Peraton Labs
  • About
    • Our Story
    • Markets we serve
    • Leadership
    • Contact us
    • Visit peraton.com →
  • Research
    • 5G
    • Cybersecurity
    • Electronic warfare
    • Machine learning and data analytics
    • Mobility
    • Optical, photonics and quantum
    • Wireless systems and networks
  • Services
    • Critical infrastructure
    • Networking and cloud
    • Service and data assurance
    • Other services
  • Products
    • Critical infrastructure
    • Cybersecurity
    • Network defense
    • Spectrum solutions
    • Wireless solutions
    • Other products
  • News and media
    • Events
    • Highlights >
      • CLOSURE Toolchain for Cross-Domain Solutions
      • Peraton Labs Supports Cyber Exercise for Nebraska Army National Guard
      • Conceptual Simulation for Designing High Performance Computers
      • FLEET: Reconfigurable Optical NICs for Fast Data Transfer
      • Turbocharge Simulation
      • Analytics and AI for Predictive Maintenance
      • Minimizing the Cyberattack Surface
    • Press releases
    • Media hits
  • Careers
    • Life at the Labs
    • Tackling Tomorrow's Challenges
  • Search
Our products >  Critical infrastructure ​> ProtocolPatroller

ProtocolPatroller​

Industry’s first ICS cybersecurity monitoring and anomaly detection solution for protocol protection

Utilities experience thousands of increasingly sophisticated cyberattacks on industrial control systems (ICS) in general, and supervisory control and data acquisition (SCADA) systems, in particular. Remote access vulnerabilities can go undetected for months—posing an extraordinary threat to critical infrastructure security. 

SecureSmart™ ProtocolPatroller provides continuous cyber monitoring and anomaly detection via sophisticated, protocol-specific security capabilities for smart grid, SCADA and other ICS applications. ProtocolPatroller offers cyber protection for a wide range of SCADA protocols and its modular design enables easy extension to protect additional ICS SCADA protocols. Using robust checkers, ProtocolPatroller detects ongoing attacks—including zero-day attacks—and alerts operators through a user-friendly dashboard. When used in the in-line protection mode, ProtocolPatroller can perform predetermined actions to stop ongoing attacks. 

ProtocolPatroller software can be co-hosted as well as reside in a customer’s existing IT hardware or software platforms. Co-hosting can occur at gateways (e.g., in data centers or control centers), customers and servers (e.g., Inter-Control Center Communications Protocol or ICCP nodes, smart meter data collection engines), Intelligent Electronic Devices (IED), or even in a service cloud. Hosting is also available as a dedicated platform. ​​

Jump to

​How it works
Features
​
​Advantages
Resources
Research, services and products of interest
​Request more information
Picture
Anchor Element
Copy for linking on the same page:
https://www.peratonlabs.com/?data-scroll-to-anchor=HowItWorks
Copy for linking from an external page:
https://www.peratonlabs.com/?data-anchor-link=HowItWorks

How it works

For each covered protocol, ProtocolPatroller employs a collection of behavior model checkers that have been verified with formal methods to detect communication anomalies. These stateful model-checkers patrol SCADA protocol communication contexts and behaviors by:
  • Applying deep-packet inspection—to track event sequences
  • Performing cross-session comparisons

The monitoring and filtering of potential vulnerabilities are available through both built-in and user-defined rules. Moreover, the dashboard provides operators with great flexibility in terms of choosing which protocol they would like to monitor and protect, which set of communication sessions and endpoints they would like to pay attention to, and which rules they would like to apply.

