Imagine your city’s critical infrastructure is the target of a cyber-attack. Food and water become scarce, and commerce from every sector is interrupted. From power grid strikes to water treatment system mishaps, the impacts are undeniably real. It’s the reason the U.S. government has plans in place to safeguard the nation’s cybersecurity for its critical infrastructure.
BAE Systems has been answering the call for increased cybersecurity for assets like the power grid, water supply, transportation systems, and telecommunications networks for years. The company’s operating systems are built from the ground up with security as the core focus, providing protection to customers’ servers that cannot afford downtime. As organizations have increased their reliance on automation and remote monitoring to operate systems, they become more vulnerable.
“Our ‘defense in depth architecture,’ is unique in the world of industrial controls,” said Doug Steil, senior director of cybersecurity products for BAE Systems. “It is designed to the standards of the regulatory agencies that monitor our critical infrastructure, rather than an off-the-shelf product that may not have core development with this security baked in.”
BAE Systems cybersecurity solutions:
- With the BAE Systems’ XTS® Diode, an organization can transmit data from its Industrial Control System to its corporate network with complete assurance that no data will flow from the customer’s network back to a control network, such as the internet. Allowing the information to flow only one way dramatically increases security. When anti-virus and content filtering are included in the solution, added protection is gained against the possibility of malicious content reaching a corporate system. BAE Systems’ XTS® Guard and XTS Diode® solutions are used to protect critical components against zero-day attacks, or recently identified security vulnerabilities, by filtering not on signature, but on compliance of data passed to industrial control components.
- The field programmable gate array-based (FPGA) solutions, such as Secure Network Bridge and Secure Import and Secure Export Gateways, also enable data transfers in multiple directions and across domains with the same high level of assurance and filtering and sanitization capabilities.
- The STOP Operating System provides critical protection to servers with closely controlled source code, free of the vulnerabilities of open source databases. The STOP system has not required a security patch in its more than 30-year history of deployment, meaning systems that cannot tolerate downtime can greatly benefit from this product. With its Linux-like user interface, it also alleviates the requirement for engineers with specialized training, minimizing the need for unique components and increasing the security of the architecture.
In recent years, the number of cyber-attacks on city and state governments has increased, impacting vulnerable infrastructure elements like power grids and water systems, hospitals, research facilities, and a range of private industry targets.
“The XTS Guard and XTS Diode, as well as our FPGA-based Cross Domain Solutions (CDS), have been hardened for industrial applications,” said Steil. “It’s a crucial step in mitigating attacks on large and complex systems, especially for aging industrial machinery.”
BAE Systems’ cybersecurity product family is focused on the protection and defense of information, and is a resource for critical national infrastructure systems. The company’s products work with third party deep content inspection and sanitization tools such as Glasswall, Purifile, and Oracle Clean Content to further bolster security.
With a range of capabilities, BAE Systems helps protect the world’s most sensitive control systems and defend the most vital national assets, which is more important now than ever before.
If you’d like to work on systems that secure our nation’s most critical industrial assets, check BAE Systems’ Careers website today.