CONTACT US FOR A DEMO

Patented* MSi Platform

Superior Cyber Visibility AND Protection for Control Systems

Daniel Park, Mission Secure CTO, provides a brief overview of the patented* MSi Platform

Fully Integrated Platform
The rapidly evolving control system cyber security market falls into two camps: (i) start-up companies claiming to have the best IDS visibility via network monitoring or (ii) legacy firms offering basic feature, disconnected industrial firewalls. Neither offers a secure, network integrated, all-in-one platform. This leaves controls engineers, IT managers and defense program managers on their own to cobble together disparate systems from different manufacturers, overpay for software and hardware, installation, integration, maintenance let alone figure out who will do ongoing monitoring.

 

With MSi Platform 3.2 customers gain the comprehensive IDS visibility, network segmentation and controller protection, plus a whole lot more on a single platform that can be installed on premise or hosted in the MSi Cloud and monitored 24/7/365. MSi Platform 3.2 makes OT cyber security simple, even for the non-IT professional.

 

Purdue Control System Model and MSi Platform

Solution Levels

The Solution
The patented* MSi Platform — comprised of the MSi Console, MSi IDS, MSi 1 and MSi Sentinel — takes plant, facility and control system security to an unparalleled level with six points of action and awareness.

PROTECT – Restrict unauthorized access, block malware and ransomware from reaching important controllers and level 1 devices

MONITOR – Continual and secure, multi-layered system monitoring at network IP level and digital and analog signals

DETECT – Real-time analysis and automated incident detection

INFORM – Secure and dedicated communications systems with trusted system operators and cyber security professionals

COLLECT – System data from the digital and analog sensors and actuators, controllers and OT network for forensic purposes

CORRECT – Automated, or operator guided, response and restoration of mission and/or system function to a safe operating state

Patented* MSi Platform

The only control system cyber security solution providing VISIBILITY and PROTECTION in the operational technology environment down to level 0 devices. Operates with ANY control system hardware manufacturer or device.

Level 0-2 Protection

  • Passively and continuously monitor processes, controllers and OT network traffic from levels 0-2
  • Protect PLCs, SCADA, safety instrumented systems and other control systems in defense and transportation
  • Level 0-1 defense by validating operational processes at digital and analog signals, controllers and HMI
  • Visualize and manage security appliances from a unified console

Military Strength

Industrial grade

  • Tested in harsh, industrial environments
  • Multiple OT protocols (ModBus, OPC, CIP, UDP and more),
    Serial and Ethernet supported
  • Minus 20 to +85 degrees Celsius operating temperature
  • DIN rail mountable, 24 V DC and AC power, gigabit speed
  • Fail-safe
  • Conformal coating

Simple to Use

  • Combining visibility, machine learning, easy to install, "plug and play" security and protection, the MSi Platform can be deployed and managed by non-IT professionals.
  • MSi Platform costs less than competing industrial firewalls and OT monitoring solutions, all in a single platform.

“We endorse the MSi Platform as a solution any organization with control systems should strongly consider deploying to provide enhanced cyber security and protection of their control systems. We appreciate companies that take cyber security of their products seriously and open them up to this level of intense testing.”

Brett Scott
Director, AZ CWR

Patented* MSi Platform Four Main Components

MSi Console
Centralized management, monitoring and protection of control systems across all levels

  • Unified visibility across network monitoring and end point protections from level 0 to 2
  • Centrally manage configurations and settings for MSi security appliances, software and firmware updates
  • Investigate incidents and trouble shoot control system issues
  • Provide operator guided or automated corrective actions
  • Alert operators, engineers and security personnel of incidents
  • Collect and store OT network and end point data for trans and post attack forensics
  • Integrate easily with third party SIEM/SOC solutions
  • On-premise server based software installed on VM Ware or fully hosted and managed in MSi Cloud

 

MSi IDS
Continuous, passive OT network monitoring

  • Passively monitor OT traffic via span port or serial tap
  • No impact to operations
  • Troubleshoot OT networking issues
  • Deep packet inspection into OT protocols and automated blocking recommendations for MSi security devices
  • Provides real time event detection
  • Robust set of OT protocols (Modbus, CIP, OPC, UDP and more)
  • Collects OT network data including IP addresses, commands, configuration and state information
  • Identifies operational efficiencies and cost reduction from cleaning up excess network traffic
  • Enables remote trouble shooting to save “windshield time”
  • Price is a fraction of competing network monitoring solutions
  • Optional 24/7/365 monitoring service provided by Mission Secure

 

MSi 1
Protect Level 1 controllers and endpoint devices from cyber attacks

    Solution Levels
  • Embedded cyber security appliance installs in front of control system device
  • Operates independently, fully networked and integrated with the MSi Console for easy management, configuration and visibility
  • Protects PLCs, Safety instrumented Systems, Controllers and other devices from cyber attacks
  • Segment PCN into zones for IEC 62443 compliance
  • Segments safety instrumented systems for ISA 84 compliance and protects against Triton types of SIS attacks
  • Robust set of OT protocols (Modbus, CIP, OPC, UDP and more)
  • Mechanical fail open or closed capabilities
  • Blocks/restricts access to/from protected devices
  • Prevents unwanted commands from reaching controllers, limit certain commands
  • Blocks malware or ransomware
  • Prevents DDoS attacks
  • Monitors settings of protected devices
  • Adds optional multi factor authentication to access controllers
  • Adds encryption and VPN connections to/from protected devices
  • Remotely restores control devices to a “known good” state
  • Works with any hardware manufacturer or device
  • No adverse impact to operations
  • Minus 20 to +85 degrees Celsius operating temperature range
  • Superior functionality and costs 50% less than basic feature, disconnected industrial firewalls

This video demonstrates the impacts due to cyber attacks on protective relays and other Intelligent Electronic Devices (IEDs) which are widely deployed in the power industry and other industries. It also shows a cost-effective solution via the patented* MSi 1. This demonstration is not meant to single out any particular manufacturer or product. It is simply representative of control devices lacking inherent cyber security.

 

MSi Secure Sentinel
Visibility and protections down to Level 0 field devices

    Solution Levels
  • On-premise cyber security appliance installs between the controller and field instrumented devices
  • Provides true operational state and visibility by reading digital and analog signals, contoller set points/parameters and HMI
  • Vertical analysis to ensure key control system components are aligned, and have not been compromised
  • Compares multiple sensor readings (digital, analog, serial, ethernet) and determines actual system state
  • Detects cyber attacks, human error or mechanical failures that would go otherwise undetected
  • Built and tested to operate in diverse environments
  • Supports DIN rail mount, 32 I/0 per device and operates off of 24V DC
  • Minus 20 to plus 85 degrees Celsius operating temperature range
  • Securely monitors critical system functions
  • Provides automated or guided corrective action capabilities
  • No adverse impacts on system performance

This video demonstrates the impacts due to cyber attacks on a sample ICS system. It also shows a cost effective, easily integrated protection exists via the patented* MSi Secure Sentinel. This demonstration is not meant to single out any particular manufacturer or product. It is simply representative of the general state of ICS systems.