About Fortiphyd Logic
Fortiphyd Logic equips operators of the power grid, oil and gas, and other critical infrastructure with the tools and training they need to defend their industrial networks from advanced cyberattacks and everyday efficiency issues.
Latest Fortiphyd Logic News
Oct 27, 2023
SecurityWeek New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each vendor. By ATLANTA – SECURITYWEEK 2023 ICS CYBERSECURITY CONFERENCE – A new project aims to make it easier for PLC programmers to implement secure coding practices by analyzing and cataloging useful files and functions from each PLC vendor. The new project was presented on Tuesday at SecurityWeek’s ICS Cybersecurity Conference in Atlanta by David Formby, CEO and CTO of Fortiphyd Logic, a company that specializes in endpoint detection for programmable logic controllers (PLCs) and virtual industrial control systems (ICS) security training labs. The project builds on the ‘ Top 20 Secure PLC Coding Practices ’, whose goal is to provide PLC programmers with guidelines for improving security. Some of these practices apply to all PLCs, regardless of vendor. This includes modularizing code, leaving operational logic directly in the PLC, assigning registers by function, using correlation and input plausibility checks, monitoring PLC uptime, trapping false negatives/positives, restricting third-party data interfaces, defining a safe start state in case of a restart, and validating timers, paired input/output, and indirections. However, some secure PLC coding practices are different for each vendor and it can be difficult to identify relevant documentation. The goal of the Fortiphyd Logic project is to provide the information needed for vendor-specific practices in an easy-to-digest format. The information is provided in a table format and includes the product name and model, whether required functionality is supported, and the file or function that enables access to the required data. One secure PLC coding recommendation whose implementation is different for each vendor involves tracking the device’s operating mode. PLCs can have various modes, such as ‘run’, ‘program’, ‘test’ and ‘debug’. It’s easier for an attacker to hack a PLC that is not in ‘run’ mode, which is why it’s important that PLCs are not left in ‘program’, ‘test’ and ‘debug’ modes. In addition, mode changes should be monitored in order to detect a potential attack. Advertisement. Scroll to continue reading. However, monitoring mode changes is done differently for each PLC, Formby pointed out. For instance, in the case of Rockwell Automation PLCs, the data can be obtained through the ‘GSV(ControllerDevice.Status)’ instruction or from a status file, while in the case of Siemens PLCs this can be achieved using the ‘GET_DIAG’ function. Another vendor-specific secure PLC coding practice involves monitoring flags that indicate various errors and faults, which can be triggered by malicious attacks. However, PLCs from each vendor have different errors and faults and there are different ways of reading them, Formby explained. Attackers targeting PLCs can make changes to the PLC logic and some controllers have checksums that enable users to detect changes in logic. Monitoring checksums can be useful for detecting attacks, but different vendors have different functions for achieving this and in some cases checksum monitoring is not supported at all. Other examples of vendor-specific PLC secure coding practices covered by Fortiphyd Logic’s new project include monitoring cycle times, hard stops, and memory usage, as well as the detection of unused software. For the time being, the new project, hosted on GitHub , only provides information for products made by Schneider Electric, Siemens and Rockwell Automation, but information will be added for other vendors as well, with the goal being to cover all PLC vendors. Anyone can contribute to the project. Fortiphyd Logic has also created a custom module for the top 20 secure PLC coding practices for CISA’s Cyber Security Evaluation Tool (CSET) , which provides a series of requirement questionnaires to help organizations assess their security posture.
Fortiphyd Logic Frequently Asked Questions (FAQ)
When was Fortiphyd Logic founded?
Fortiphyd Logic was founded in 2018.
Where is Fortiphyd Logic's headquarters?
Fortiphyd Logic's headquarters is located at 1372 Peachtree St NE, Atlanta.
Who are Fortiphyd Logic's competitors?
Competitors of Fortiphyd Logic include Awen Collective and 4 more.
Compare Fortiphyd Logic to Competitors
Claroty specializes in securing cyber-physical systems. The company offers a unified platform that integrates with customers' existing infrastructure to provide visibility, risk and vulnerability management, threat detection, and secure remote access. Its primary customers include organizations in the industrial automation, healthcare, and enterprise sectors. It was founded in 2015 and is based in New York, New York.
Mission Secure operates as a cyber security service provider. It provides cybersecurity to organizations in the defense, energy, and transportation industries. Its platform takes operational technology cybersecurity to control systems. It was founded in 2014 and is based in Charlottesville, Virginia.
Dragos offers industrial cybersecurity software. It develops an automation platform that provides visibility into assets, detection of threats through behavioral analytics, collection and correlation of various industrial control systems (ICS) and operational technology (OT) data sets. It was founded in 2016 and is based in Hanover, Maryland.
Nozomi Networks develops an online cybersecurity platform. It provides superior operational visibility, advanced operational technology (OT), internet of things (IoT), threat detection, and more. It serves airports, building automation systems, electric utilities, healthcare, manufacturing, and mining industries. The company was founded in 2013 and is based in San Francisco, California.
SecuriThings develops automation and management of physical security devices. The company offers a platform to consolidate and automate connected devices, providing real-time monitoring, smart alerts, analytics, automated device operations, cybersecurity protection, and compliance reporting. It facilitates enterprise and managed service platform solutions. It primarily serves industries such as technology, manufacturing, finance, transportation, healthcare, and education. It was founded in 2016 and is based in Ramat Gan, Israel.
WizNucleus provides cyber and physical security solutions to mission-critical facilities. It offers software solutions and security solutions to nuclear power plants, electric grids, and the government. The company was founded in 2009 and is based in New York, New York.