Guardtime
Guardtime Keyless Signature Infrastructure (KSI) for Critical Infrastructure Protection
Real-time Situational Awareness, Protection against zero-day attacks and Integrity Monitoring for industrial infrastructures
Historically the focus of security has been on availability and confidentiality. However for critical infrastructure integrity may be of even more importance. Malware such as Stuxnet represents an attack on the integrity of the system it infects. Whether nuclear power stations, transportation networks or industrial control systems the bottom line is that confidentiality is secondary to integrity. If you want to take out a country you don’t need to steal secrets. You simply need to manipulate the software inside their power-grid, communications and transport systems and it’s game-over. These are all integrity attacks and the reality is there is not a single critical infrastructure network can guarantee integrity – i.e. the administrators can prove they are in a clean state. They might be, they might not – they simply don’t know
KSI provides a new level of instrumentation for system integrity by using KSI digital signatures to digitally sign components, whether firmware, binaries, system events or configurations) to instrument the integrity of the infrastructure
Ericsson, Estonian Government, US Government