You are here

Detection and Analysis of Threatsto the Energy Sector (DATES), March 2010

A security monitoring capability featuring multiple detection algorithms and cross-domain event correlation for defense against cyber attacks on energy control systems.

DATES is a detection and security information/event management (SIEM) solution enabling asset owners to protect their energy control systems at the network, host, and device level from cyber attacks. DATES complements traditional, signature-based detection with multiple detection algorithms, including modelbased and flow anomaly detection and cross-site attack correlation. The DATES detection and SIEM solution gives operators succinct and intuitive attack visualization, with attacks prioritized as to their impact on critical cyber assets and network zone crossing. This enhances an asset owner's situational awareness capability beyond simple event detection and log management.