StationGuard

Cybersecurity and Functional Monitoring for the Power Grid

Detect cyber attacks promptly

The Intrusion Detection System (IDS) StationGuard monitors Ethernet networks in the power grid and identifies cyber threats, prohibited activity, and malfunctions.

With this combination of cybersecurity and functional monitoring, not only can new threats and as yet unknown attack scenarios be identified, but different kinds of malfunctions in the power utility automation system too.

StationGuard Brochure (8 MB)
IEC 60870-5-104, DNP3, Modbus TCP or IEC 61850: no matter what protocol your utility automation or SCADA system is based on, StationGuard monitors all communication in detail and detects cyber threats and communication errors.
Protects all kinds of utility automation and SCADA systems
IEC 60870-5-104, DNP3, Modbus TCP or IEC 61850: no matter what protocol your utility automation or SCADA system is based on, StationGuard monitors all communication in detail and detects cyber threats and communication errors.
StationGuard and the RBX1 platform have been specially developed for use in utility automation and SCADA systems. StationGuard knows how every device in the network should behave. With this new and patented approach, StationGuard reliably identifies anomalies in the station network.
Tailor-made for utility automation and SCADA systems
StationGuard and the RBX1 platform have been specially developed for use in utility automation and SCADA systems. StationGuard knows how every device in the network should behave. With this new and patented approach, StationGuard reliably identifies anomalies in the station network.
No learning phase is needed for the configuration of StationGuard. All you require are some user inputs to describe the purpose of the devices in the network. StationGuard can also import engineering files to speed up the configuration process.
Easy to configure
No learning phase is needed for the configuration of StationGuard. All you require are some user inputs to describe the purpose of the devices in the network. StationGuard can also import engineering files to speed up the configuration process.
The user interface has been designed to match the diagrams and terminology used in utility automation and SCADA systems. The clear and understandable alarm messages can be easily traced back to events, making cooperation between engineers and security officers simple and efficient.
Speaks the language of protection and control engineers
The user interface has been designed to match the diagrams and terminology used in utility automation and SCADA systems. The clear and understandable alarm messages can be easily traced back to events, making cooperation between engineers and security officers simple and efficient.
StationGuard uses a unique whitelisting approach to protect networks right from the very first minute and without any learning phase whatsoever. Even threats or communication problems that existed prior to its installation are immediately identified.
Immediate protection
StationGuard uses a unique whitelisting approach to protect networks right from the very first minute and without any learning phase whatsoever. Even threats or communication problems that existed prior to its installation are immediately identified.
Not only are threats identified, but also communication errors, device failures, or time synchronization problems are detected.
Identify malfunctions
Not only are threats identified, but also communication errors, device failures, or time synchronization problems are detected.
StationGuard knows the processes in utility automation and SCADA systems and can therefore distinguish between legitimate events and potentially dangerous activities. With StationGuard's maintenance mode, fewer false alarms are triggered during maintenance work and a high degree of security is ensured.
Fewer false alarms
StationGuard knows the processes in utility automation and SCADA systems and can therefore distinguish between legitimate events and potentially dangerous activities. With StationGuard's maintenance mode, fewer false alarms are triggered during maintenance work and a high degree of security is ensured.

StationGuard - designed for the energy system

Regardless of whether your system is based on IEC 60870-5-104, DNP3, Modbus TCP, or IEC 61850, StationGuard deeply inspects all communication to find cyber threats, prohibited activity, and errors.

Based on our 25+ years’ of experience in power utility automation systems, StationGuard truly understands the communication in power utility automation and SCADA systems. With its unique system model approach, this knowledge is used to determine between legitimate traffic and malicious activity.

StationGuard is the leading cybersecurity solution for your power utility automation and SCADA networks. It detects every threat to your systems, enhances your network performance, and saves operational costs, while ensuring compliance with critical infrastructure cybersecurity standards and regulations.

 

"StationGuard impressed us with its simple configuration and commissioning options. StationGuard identifies cyber attacks and possible threat scenarios just as thoroughly as malfunctions in our station control technology thanks to the symbiosis of IT and OT. As a result, our expectations regarding the IT security of our systems are fully met and our plants are already protected in accordance with the requirements of IT-SIG 2.0."

 

 

to the Video

 

Reinhard Bretzke
Head of Power Supply
Stadtwerke Kempen GmbH

"StationGuard is really easy to use. I'm presented with all the information I need clearly in a familiar layout – with only few IT jargon. And all this in the OMICRON quality that we are used to."


Yann Gosteli
Head of Substation Automation Systems
Centralschweizerische Kraftwerke AG

"The team behind StationGuard comprises cybersecurity specialists, working together with protection and control experts. It is this pooling of expertise from both worlds that makes StationGuard so successful."


Andreas Klien
Product Manager

Key features

  • Deep packet inspection of IEC 60870-5-104, DNP3, IEC 61850, Modbus TCP, PRP/HSR, and many more 
  • Increase synergy between IT professionals and OT protection & control engineers with StationGuard's simple and understandable alert context
  • Improve the efficiency and effectiveness of the alert triage process with the built-in energy industry knowledge.
  • Enjoy hassle-free security with a unique allow list approach that requires no learning phase and protects networks right from the first minute.
  • Use StationGuard with ease and confidence with its easy-to-use interface that matches the diagrams and terminology used in control center, power plant, and substation networks.
  • Detect and diagnose functional problems with StationGuard's functional monitoring, which identifies communication errors, device failures, or time synchronization problems.

    •  

 

 

Learn more about cybersecurity in the power grid

Cybersecurity in Substations 1 - Important Basics for Protection and SCADA Engineers

Cybersecurity requirements are increasingly becoming part of the daily work of protection and control engineers. Gain some important basic knowledge of cybersecurity in substations.

