MHI and NTT Complete Prototype of "InteRSePT®" Cyber Security Technology that Delivers Safe and Secure Operation of Control Systems
-- Enables Security Measures for Each Operating State --

Tokyo, November 30, 2016 EMitsubishi Heavy Industries, Ltd. (MHI) and Nippon Telegraph and Telephone Corporation (NTT) have completed the joint development of a prototype of "InteRSePT®"^*1, a cyber security technology for critical infrastructure control systems. InteRSePT® offers safe and secure system operations using real-time anomaly detection and response for unknown attacks. MHI and NTT aim to apply the newly developed technology in commercial fields such as thermal power generation facilities and chemical plants where continuous availability^*2 is of high importance.

1.Background

Until now, security countermeasures such as IDS / IPS^*3 and firewalls^*4 have been developed to prevent cyber-attacks caused by malware^*5 and DDoS^*6. However, in recent years, advanced malware can monitor the operating characteristics and control commands of the target device and change the timing of transmission or parts of commands, causing the target device to fail. MHI and NTT have been working on cyber security research and development since March this year to respond to such threats. The InteRSePT® prototype is a result of this work, combining the high-reliability and safe control technology developed by MHI for the fields of defense and space, and security orchestration technology^*7 developed by NTT.

2.Outline of InteRSePT®

InteRSePT® consists of a network monitoring appliance (NMA) and an advanced security management appliance (ASMA), and monitors real-time data flows in networks in an integrated manner. The system delivers real-time security measures that place importance on availability by changing the security remediation rules on each operating state of the target device. This enables protection against cyber-attacks that exploit control commands, which are difficult to detect and respond to with conventional technology.

Specifically, the system (1) collects and analyzes packets of sensor information flows in the control system network to gain an overall understanding of the operating state; (2) changes the communication control rules of the NMA according to the actual operating state and other factors; (3) analyzes and blocks the packet based on those rules; and (4) aggregates multiple sensor information with the ASMA and monitors the behavior of the entire control system in an integrated manner for early detection. Consequently, it can respond quickly even to unknown cyber-attacks and minimize the damage of such attacks.

3.Future plans

Going forward, at MHI's Cyber Lab, a security development and verification hub located in Tokyo, MHI and NTT will evaluate the technology prototype and verify its adaptability to control systems, to further advance InteRSePT® and expand its application to O&M (operation and maintenance) business.

InteRSePT® conceptual diagram

About Mitsubishi Heavy Industries Group

Mitsubishi Heavy Industries, Ltd. (MHI), headquartered in Tokyo, is one of the world's leading industrial firms with 80,000 group employees and annual consolidated revenues of around 38 billion U.S. dollars. For more than 130 years, the company has channeled big thinking into innovative and integrated solutions that move the world forward. MHI owns a unique business portfolio covering land, sea, sky and even space. MHI delivers innovative and integrated solutions across a wide range of industries from commercial aviation and transportation to power plants and gas turbines, and from machinery and infrastructure to integrated defense and space systems.
For more information, please visit MHI's website:www.mhi-global.com
For Technology, Trends and Tangents, visit MHI's new online media SPECTRA:spectra.mhi.com

About Nippon Telegraph and Telephone Corporation

NTT Group delivers advanced technology and innovative solutions in networking, communications, software and cloud computing that help transform businesses, governments and societies around the world. NTT Group will deliver convenient, enriched and reliable services to support customers as a "Value Partner" that its customers will continue to select. Today, 80% of Fortune 100 companies rely on NTT Group as their business partner. NTT Group generates over $105 billion in annual revenues, has over 233 data centers and employs more than 240,000 professionals working in 88 countries.

For more information, visit http://www.ntt.co.jp/index_e.html

Photograph; MHI's Cyber Lab (image rendering)