ProtocolPatroller provides the ability to display only sub-nets for large networks. It graphically maps communication flows between each endpoint pair—not only at the network (IP) layer, but at application protocol layers—to discern different communication flows between devices.
Anchor Element
Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=features
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=features

Features

Cybersecurity protection across a wide range of threats and SCADA protocols including:
  • SCADA Distributed Network Protocol (DNP3)
  • Inter-Control Center Communications Protocol (ICCP)
  • Synchrophasor Protocol C37.118
  • Advanced metering infrastructure (AMI) Data Transport Protocol C12.22
  • Substation Automation 61850-GOOSE
  • IP and HTTP
  • Modular design supports easy extension to additional SCADA protocols

ProtocolPatroller deployment is available in two modes:
  • Sniff mode: real-time monitoring, analysis, detection and alerting via user-friendly operator dashboard
  • In-line protection mode: provides all the functionality of sniff mode along with the ability to terminate ongoing attacks via prescribed attack vector rules and responses
Anchor Element
Copy for linking on the same page:
https://www.peratonlabs.com/?data-scroll-to-anchor=Advantages
Copy for linking from an external page:
https://www.peratonlabs.com/?data-anchor-link=Advantages

Advantages

  • Industry-leading, high-value SCADA protocol protection capability
  • Deep-packet inspection
  • Protocol-specific stateful model-checkers
  • Easily extendable to common SCADA protocols
  • Field proven in the smart grid utility industry
  • Flexible, easy to use operator dashboard
Anchor Element
Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=resources
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=resources

Resources

Read more

ProtocolPatroller overview sheet (PDF)
Anchor Element
Copy for linking on the same page:
https://www.perspectalabs.com/?data-scroll-to-anchor=links
Copy for linking from an external page:
https://www.perspectalabs.com/?data-anchor-link=links

Research, services and products of interest

Research

  • Cybersecurity research: innovations to protect mission-critical networks, services, systems and infrastructure 
  • ​Machine learning and data analytics research: breakthrough artificial intelligence / machine learning capabilities 

Services

  • ​​Industrial control systems and IoT security: patented solutions to protect ICS, low-power WANs, IoT and SCADA systems for energy, utilities and smart cities
  • ​Intelligent transportation system and security: full life cycle support for deployment of secure, resilient communications technology in transportation infrastructure
  • Smart grid field analysis: sophisticated services to efficiently resolve operational problems, troubleshoot service failures and validate security controls

Products

SecureSmart™ solution line:​
  • Continuous monitoring as a service (CMaaS): real-time cyber defense for critical infrastructure, field area networks, energy systems and smart cities
  • ​Cyber emissions monitor: anomaly detection based on non-intrusive monitoring of unintentional RF emissions
  • EnergyDefender: comprehensive critical infrastructure and industrial control systems defense
  • Jolt: protection against sophisticated power grid attacks via intelligent telemetry defense
Anchor Element
Copy for linking on the same page:
https://www.peratonlabs.com?data-scroll-to-anchor=requestinfo
Copy for linking from an external page:
https://www.peratonlabs.com?data-anchor-link=requestinfo

Request more information
Contact us
​About
​Research
​Services
Products
​Careers
​
News and media

peraton.com
Markets we serve:
Defense
Energy
​
Financial
Government 
Life sciences 
Telecommunications
Transportation
​
Picture
© 2022 Peraton Labs.  Site map | Terms of use | Privacy policy
  • About
    • Our Story
    • Markets we serve
    • Leadership
    • Contact us
    • Visit peraton.com →
  • Research
    • 5G
    • Cybersecurity
    • Electronic warfare
    • Machine learning and data analytics
    • Mobility
    • Optical, photonics and quantum
    • Wireless systems and networks
  • Services
    • Critical infrastructure
    • Networking and cloud
    • Service and data assurance
    • Other services
  • Products
    • Critical infrastructure
    • Cybersecurity
    • Network defense
    • Spectrum solutions
    • Wireless solutions
    • Other products
  • News and media
    • Events
    • Highlights >
      • CLOSURE Toolchain for Cross-Domain Solutions
      • Peraton Labs Supports Cyber Exercise for Nebraska Army National Guard
      • Conceptual Simulation for Designing High Performance Computers
      • FLEET: Reconfigurable Optical NICs for Fast Data Transfer
      • Turbocharge Simulation
      • Analytics and AI for Predictive Maintenance
      • Minimizing the Cyberattack Surface
    • Press releases
    • Media hits
  • Careers
    • Life at the Labs
    • Tackling Tomorrow's Challenges
  • Search