WATCH NOW


Cybersecurity in Substations 2 - Attack Vectors on Substations and their Countermeasures

Get a concise overview of cyber threats on substations and their countermeasures. Learn on which paths attackers could reach substation networks and how adversaries could use this to even influence protection and control devices. 

Watch now


Cybersecurity in Substations 3 – StationGuard Live in Action

In this webinar, we will show a live simulation of cyber attacks and communication errors on the station bus and how the Intrusion Detection System (IDS) StationGuard can detect these threats and malfunctions.

Watch now 


Live-Hack of a Substation

In this webinar recording, we demonstrate in a fictional scenario how attackers can reach into the network in a substation via the Internet, place malware on an RTU, and then switch circuit breakers. We also present security measures which could have prevented this fictional attack.

WATCH NOW

Support for commissioning and maintenance

Engineering protocols and IED web interfaces have many known vulnerabilities and new ones are being released all the time. These interfaces are however needed in the commissioning phase and during routine maintenance. To protect your substations against attacks on these ports, you should generally prohibit engineering activity and only allow it when needed. The "Maintenance Mode" enables a high security level by prohibiting engineering activities during normal operation, while providing a low level of false alarms during maintenance phases.

In contrast to baseline or learning based IDS, StationGuard supports the different phases in the lifecycle of a substation with high selectivity in the alerts.

Expert Support | We make life easy for you

If an alarm indicates prohibited or non-standard-compliant behavior, the StationGuard experts are on hand to help you evaluate the cause. A profile of your substation can also be created on request to offer an alarm analysis targeted specifically for your site and its devices.

In addition to our Technical Support team, who are available 24/7, StationGuard Expert Support helps you to evaluate alarms and perform network capture analyses.  

OMICRON Partners | Working together for a Secure Critical Infrastructure Protection Ecosystem

The sum of many different perspectives and insights empowers us, so you will benefit from a vast network of experts. We carefully select our partners and only collaborate with organizations that share our core values of caring, pioneering, uniting, driven by excellence, and knowledge sharing.

As a result, we continually offer new and innovative products and services to ready ourselves with the best solutions to global changes and rapidly evolving cyber threats.

Together we optimize OT and IT security for your benefit! To explore our partnerships, just follow this link.

Download

Submit the form to download our latest case study on the Stadtwerke Kempen substation modernization. You will...

  • read how Stadtwerke Kempen moved from hard-wired communication to an Ethernet-based network and how they secured that communication,
  • identify technical challenges and pitfalls you may encounter on your network,
  • learn how StationGuard's innovative approach to asset management and threat detection can provide your system with cybersecurity and visibility.

    •  

 

You personal data is processed in accordance with the OMICRON Privacy Statement.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Related Products

GridOps
Central Management System for StationGuard
RBX1
Robust and cybersecure 19-inch platform
MBX1
Mobile, hardened test set for powerful communication analysis

Screenshots of our StationGuard Software

At a glance it is discernible which device caused the alert in which bay.
At a glance it is discernible which device caused the alert in which bay.
The Event Log stores the history of all alerts and also records important events like switchgear operations and setting changes.
The Event Log stores the history of all alerts and also records important events like switchgear operations and setting changes.
Alert messages are clearly understandable and can be attributed to events in the substation.
Alert messages are clearly understandable and can be attributed to events in the substation.
The whitelist permissions can be reviewed and audited for each device in the network.
The whitelist permissions can be reviewed and audited for each device in the network.
All devices communicating in the network are recognized and can be exported together with the type plate and firmware version.
All devices communicating in the network are recognized and can be exported together with the type plate and firmware version.
Asset information is aggregated from network traffic and from SCL files.
Asset information is aggregated from network traffic and from SCL files.

Solutions for:

Documents

Literature
StationGuard Brochure (8 MB)
Papers & Articles
Detecting Cyber Instrusions in Substation Networks (758 KB)
This whitepaper teaches the reader how to apply Intrusion Detection Systems (IDS) at the substation level. It describes the unique approach used by StationGuard, its advantages in asset discovery and incident response, and the difference to other IDS.
Design and Commissioning of a Secure Substation Network Architecture (382 KB)
Case study about a new, cyber-secure substation network architecture designed and commissioned by the Swiss distribution and generation utility CKW (Centralschweizerische Kraftwerke AG). The security measures include multiple firewall zones, secure remote access, and intrusion detection on the station bus.
Cybersecurity of the RBX1 and MBX1 Platforms (556 KB)
This whitepaper examines the individual cybersecurity measures introduced into the design and ongoing development of the RBX1 and MBX1.
Easy integration into your substations, SOC and control centres
StationGuard-Deployment-ENU (143 KB)
Security Information Center (SOC) and SIEM Integration (150 KB)

Videos

Cybersecurity from the Control Center to the Substation | STW Kempen

StationGuard | Why should you use an Intrusion Detection System in every substation?

Intrusion Detection in Energy Systems – An Important Building Block in OT Security Processes

View all videos

Training

27
Nov
27
Nov
November 27, 2023
November 27, 2023
Training Center Berlin, Berlin, Germany
English
StationGuard
27
Nov
27
Nov
November 27, 2023
November 27, 2023
Training Center Berlin, Berlin, Germany
English
StationGuard
20
Feb
20
Feb
February 20, 2024
February 20, 2024
Training Center Erlangen, Erlangen, Germany
Deutsch
StationGuard
Show all training courses for this product

Get in touch

Need more details? Get a quotation?
Request for a demo?


Contact us now
You are using an outdated browser version.
Please upgrade your browser or use another browser to view this page correctly.
×