Background

Nowadays most companies in the industrial sector have established a highly connected production infrastructure, in which production-related devices and equipments such as PLCs are interconnected to enhance productivity and cost-efficiency. This unprecedented connectedness is now referred as Industrial IoT (Internet of Things) and many enterprises in manufacturing, healthcare and utility generation have taken advantage of this technology. However, when mission-critical devices are connected to the Internet, this exposes vulnerability for potential intrusions. In fact, according to recent research, over 80% of the surveyed companies have realized the expenses for being hacked, and many of them had even experienced various types of cyber-threats.

For critical infrastructures with highly converged IT (information technology) and OT (operational technology) network, they need an IIoT-oriented security architecture that can offer the visibility and security across all IT and OT domains so that all the traffic through the protocols can be monitored and controlled.

Requirements

A global ICS (industrial control system) expert came to Lanner to co-develop an integrated IIoT security platform. They implement their asset monitoring software onto Lanner’s hardware platform to enable end-to-end visibility and automate security policies across the IT and OT devices connected in the entire ICS network. The IIoT security platform is designed with following technological features to empower cyber-threat intelligence and monitor abnormal behaviors of the connected devices.

  • IEC-61850-3 & IEEE 1613 Certifications

The environment in critical infrastructure is harsh, with unexpected ambient temperature or other external factors. Thus, deployments in such environment require IEC-61850-3/IEEE 1613 certifications to withstand the external environment impacts.

  • Wide operating temperature

Given the extreme temperature in critical infrastructure environment, the system must be able to operate at wide temperature range.

  • Advanced LAN Bypass

Fault-tolerant LAN traffic is essential in ICS communication in case failure occurs.

  • Dual power path

For equipment deployed in utility sector, reliable power supply is essential, and dual power path can offer even higher stability in OT domains.

  • Mini-PCIe module expansion

Network connectivity plays an integral role in the development of this IIoT security platform. With wireless network, asset visibility and threat management can be available for industrial IT management, and real-time SCADA monitoring allows quicker response towards anomalies.

  • Onboard TPM

A TPM-integrated hardware platform is capable of security features such as generating cryptographic keys, data encryption and hardware-rooted protection. Since TPM 2.0 is a hardware rooted mechanism, cryptographic processes can be accelerated instead of software-only programs.

Solution

Organizations that are looking to purchase a passive asset discovery solution should consider going with a hardware appliance for maximum ease of use and rapid deployment. That’s where Lanner Industrial Appliance comes in. This solution solves the visibility challenge for industrial organizations via continuous threat monitoring and advanced logging intelligence. The LEC-6041, which operates on the harshest industrial networks via the use of an extended operational temperature range and conformal coating.

In this collaboration, Lanner introduced LEC-6041 as the rugged hardware security platform to empower asset monitoring and visibility in harsh environments like critical infrastructures.

Lanner’s LEC-6041 is an optimal security platform designed to protect both IT and OT domains. LEC-6041 Series is empowered by Intel Atom x7-E3950 or x5-E3930 for low power consumption and high processing performance. As the next-generation security gateway for ICS SCADA, LEC-6041 possesses LAN bypass technology and TPM 2.0 onboard to ensure security and fault-tolerance. As a rugged firewall deployed in challenging environments, LEC-6041 is certified with IEC 61850-3 and IEEE 1613 certification, as well as 1.5 KV magnetic isolation protections for LAN port and 15KV ESD Protection for I/O ports. The system can operate in a wide range of operating temperature from -40°C to 70°C. With the hardware features discussed above, LEC-6041 can function as an optimized ICS security gateway for an IIoT architecture.

Featured Product


LEC-6041

IEC 61850-3 Wide Temperature ICS Cyber Security Gateway with Intel Atom CPU

CPU Intel Atom x7-E3950 or x5-E3930
Chipset SoC

Read more