Historically known for its interoperability solutions, JPS today announced IronGate, the company’s first cybersecurity offering that is designed to prevent hackers from launching cyberattacks against the industrial-control systems that are crucial to the operations of critical infrastructure such as utilities and military facilities.
JPS President Todd Dixon said his company developed IronGate by addressing the well-chronicled cybersecurity problem for critical infrastructure in a unique manner compared to other firms in the sector.
“Our approach is a little different,” Dixon said during an interview with IWCE’s Urgent Communications. “I would say that 99% of the solutions out there are focused on, ‘How do I find a problem, and how do I deal with it after it’s happened?’ Our solution is intent on stopping the problem from ever happening in the first place. That’s where we separate ourselves from the competition.”
“Essentially, where there are industrial controls—and that can be a water facility, wastewater facility, electric system, dams and any commercial equipment that you don’t want to be hacked—this will help avoid that from happening.”
Designed to work with existing supervisory control and data acquisition (SCADA) systems and equipment, IronGate leverages both hardware and software to establish a secure method for the home office of critical-infrastructure entity to communicate with sensors in the field and vice versa (see network diagram above), Dixon said.
In a typical scenario, a JPS Irongate core server would be located at the home office and could be connected to 50 or more IronGate edge devices, each of which would be linked to as many as 100 sensors, according to Dixon.
“The JPS Irongate edge sits out at the site, where the protection is needed,” he said. We put a box in an electric substation, and we connect the items that we don’t want people to [hack] into that box.
“So, what we’re really providing is an absolutely secure connection—between the home office and those sites—that locks the hackers out.”
Dixon said he believe the IronGate approach is superior to the existing technologies employed commonly in the sector.
“Today, people use VPN networks,” Dixon said. “As long as the network is set up perfectly, you’re OK, until someone inside give a key away. If it’s not set up perfectly, once they get into your system, they’re into your entire system—e-mail, finance systems, etc.
“In our cast, even if hackers somehow were able to breach the system, they wouldn’t be able to go past the server at the core. It would never make it back into the regular system.”
At the heart of the IronGate system is a single key that customers will need to guard closely, Dixon said.
“There is a single key that we provide after the system is locked down,” Dixon said. “We ask them to take it and physically put it into a safe.
“For example, if one of our edge units were to fail for whatever reason, they’re going to need to replace it. They will need that [key] to replace it or to make updates. So that, in itself, has its own security to protect the system from people getting into it.”
That applies to all people, including those who work for JPS, Dixon said.
“The other thing that people ask us is, ‘Well, JPS can get into it, right?’ The answer is, ‘No, we can’t,’” Dixon …….