Anomaly Detection

The anomaly detection tool in EnergyShield is based on the solution and technology developed by SIGA OT Solutions, a company which provides OT monitoring and anomaly detection for ICS\SCADA in industrial and critical infrastructure applications. SIGA offers a unique and innovative approach to monitor critical assets and process at level 0 of any cyber-attack that affects the operation, malfunctions, system failures or deficiencies of the critical asset. SIGA’s Solution is a comprehensive process anomaly detection system that monitors critical assets using electrical signal-based advanced analytics, Artificial Intelligence and Machine Learning. The ML algorithmic engine is learning the normal behavior of the machine/process/asset and then detect anomalies and abnormal behaviors and alert the operator.
Alerts Screen in Dashboard with Alert on Anomaly

EnergyShield Solution Architecture

On the EnergyShield solution architecture, this tool will monitor and analyze the level 0 part of the different EPES assets that will be connected to the EnergyShield solution (e.g. gas turbine, wind turbine, sub-station etc.). The tool will duplicate unidirectionally electrical signals that runs between sensors and actuators to the PLC of the customer’s ICS and will run the algorithmic models on this data.
The tool will operate in an out-of-band network, separate and independent from the customer’s ICS. It will provide real-time reliable status of the assets and will send smart alerts and actionable insights to the EnergyShield SIEM and SOC and to any other system required. It will also provide the user with an independent smart dashboard for visibility, alerts, and analysis.