The iHoney project aims to develop specific tools for the cybersecurity of industrial control systems. In summary, we can say that we will work on the development of:
- An intrusion detection system (IDS) whose main function is to identify intrusions and attacks against an industrial control system, using rules based on the analysis performed on actual attacks on industrial control systems. The development will be based on widely used software solutions.·
- An intrusion prevention system (IPS) whose main difference with the previous IDS system is its ability to identify and stop intrusions and attacks against an ICS.·
- A specific audit tool for industrial control systems based on the implementation of communication protocols of this type of systems. It will allow you to discover vulnerabilities and perform analyses in industrial environments.
- Analyze incoming and outgoing traffic both between the different system components and between the system and other remote locations (remote control stations, other facilities at separate physical locations, other systems related to the protected one, etc.)·
- Process traffic to detect patterns indicative of an abnormal activity, discarding those considered as false alarms.·
- Perform actions automatically according to the rules set by the installation manager and the security equipment.·
- Raise the incident to a human operator if it is considered of adequate importance.·
- Store incident-related information for later forensic analysis.