Power and Energy

Enabling Secure and Reliable Industrial Communications
  • Power Substation Automation

  • Renewable Energy Monitoring

  • Industrial Cyber Security

Power and energy industries are experiencing an unprecedented change in both interconnectivity and complexity. To ensure reliability, flexibility and profitability, Lanner offers series of industrial solutions to enable a smoothly, compatibly interconnected control system and build up a reliable cyber security platform to defend their network vulnerabilities, while keeping maintenance costs at low levels.
  • IEC 61850-3 Compliance
  • Class I Division II Compliance
  • Advanced I/O Protection
  • Wide Temperature
  • LAN Bypass

Perform Industrial DPI to Secure Networked Production Systems

Background

The central concept behind the initiatives of “Industrial IoT”, “Industrial Automation”, and “Industry 4.0” shares a similar characteristic – establishing OT and IT convergence by interconnecting all the sensor, devices and equipment through mainstream communication protocols such as Industrial Ethernet and Internet protocol. However, the convergence has made OT networks vulnerable towards cyber threats, as security loopholes are exposed and intruders may attack directly through IT networks. Therefore, in order to ensure uptimes forIT/OT converged production system in the smart factory, it is critical to conduct comprehensive forensic analysis regarding ICS network vulnerability and perform early detection of abnormal events or unauthorized access that could lead to system downtimes and the derived expensive costs.

Requirements

An European industrial firewall maker contacted Lanner to come up with a robust security appliance that monitors and visualizes the entire data flow traveling the networks, and performs self-learning to dynamically analyze the traffic patterns in order to fulfill industrial DPI (Deep Packet Inspection) to detect unauthorized events in a real-time manner. There are certain technological requirements demanded:

Power efficient processor

As deployed in usually unmanned, isolated and harsh environments, power efficiency is one of the main considerations for the security appliance discussed.

IEC-61850-3 compliance

ICS systems are deployed at power substations, smart grid, power plants, and oil and gas sectors, the security appliance must comply with IEC-61850-3 in order to endure any potential environmental factors.

Rich and Protected LAN and COM ports

Electrical uncertainty, such as surge, may occur in critical infrastructures. Thus, the I/O ports connected with peripheral equipments, like LAN and COM ports, must be designed with isolated and ESD protection.

Advanced LAN Bypass

Unexpected downtime may occur in harsh environments. Therefore, it is necessary to have a fault-tolerance mechanism for LAN connections.

Multiple configurations

The environments in critical infrastructures may vary and therefore the needed I/O connections, such as Gigabit LAN, SFP fiber or PoE ports, shall be configurable or customizable depending on the application scenarios.

DIN Rail mounting option

In an industrial setting, DIN Rail mount is one of the most used mounting standards.

Lanner’s Solutions

Lanner, with wide reputation and long-experience in design quality and responsive customization capability, provides robust industrial security appliances that can analyze data traffic, learn the patterns and protect the network with 24/7 anomaly detection in real-time. The solution series by Lanner provide multi-layer, in-depth defense, and forensic-based analysis, to protect critical assets through segmentation, protocol inspection, white-listing and command blocking.

LEC-6032 series, the recommended solutions by Lanner in this case, consists of compact fanless industrial security appliances empowered by the low-power Intel® Atom™ E3845 SoC. Regarding deployments in unmanned harsh environments where electrical uncertainty and network interruptions may occur, LEC-6032 series is designed with ESD/surge COM ports and LAN Bypass fault-tolerance function. LEC-6032 series also supports extended operating temperature from -40 ºC to 70 ºC.

In terms of I/O configuration, LEC-6032 series is offered in various customizable models with versatile LAN and COM options. For instance, LEC-6032C (model C) provides two Gigabit SFP fiber ports, while LEC-6032F (model F) comes with four Gigabit SFP fiber ports. Due to its DIN Rail design, LEC-6032 series is optimized for securing ICS and SCADA networks.

For the IT infrastructure, Lanner’s NCA-4210 is empowered by Intel® 6th/7th Gen. Core-i7/i5/i3 CPU (formerly Skylake/Kabylake) and DDR4 memory with ECC data integrity capability. NCA-4210 is designed with 2 DDR4 DIMM sockets with each supporting up to 32GB. The adoption of Intel® H110 or C236 series chipset as the new PCH brings up a huge upgrade for PCI Express. Regarding expansion, NCA-4210 is designed with a NIC module expansion slot to expand bandwidth.

Given the well-designed hardware, both LEC-6032 and NCA-4210 can bring integrated security in IT/OT convergence applications.

Featured Products

LEC-6032


SCADA / ICS Security PC with Intel Atom E3845 CPU and Advanced LAN Bypass

CPU Intel® Atom™ E3845 1.91GHz SoC CPU
ChipsetSoC

Read more

NCA-4210


1U x86 Rackmount Network Appliance Powered by Intel's 7th Gen Core Processors

CPU Intel® Core™ i7/i5/i3 or Pentium® or Celeron® (Skylake/Kaby Lake)
ChipsetIntel® H110 or C236

Read more

Who We Are

Lanner Electronics Inc (TAIEX 6245) is a world leading provider of design, engineering and manufacturing services for advanced network appliances and rugged applied computing platforms for system integrator, service providers and application developers.

Login

Popular Articles

Contact Us

Head Office

7F, 173 Datong Road Section 2,Xizhi District,New Taipei City 22184,Taiwan

Telephone: +886-2-8692-6060
Fax: +886-2-8692-6101
Email: contact@lannerinc.com

See all our offices