Industrial cybersecurity is a fundamentally different animal than enterprise security — not only in terms of priorities, but also in terms of architecture. While enterprise networks are often configured in hub-and-spoke topology, industrial networks are often more chaotic with interconnections between devices, remote users and so forth. For a chief information security officer, that can be a nightmare. “You create this giant attack surface when you have large numbers of devices all over the place. You have this kind of worst combination of things: many types of things, many of them and many interconnections,” said Duncan Greatwood, CEO of the cybersecurity firm Xage, which came out of stealth mode to formally launch today. And as industrial IoT projects grow to encompass more connected devices based in more locations, the risks only grow.
In 2016, the cofounders of Xage, Roman Arutyunov and Susanto Irwan, began brainstorming a way to turn this problem on its head, so the more devices added to an industrial network, the more secure it becomes, rather than the other way around.
“What the guys realized very early on is that there is a technology that can help make this ‘more is better’ scenario happen, and that is Blockchain,” Greatwood said.
[IoT World demonstrates how the next generation of IoT will converge to unlock the intelligence of things in the industrial, enterprise and consumer realms. Get your ticket now.]
Blockchain has several properties supporting this goal: It is distributed, highly redundant and, from a security perspective, it can self heal if pieces of it get hacked. The startup found that blockchain also could support additional security technologies for addressing data confidentiality. One example is Shamir's Secret Sharing cryptology algorithm, which, is similar to blockchain in that it uses a threshold consensus. “You scatter the information across many nodes, have intentionally limited and you have to have those agree to give it back to you to reconstruct what the secret was,” Greatwood explained.
From left to right, Xage VP, products Roman Arutyunov, CEO Duncan Greatwood and VP, engineering Susanto Irwan.
Ultimately, the company synthesized several security technologies into what it calls a security fabric. Company officials believe they now have a system that grows more secure as more devices are added to the network, and the more interconnected those devices become.
“You can go to your CISO and say: ‘We are adding 100,000 more devices.’ And now they are going to say: ‘Great,’” Greatwood said. “They will probably ask for details, but that is very different from how it has been for people.”
Namely, some industrial companies dabbling in IoT have deliberately hesitated to pursue production-scale projects or have deliberately limited the connectivity — and thus functionality — of production-scale projects out of security fears.
Xage’s software can be deployed in both gateways and endpoints whether they are based in a wind farm, manufacturing facility or another location. The gateways connect to existing devices in the system and proxy industrial network protocols that those devices already speak. “In some cases, we can deploy endpoint software directly, but that isn’t a requirement,” Greatwood said. “In the end, the gateways and the endpoint software talk amongst each other and implement the Blockchain and the other pieces of the security [fabric] as a distributed tamperproof redundant data store.”
If a technician wants to log onto one of those devices, that person can log into the fabric, and the fabric will grant access to the device — in real time, whether it is onsite or remote. “If AI is adjusting your turbine so it doesn’t overheat, you can’t have a five-second delay while the data center application coughs,” Greatwood explained.
In terms of gateway devices, Xage is partnering with Dell and running its software on top of Dell IoT Gateways and the EdgeX platform. It also can deploy its software on powerful computers like blade PC and compact computers like the Raspberry Pi.
The company is also working with ABB, Itron and a major utility, among others. “There are real billion-dollar projects going on right now where Xage is the foundation for security,” Greatwood said.