Power Conversion - Security Suite

ICS Security Suite

Resilient and Scalable Industrial Control System Security Appliance

Power Conversion provides a comprehensive cybersecurity management suite that can be deployed on a virtual environment or on its cybersecurity appliance built with a CIS Compliant Windows 10 installation.

This enables customers to meet industry standards and regulations to ISA/IEC 62443 or other regional regulations such as US DODI 8510-01 risk management framework or the French Gov ANSSI.

Standard Power Conversion Security software

ICSArmor - A dedicated Security Appliance, enabling defence-in-depth across the Power Conversion control system. Enabling system compliance with IEC 62443 4-2 3-3 and IEC 62351-8, ICSArmor gives owners and operators easy access to Power Conversion’s security toolchain. ICSArmor provides an intuitive and secure interface to host and utilize Power Conversion’s security toolchain and optional, embedded third party software.

ICS Security Management Suite with SYSLOG - ICS Security Management Suite provides a central system authentication server to manage users across the Power Conversion OT network, in accordance with IEC 62351-8. ICS Security Management Suite deploys and manages system trust certificates using a PKI with an optional customer-provided root CA. ICS SYSLOG, in accordance with RFC 5424, collates and stores OT network SYSLOGs with the ability to integrate with a third party SIEM.

ICSGuard - ICSGuard is a unique patented and integrated health and security monitor for your controller, equipped with machine learning capabilities. ICSGuard serves as a host intrusion detection system (HIDS) in accordance with NIST 800-94. ICSGuard utilizes the various HPCi diagnostic pointers and virtual sensors for monitoring controller behavior during operation. For HMI workstations the MITRE ATT&CK framework is used in combination with Windows OS security event logs to detect threats and anomalies. Upon detection of abnormal events, ICSGuard will then alert the operators.

Customer challenges

Secure host platform for both GE Vernova and non-GE Vernova security tools. ICSArmor provides a consolidated dashboard with optional RAID 1 or VM hosting for resiliency to quickly assess OT network health and provision user accounts as a system SecAdmin.

System security orchestrator, enabling user account provisioning in accordance with RBAC, ensuring no single username or password is re-used. Provisioning and management of PKI and facilitating machine to machine trust with embedded SYSLOG.

What is the customer value-added?

Control system compliance to IEC 62443 3-3 and asset compliance to IEC 62443 4-2.

Contributes to defence-in-depth adding protection on the user and machine communication layers, featuring security monitoring of HPCI and HMI devices.

Features

ICSArmor is a secure host that can be deployed either on a GE Vernova industrialized RXi2 controller with optional RAID 1 disk configuration. Alternatively, it can be deployed in a virtual machine. During installation ICSArmor is hardening using the CIS Benchmark L1 or L2 plus high STIG compliance, with Windows Defender activated by default. ICS Security Management Suite with SYSLOG and ICSGuard are hosted within the ICSArmor container.

Benefits

ICSArmor

Host for Power Conversion’s security toolchain
Hardware-agnostic, able to be deployed on virtual machine
Multiple deployment architectures including RAID 1 for data resilience and backup
Simple setup process with optional CIS benchmark compliant OS configuration
Optional High Windows STIG compliance during installation
Secure host for third party applications supporting full control system security compliance
Patching options available
Optional firewall to provide network segmentation
Full service and support package available

ICS Security Management Suite

Role-based access control
Account profile administration
Password strength definition
FIPS 140-2 compliant encryption algorithms
Windows HMI credential management
Option to integrate other applications and devices
2-Factor authentication
Microsoft Active Directory LDAP proxy

ICS SYSLOG

User log-in events to control system devices
Incorrect password or failed login attempts
User profile creation/ updates
Device configuration or re-configuration logs
Device security status
Windows event log import/ extraction (security events only)
ICSGuard security events
Integration with third party SIEM

ICSGuard

Easy to use dashboard to view and action alerts in real time with alarm list in accordance with ISA/IEC 18.2
Patented machine learning (ML) to detect HPCI controller and workstation anomalies using virtual sensors (ICSAgent) deployed in the monitored assets
Machine learning dashboard to view the performance of the ML models
Executive report generation for system cyber administrators to view all detected events and anomalies
Integrates directly with Power Conversions ICS SYSLOG and 3^rd party SIEM solutions
Continuous threat detection using Sigma rules and MITRE ATT&CK frameworks

Technical data

Meets the seven foundational requirements of ISA/IEC 62443
Developed following ISA/IEC 62443-4-1 SDLC/ SDLA
RBAC to IEC 62351-8
Built on CIS Benchmark or High STIG compliance
Assists with NIS2 & NERC CIP compliance
SYSLOG in accordance with RFC 5424
HIDS in accordance with NIST 800-94 using Sigma rules and MITRE ATT&CK framework along with patented machine learning

Overview

Life cycle management

Spare Parts

Contact Center

Contracts

Digital & Cyber Services

Training

Services support for the wind industry

Power Conversion resources

Meet our Leadership Team

Power Conversion resources

Save the date

A world-class compliance culture

Inclusion & Diversity

Join the team

Industries

Marine

Oil & Gas

Power Generation

Power Quality

Microgrids

Hydro

Metals

Mining

Research & Test

Alternative Fuels

Solutions

Marine

Oil & Gas

Industry

Services