Cybersecurity and Functional Monitoring for the Power Grid
Detect cyber attacks promptly
The Intrusion Detection System (IDS) StationGuard monitors Ethernet networks in the power grid and identifies cyber threats, prohibited activity, and malfunctions.
With this combination of cybersecurity and functional monitoring, not only can new threats and as yet unknown attack scenarios be identified, but different kinds of malfunctions in the power utility automation system too.
StationGuard - designed for the energy system
Regardless of whether your system is based on IEC 60870-5-104, DNP3, Modbus TCP, or IEC 61850, StationGuard deeply inspects all communication to find cyber threats, prohibited activity, and errors.
Based on our 25+ years’ of experience in power utility automation systems, StationGuard truly understands the communication in power utility automation and SCADA systems. With its unique system model approach, this knowledge is used to determine between legitimate traffic and malicious activity.
With its built-in support for maintenance activities, you are in full control of which devices communicate what and when. StationGuard helps documenting all assets and their protocols and services used.
"StationGuard impressed us with its simple configuration and commissioning options. StationGuard identifies cyber attacks and possible threat scenarios just as thoroughly as malfunctions in our station control technology thanks to the symbiosis of IT and OT. As a result, our expectations regarding the IT security of our systems are fully met and our plants are already protected in accordance with the requirements of IT-SIG 2.0."
Head of Power Supply
Stadtwerke Kempen GmbH
"StationGuard is really easy to use. I'm presented with all the information I need clearly in a familiar layout – with only few IT jargon. And all this in the OMICRON quality that we are used to."
Head of Substation Automation Systems
Centralschweizerische Kraftwerke AG
"The team behind StationGuard comprises cybersecurity specialists, working together with protection and control experts. It is this pooling of expertise from both worlds that makes StationGuard so successful."
- Deep packet inspection of IEC 60870-5-104, DNP3, IEC 61850, Modbus TCP, PRP/HSR, and many more
- Better cooperation between IT and OT through unique visualization matching OT engineering diagrams
- Save time in alarm analysis supported by built-in OT knowledge
- Analyzes substation protocols in depth
- Full protection during routine testing thanks to maintenance mode function
- Easy integration of alarm messages due to binary contacts and Syslog interface
Learn more about cybersecurity in the power grid
Cybersecurity in Substations 1 - Important Basics for Protection and SCADA Engineers
Cybersecurity requirements are increasingly becoming part of the daily work of protection and control engineers. Gain some important basic knowledge of cybersecurity in substations.
Cybersecurity in Substations 2 - Attack Vectors on Substations and their Countermeasures
Get a concise overview of cyber threats on substations and their countermeasures. Learn on which paths attackers could reach substation networks and how adversaries could use this to even influence protection and control devices.
Cybersecurity in Substations 3 – StationGuard Live in Action
In this webinar, we will show a live simulation of cyber attacks and communication errors on the station bus and how the Intrusion Detection System (IDS) StationGuard can detect these threats and malfunctions.
Live-Hack of a Substation
In this webinar recording, we demonstrate in a fictional scenario how attackers can reach into the network in a substation via the Internet, place malware on an RTU, and then switch circuit breakers. We also present security measures which could have prevented this fictional attack.
Support for commissioning and maintenance
Engineering protocols and IED web interfaces have many known vulnerabilities and new ones are being released all the time. These interfaces are however needed in the commissioning phase and during routine maintenance. To protect your substations against attacks on these ports, you should generally prohibit engineering activity and only allow it when needed. The "Maintenance Mode" enables a high security level by prohibiting engineering activities during normal operation, while providing a low level of false alarms during maintenance phases.
In contrast to baseline or learning based IDS, StationGuard supports the different phases in the lifecycle of a substation with high selectivity in the alerts.
We make life easy for you – Expert Support
If an alarm indicates prohibited or non-standard-compliant behavior, the StationGuard experts are on hand to help you evaluate the cause. A profile of your substation can also be created on request to offer an alarm analysis targeted specifically for your site and its devices.
In addition to our Technical Support team, who are available 24/7, StationGuard Expert Support helps you to evaluate alarms and perform network capture analyses.
Submit the form to download our latest paper on the topic "Detecting cyber intrusions in substation networks".
Screenshots of our StationGuard Software
StationGuard – Cybersecurity tailor-made for substations
Why should you use an Intrusion Detection System in every substation?
Intrusion Detection in Energy Systems – An Important Building Block in OT Security Processes