Electronic Armor is a comprehensive hardware and software level protection solution that increases the cyber resiliency of mission-critical platforms such as aircraft, weapon systems, and critical infrastructure. It is built on the premise of “zero trust,” meaning it assumes attackers already have access to the system and sufficient privileges to disrupt its function. EA capabilities include:

• Electronic Armor – Operating System
• Electronic Armor – Trusted Boot (EA-TB)

EA-OS is a software-based cyber resiliency solution that locks down the execution environment of the operating system, and protects both the integrity and confidentiality of applications, libraries and data. Features: OS Hardening EA enables system integrators to permanently remove non-critical system components, tools, dynamic link library files and internal/external operation system interfaces. EA prevents debugging on the system by monitoring OS interfaces and watching OS objects in memory. EA protections cannot be unloaded or disabled by a local administrator or attacker who has gained privilege on the system. Data Protection EA encrypts data/applications at page level and provides just-in-time decryption capability to ensure data is protected at rest and while the system is in use. EA controls data access at the process level, preventing unauthorized applications from accessing sensitive information. Authenticated Execution EA prevents all unauthorized applications, libraries or drivers from being executed on a protected system. Combined with EA’s OS hardening capabilities, EA prevents attackers from executing malicious code or introducing tools to gain introspection capability. Event/Response Framework EA includes a customer-configurable event/response framework. The EA event/response framework is used to detect user attempts at executing unauthorized applications, accessing protected data, modifying protected data and removing EA protections. EA supports a variety of responses to include blocking access, logging events, degrading system performance, system shutdown and removing data. Hardware Binding EA authenticates the environment that it is in by using the unique signature of the various hardware, OS or environmental factors on the system to provide data-at-rest protections as well as preventing offline system introspection of critical applications. Secure Boot EA cryptographically measures code loaded and executed during the boot sequence, ensuring they match known values, before allowing a system to boot. Once the host system is securely booted, EA’s HW protection layer (EA-TB) extends trust to the software protection layer (EA-OS). Hardware Root of Trust Integration EA-OS is tightly integrated with both EA-TB and Raytheon’s Boot Shield to securely offload key material, offload cryptographic operations, integrate event/response policy, and enable real-time memory monitoring of critical applications and data.

Protecting Industrial Control Systems Supervisory Control and Data Acquisition (SCADA) systems are more vulnerable to attack than ever before. With the introduction of modern network protocols into SCADA architectures, cyberattack vectors have increased dramatically. Isolating the SCADA network is impractical – information still must be shared with other organizations and control centers. Mechanisms used to share information must support a broad range of protocols, such as the Inter-Control Center Communications Protocol (ICCP), Distributed Network Protocol (DNP3) and International Electrotechnical Commission’s (IEC) 61850, to ensure maximum flexibility for future growth and transition. High Speed Guard™, from Raytheon Cyber Products provides just the solution. High Speed Guard is a militarygrade solution in widespread use throughout the United States Department of Defense (DOD) and Intelligence Community (IC). This state-ofthe-art solution automatically and securely moves data between physically separated networks. High Speed Guard allows the SCADA controlled local area network (LAN) to be completely isolated from routable protocol communication (as defined in North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP-002-4), thus providing unmatched protection to the SCADA system. High Speed Guard™ High Speed Guard is a Department of Defense (DoD) and Intelligence Community (IC) accredited software solution that enables highly complex, uni-directional or bi-directional, automated data transfers between multiple physically segregated networks. High Speed Guard supports diverse systems’ communication with comparatively low administration costs, making it the ideal choice for production-critical systems that require rapid, automated data transfer. High Speed Guard has demonstrated the fastest throughput and lowest latency transfer rates of any guard or diode technology. A typical High Speed Guard deployment is able to sustain transfer rates of more than 9 gigabits per second (Gb/s) and latencies below 10 milliseconds (ms) on commodity hardware, running a hardened Red Hat® Enterprise Linux® operating system with a strict Security-Enhanced Linux (SELinux) policy. SCADA Protocol Support High Speed Guard can be readily integrated to secure and validate common SCADA related protocols such as DNP3, IEC 61850, ICCP, and Multimedia Messaging Service (MMS). Additionally, its data transfer capabilities meet or exceed the low latency requirements of DNP3 and IEC 61850. High Speed Guard in Action Deploying High Speed Guard in a SCADA environment provides unprecedented protection for this critical cyber asset. No longer will communication traverse the SCADA controlled network segment to the Field Device LAN or the corporate network without intense scrutiny. Using High Speed Guard’s trusted operating system protections and network separation combined with rigorous protocol enforcement and content inspection, every message (ICCP, IEC 61850, DNP3, etc.) can be inspected. Furthermore, one High Speed Guard can have several data flows with different protocols. High Speed Guard Rule Engine Unlike a firewall, High Speed Guard validates the correctness of a protocol as well as the content at the application layer. It does not forward or route packets; it inspects application level data. The Rule Engine supports full customization of inspection capabilities enabling the creation of complex security policies. This allows specific inspections and constraints for each protocol. Almost any security policy can be expressed through the Rule Engine’s programming language. Features and Benefits

• Serves as the primary barrier in the electronic security perimeter (ESP) of a distributed control system (DCS)
• Readily compatible with SCADA protocols
• Low Latency for control systems
• Broad flexibility for multiple uses in one installation
• Customer configurable for simplified management and maintenance
• Highly customizable for precise control of data flow