Modern utility and industrial control systems require two-way information flow. Systems that previously used physically isolated, proprietary wireless networks to communicate over large areas are evolving to integrated, IP-based architectures. Wireless IP-based networks provide value but come with fear of exposure to cyber-attacks.
This challenge can be met by bringing enterprise-class security to wireless IP networks. The tools and techniques used to combat cyber-attacks on enterprises, financial institutions, e-tailers and government agencies can also provide cybersecurity for utility and industrial control system networks that is comparable to that of the most mission-critical enterprise networks.
Tropos mesh networks build upon open standard security techniques including AES, IEEE 802.1x, IEEE 802.11i, RADIUS, IPSec, SSL/TLS and SSH. These standards comprise requirements for authentication, authorization and access control; encryption; key generation, distribution, management and storage; physical security; and the detection and mitigation of attacks and include approaches ranging from the physical layer all the way up to the application layer. Using this multi-layer, defense-in-depth approach, Tropos networks have attained FIPS 140-2 and NERC CIP 002-009 compliance and are compatible with NISTIR 7628 and IEC 6235.
Because security threats are constantly evolving, it is essential that network systems be software upgradable in the field so that newly discovered vulnerabilities can be countered. Tropos has a history of providing software updates that enable new features to be implemented on existing mesh routers installed in the field. For example, important security features such as WPA2, IPsec VPNs and the functionality required to support FIPS 140-2 were rolled out via Tropos Mesh OS software updates that enabled these features to operate on existing, field-installed mesh routers. Tropos Mesh OS on field-installed mesh routers can be conveniently and reliably upgraded using the Tropos Control wireless network management system.