US Navy Improving Cyber Protection
The U.S. Navy is developing the Resilient Hull, Mechanical, and Electrical Security (RHIMES) system, a cyber protection system designed to make its shipboard mechanical and electrical control systems resilient to cyber attacks, officials announced Sept. 17.
Dr. Ryan Craven, a program officer of the Cyber Security and Complex Software Systems Program in the Mathematics Computer and Information Sciences Division of the Office of Naval Research, explained that RHIMES is designed to prevent an attacker from disabling or taking control of programmable logic controllers – the hardware components that interface with physical systems on the ship.
Chief of Naval Research Rear Adm. Mat Winter, commented:
The purpose of RHIMES is to enable us to fight through a cyber attack. This technology will help the Navy protect its shipboard physical systems, but it may also have important applications to protecting our nation’s physical infrastructure.
Attacks on mechanical systems that are operated by computers have happened before. Stuxnet, the famous industrial “computer worm” discovered in 2010 was designed to attack controllers of Iranian centrifuges, causing the centrifuges to run at very high speeds, effectively tearing themselves apart.
Traditionally, computer security systems protect against previously identified malicious code. When new threats appear, security firms have to update their databases and issue new signatures. Because security companies react to the appearance of new threats, they are always one step behind. Plus, a hacker can make small changes to their virus to avoid being detected by a signature.
RHIMES relies on advanced cyber resiliency techniques to introduce diversity and stop entire classes of attacks at once.
Most physical controllers have redundant backups in place that have the same core programming, he explained. These backups allow the system to remain operational in the event of a controller failure.
Image: US Secretary of Defense