PLC backplane analyzer for field forensics and intrusion detection
The various technologies presented herein relate to the determination of unexpected and/or malicious activity occurring between components communicatively coupled across a backplane. Control data, etc., can be intercepted at a backplane where the backplane facilitates communication between a controller and at least one device in an automation process. During interception of the control data, etc., a copy of the control data can be made, e.g., the original control data can be replicated to generate a copy of the original control data. The original control data can continue on to its destination, while the control data copy can be forwarded to an analyzer system to determine whether the control data contains a data anomaly. The content of the copy of the control data can be compared with a previously captured baseline data content, where the baseline data can be captured for a same operational state as the subsequently captured control data.
- Research Organization:
- Sandia National Lab. (SNL-NM), Albuquerque, NM (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC04-94AL85000
- Assignee:
- Sandia Corporation (Albuquerque, NM)
- Patent Number(s):
- 9,032,522
- Application Number:
- 13/947,887
- OSTI ID:
- 1179220
- Resource Relation:
- Patent File Date: 2013 Jul 22
- Country of Publication:
- United States
- Language:
- English
The real story of stuxnet
|
journal | March 2013 |
Transparent bridging and routing in an industrial automation environment
|
patent | December 2010 |
Similar Records
Memory forensic analysis of a programmable logic controller in industrial control systems
Review of Intrusion Detection Methods and Tools for Distributed Energy Resources