immense - are these abrupt changes we detect authentic, or indicate data quality issues. No real-time and adaptive implementation of such protection exists. Aperio is the first to crack this technological challenge dynamically, in real time and in proving the event is indeed a sensor malfunction at very high level of confidence.

Our Data Quality product detects events such as faulty, misconfigured, or out of range sensors, capabilities that are definitely needed, reducing maintenance cost and improving performance. The installation of our product for data quality purposes allows to prove the value of the system on a day-to-day basis, and raise the client’s confidence. At this stage, and as the security needs for the OTs become more prevalent, we are in a good position to discuss the security capabilities of our system.

Our unique solution provides real time alerts for discovery of Sensor Data Quality issues is based on different Machine Learning engines:

  • Flat Line: Identify a constant signal for an abnormal duration, relative to the history.
  • Bad Values: Discover abnormal error concentration for a channel, per the PI server definition of questionable value.
  • Out Of Range: Find extreme values relative to the history. The target of the engine is to find signs of potential damage to the client’s equipment, resulted from any reason.
  • Abrupt Changes: Identify abrupt and unexpected changes in channels, relative to the history.
  • Noise Changes: Identify noise changes relative to the history. Different signals have different noise properties from each other and at different mean levels. This engine approach this problem from the energy of the noise aspect.
  • Correlation :Identify changes in multi channels correlation level overtime, relative to the history

The product includes an interactive interface, allowing to filter events according to diverse criteria, such as the sensor’s name, measurement unit, or the type of event that was detected by Aperio engines.

With a variety of interactive metrics, the product makes it easy to understand the root cause of sensors failures.

Faulty sensors can be detected easily and in a short time, avoiding costly interventions due to a sensor malfunction that is detected too late.

HOW IT WORKS

...
Physical sensors respond to physical laws
...
Aperio translates these physical laws into mathematical & data models
...
Aperio learns the history of every sensor individually
...
Aperio focuses on the physics behind processes– using AI to achieve unique fingerprints for every measurement
...
Aperio guarantees the integrity of operational data

Aperio passively plugs into the plant’s historian server (product like Pi System, Wonderware, eDNA and others ) and collects data from it. Historian servers have built-in capabilities for allowing external analytics products to access the plant’s production data and are deployed in the vast majority of industrial facilities around the world.

APERIO integrates into existing SIEM, monitoring and security systems. In addition, APERIO provides an alternative dashboard for presenting the ground truth of the physical situation.

Based on containerized software architecture (Docker), Aperio system can be deployed on premise or through any major Cloud solution (AWS, Azure, Google).

TECHNOLOGY PARTNERS