SerialTap™ Means Security

Level 0,1 Protection for Legacy Infrastructure

SerialTap brings a new layer of security to older industrial control systems. As its name suggests, this patented sensor passively intercepts serial communications, monitoring network traffic and enabling alerts on control signal anomalies that could be indicative of a cyberattack, physical attack or system misconfiguration.

Operating Principles

SerialTap is a new hardware device that seamlessly installs in supervisory control and data acquisition (SCADA) and other legacy control systems. Once installed on the serial network, SerialTap intercepts communications between various field devices and controllers. It then transforms the intercepted serial communications data into a data packet, which it sends out via the device’s integrated Ethernet port. The device operates like a traditional network tap or a mirrored port on a managed switch; SerialTap makes it appear that data from communicating devices is forwarded out of the Ethernet port. SerialTap features a powerful embedded computer, which parses and transforms the serial data passively—without adding any computational overhead or failure points to critical communication networks. Data sent out via the Ethernet port can be analyzed using third-party network security tools or Cynash’s proprietary Cynalytic™, which combines a set of biomimetic and machine-learning technologies to identify emergent security threats.

Electrical Design

SerialTap employs a patented electrical design to passively intercept serial communications. This electrical design takes a unique approach to the traditional transceiver (driver-receiver) technology used in serial communication equipment. Because of this approach, the SerialTap can accomplish multiple things. The first is to be able to capture serial traffic without affecting the existing serial communications on the control network. The second is to act as a fail-safe device such that if the SerialTap were to suffer a loss of power, the serial communication can still flow through it. The last is to not introduce any cyber-attack vectors on the serial network. The SerialTap can only read off the serial network, not write to it. For more details about SerialTap’s electrical design, please contact us.

Applications

SCADA and other types of legacy control systems that use serial communications extensively can be found in many settings, including:

Electrical power generation, distribution and transmission facilities
Railway and mass rapid transit systems
Refineries and other oil-and-gas production facilities
Chemical production plants
Industrial and manufacturing plants
Water infrastructure and gas transmission infrastructure

Installation

SerialTap™ is designed for smooth integration of existing legacy networks. The device runs on a secure operating system that offers plug-and-play compatibility when coupled with the Cynalytic™ Engine.

Physical installation of the SerialTap device is easy:

  • Power the device with either Power over Ethernet (PoE) or 24V.
  • Connect SerialTap’s two serial communicating ports with communicating automation devices such as remote terminal units, programmable logic controllers, variable frequency drives, etc.
  • Connect SerialTap to the Cynalytic™ Engine with simple networking.

Software provisioning takes place via the Cynalytic™ Engine. After authenticating and logging into the Cynalytic™ Engine’s user interface (UI), users can simply navigate to a SerialTap device and configure it as desired. The Cynalytic™ Engine’s UI also allows users to perform:

  • Role-based user access
  • Alert threshold monitoring
  • Visual analytics
  • Data storage
  • Encrypted capture of serial traffic.