SerialTap Means Security

Level 0,1 Protection for Legacy Infrastructure

SerialTap brings a new layer of security to older industrial control systems. As its name suggests, this patented sensor passively taps directly into serial communication systems, monitoring network traffic and watching for control signal anomalies that would indicate a cyberattack.

Operating Principles

SerialTap is a new hardware device that seamlessly installs in supervisory control and data acquisition (SCADA) and other legacy control systems. Once installed on the network, SerialTap intercepts communications between various field devices and controllers. It then transforms the intercepted serial communications data into a TCP data packet, which it sends out via the device’s integrated Ethernet port. The device operates like a traditional network tap or a mirrored port on a managed switch; SerialTap makes it appear that data from communicating devices is forwarded out of the Ethernet port. SerialTap features a powerful embedded computer, which parses and transforms the serial data passively—without adding any computational overhead or failure points to critical communication networks. Data sent out via the Ethernet port can be analyzed using third-party network security tools or Cynash’s proprietary analytics engine, which combines a set of biomimetic and machine-learning technologies to identify emergent security threats.

Electrical Design

As a passive network sensing device, SerialTap fully and reliably isolates its signal from the control network's serial communications. SerialTap’s electrical design employs well-understood charge pump circuitry and proprietary driver-receiver technology to intercept serial communication signals without affecting the integrity or strength of those signals on the control network. For more details about SerialTap’s electrical design, please contact us.

Applications

SCADA and other types of legacy control systems that use serial communications extensively can be found in many settings, including:

Electrical power generation, distribution and transmission facilities
Railway and mass rapid transit systems
Refineries and other oil-and-gas production facilities
Chemical production plants
Industrial and manufacturing plants
Water infrastructure and gas transmission infrastructure

Installation

SerialTap is designed for easy installation and operation by personnel without deep technical knowledge. The device runs on a secure operating system that offers plug-and-play compatibility with legacy networks.

Physical installation of the device is easy:

  • Connect the two DB9 serial ports with communicating automation devices, such as remote terminal units or programmable logic controllers.
  • Connect the Ethernet port to a web-enabled computer. (Power over Ethernet and wireless versions of SerialTap are available.)

Software provisioning takes place via a simple web-server interface. After authenticating and logging into the SerialTap interface, users need only specify the IP address, server port, gateway and net mask parameters to provision the system. The interface also allows users to select one of several pre-configured data parsers for easy data framing across different serial communications protocols.