Secure data integrity in offshore environments
The solution takes minimal implementation effort. The units are made operational by plugging in four cords (redundant power, WAN and LAN cords).
- Hardware-based Layer 2 encryption of data in motion by means of Ethernet connections
- Plug-in and encrypt solution
- No local IT skills needed
- Highest commercially available encryption level, AES 256-GCM
The threat to offshore systems
The biggest threat to offshore industrial systems is external access to control systems. Unwanted access to the human/machine interface (HMI) can allow third parties full control of a system. One way to breach a system is to gain access to the Ethernet connections between a company’s headquarters and remote systems by means of wiretapping. Wiretapping makes it possible to manipulate data traversing the Ethernet connection if this connection is not protected.
Zybersafe hardware encryption
Zybersafe provides protection of the integrity of data that traverses the Ethernet connection between a company’s headquarter and a remote system. By placing Zybersafe hardware encryption units at the end points of the link, all data will be encrypted at the highest commercially available standard, AES 256-GCM, and the integrity link will be protected from injection, modification, and replay.
Zybersafe applies Layer 2 encryption that protects Layer 2 and all layers above it. 99.9% of all network attacks are directed against Layer 3-7. Zybersafe’s solution is hardware-based and is secure because there is no human access to encryption keys at any time, which means the keys cannot be shared by mistake or through malicious intent.
The most secured offshore equipment must be certified in accordance with class and regulatory requirements before it arrives at the yard or platform for subsequent installation and integration.
The industry certifications concern industrial systems such as SCADA systems, PLCs, etc. that control:
- Heating, ventilation and air conditioning systems (HVAC)
- Public address & general alarm systems (PA/GA)
- Video surveillance systems
- Electronic or mechanical systems
Certification causes significant delays, which means offshore enterprises cannot make use of the most recent industry equipment and updates. The certified solutions do not necessarily conform to the cyber security standards that would be applied on land-based solutions. For this reason enterprises must look for other ways of protecting their remote systems.