Cybersecurity Challenges for Manufacturing and Industrial Plants
Manufacturing and industrial plants are becoming smarter and more efficient by connecting their Operational Technology (OT) devices and networks to their IT networks and the Internet. With this connectivity comes increased exposure to cyberattacks that can cripple a process control system, impair an automated assembly line, or even close an entire plant. These attacks can create health and safety issues for workers, impact productivity, damage capital equipment and create financial losses.
Unprotected OT networks can give hackers access to valuable data on connected IT networks or even be used to hold a company ‘hostage’ in return for a ransom. Cybersecurity monitoring solutions are important in manufacturing and industrial plants, but it is not enough. The controllers and devices need to be protected in real-time – authenticating all devices and safeguarding the data and commands used to manage plant operations.
DOME™ is a low-cost SaaS cybersecurity solution protecting the devices (and data) running at the edge of new and existing industrial automation and ICS networks. DOME creates a secure data tunnel over your existing network, authenticating every device, user, and command while encrypting and protecting your data from the outside world. Its ‘zero-touch’ installation program automates the difficult task of correctly installing new devices in your plant that require special security programming - saving time and money while avoiding expensive mistakes. DOME is a cost-effective platform that does not replace or compete with your currently installed process control and automation equipment. Instead, it complements it with the industry’s leading security technology.
DOME can secure thousands of connected devices, from PLCs and RTUs to sensors, actuators, and HMIs often found in a factory or processing plant. It cost-effectively ensures every device in your plant can be installed and managed with the security necessary to create a safe and trusted environment. DOME uses a Zero Trust framework that requires all devices to be mutually authenticated .
More than just monitoring, DOME stops cyber attacks before they happen.
Communications and Data are encrypted, reducing the ability for bad actors to learn about your network and operations.
No cybersecurity or IT skills are needed. DOME enables error-free deployment by regular maintenance and technician staff, minimizes resource requirements of high-cost cybersecurity experts.
DOME is a protocol-agnostic solution that supports any IP-based industrial protocol (PROFINET, EtherNet/IP, EtherCAT, Modbus TCP, etc.) and complements existing solutions working seamlessly across multiple vendors and devices.
DOME is crypto agile, supporting legacy and quantum-resistant cybersecurity, safeguarding an investment with long lifecycle protection.
Want to learn more?
System Diagram and Description
The DOME Server is a SaaS platform that provides a dashboard for device visibility, data logging, analytics, and alerts, and also provides a root-of-trust for every DOME device in a building.
- Communication Analytics
- Security Alerts
- Daily Status Email
DOME Interface Appliance
The DIA is the local management and authentication device that is located on the OT network and connects to the cloud-based DOME Server for reporting and credential management. The DIA connects locally to industrial controls that have the DOME Client software built-in, or to DOME Sentry devices that provide security for existing automation controls.
- Device management
- Credential management
- Zero Trust Authentication
- Data logging capture
The DOME Sentry is the security appliance that protects connected devices such as PLCs, RTUs, sensors, and actuators. DOME Sentry devices automatically authenticate to each other and create a secure tunnel that protects all messages, commands, and data.
- Blocks unauthenticated devices
- Encrypted communications
- Auto configuration
- Auto device discovery
- Local firewall (port/service block)
- Data logging
- Supports 1:1 and 1:many design