Over the past few years, headlines have highlighted the many hacker attempts on power grid systems and other utility plants across the world, from Iran to Ukraine. There have even been reports indicating that entities may be gaining a foothold within the U.S. power grids.
These network breaches can have serious consequences, from data theft to infrastructure failure and power blackouts.
Why are these utility plants particularly vulnerable?
Water treatment plants and power grids often run on legacy operating systems that remain unpatched due to fears of bringing down the whole system.
Raheem Beyah, Ph.D and David Formby, Ph.D. began to look into this critical vulnerability in the country’s industrial control systems through their cybersecurity-focused research at Georgia Tech. Beyah and Formby spoke to many utility owners and manufacturing plants to review challenges and weak points.
“Through these visits, we realized through conversations that there weren’t any good practical solutions out in the market, from a security perspective, to detect and prevent incidents,” says Beyah.
“That got us thinking about being more strategic about this research in my lab.”
The duo co-founded Fortiphyd to help utility owners and manufacturers monitor and secure their systems from anomalous, potentially-threatening behavior.
Fortiphyd offers a two-pronged solution that works together to monitor system intrusions from both the network and host perspectives.
The first, ControlWatch, functions similar to IT monitoring security systems. It runs in the background to passively monitor network traffic in the utility plant and detect any anomalies or malicious behaviors.
Beyah says that while this may look similar to other products on the market, when supplemented with their other product LogicGuard, they provide a full security approach that is more robust than any competitor.
While ControlWatch watches the network for malicious behavior, LogicGuard watches the host.
Utility and manufacturing plants operate with digital computers called PLCs, or programmable logic controllers. These are the same type of computers that operate assembly lines or robotic devices.
LogicGuard uses diagnostic information coming from the utility plant’s existing software as security monitoring data points. It monitors any anomalies within the PLC, including remote or insider attacks, and alerts the plant manager if it sees anything suspicious. A dashboard provides a high view of the plant and allows for reporting.
Beyah reiterates that another vital component of security is employee education. Fortiphyd also offers a virtual simulation system as a way for customers to launch test attacks to train employees on a regular basis.
Fortiphyd is currently undertaking pilots with a distribution facility and several manufacturing plants, and recently wrapped up a pilot at a power generation plant. They also have several contracts with the U.S. Air Force.
The Atlanta-based startup closed an undisclosed seed investment in late 2018 to focus on product development and fulfilling current contracts. Beyah shares that they will be pushing for increased customer acquisition by late summer, following the conclusion of their pilots.