An important solution has been developed by INTEGRASYS to protect critical infrastructures from potential cyber-attacks. The solution is FWSEC.
Currently, securing supply chains against imminent cyber-attacks has become a challenge, especially in Europe. The battlefield extends to the online field, that is the engine of the current intelligence.
Nothing is impossible to hack, however, new technologies enable much faster recovery of the hacked assets, FWSEC in milliseconds. INTEGRASYS’ FWSEC solution is used for the firmware protection of connected sensors operating in Critical Infrastructures. It detects, stops and reports malicious tampering attempts which may be a potential threat to the security of the affected sensors and also scales up the threat towards the full system through the network infrastructure.
The solution is based on three main pillars:
- a firmware management server including remote management capabilities
- a TPM module at the sensor platform providing crypto functions and secure storage
- an external tamper-proof private blockchain used as an additional security layer leveraging time-based integrity of digital assets
If the Firmware is not reliable FWSEC automatically goes back to a safe state with a digital coded footprint. This is achieved as the sensors firmware includes a firmware management agent that implements — in cooperation when needed with a counterpart at server-side- security-at-rest, security-in-transit and security-in-use procedures built with sound-security-by-design standards.
Such procedures allow for full-lifecycle management of firmware assets, including developer signing, sensor onboarding, remote update/attestation, cryptographic key management, and sensor offloading, integrating properly with existing customers’ PKI services. The security of remote procedures is enforced by multiple layers including state-of-the-art link-level, network-level and application-level security complemented with additional blockchain-based and multi-link out-of-channel functions.
The security approach of the FWSEC solution allows for configurable checkpoints of the firmware integrity based on user-defined policies, preventing, and minimizing the impact of potential cybersecurity attacks. By setting the focus on highly robust, secure, and available firmware update procedures, FWSEC provides the ability to return very quickly to a safe state if other system security functions such as firewalling fails to stop an attack as well as to verify at any time that the node status is safe.
Over the past months this technology has proven to provide successful protection of data centers, and remote assets for major European Telco Providers.
FWCSEC works well with other INTEGRASYS cybersecurity products’ portfolio, such as RANMONITOR (Hacking Cell Tower Protection), and CLEANRF (Interference Cancellator).