The STOP-IT tools are demonstrated by our four project frontrunner water utilities (Aigües de Barcelona in Spain, Berliner Wasserbetriebe in Germany, Mekorot in Israel and Oslo VAV in Norway). This news entry introduces the demonstration activities at Mekorot in Israel.
Challenges: Each year Mekorot publishes a list of needs to overcome its challenges and to assure the continued safe water supply to the citizens of Israel. The STOP-IT project and solutions answer perfectly to the following cyber and physical security needs:
- State of the art fusion tools for large-scale data received from field sensors and or data originating from various information systems, in order to create data and advanced insights
- Reliable and secure (secured communications) transfer of data and images from remote locations to a command centers and neighboring facilities
- Covert systems for short- and medium range intrusion detection at secure facilities
- Outdoor movement detection and recording systems for concealed installation at sites
Approach: Mekorot and other water companies often are targets of physical- and/or cyber-attacks. In order to improve our resilience as a water supply company we applied the following STOP-IT tools for testing.
Jammer Detector: Mekorot operates its water system remotely by cellular network. For this reason it is important to keep high availability of the network. The Jammer Detector acts as a non-intrusive external element in the wireless networks, monitoring the physical layer to specifically detect Jamming attacks to the wireless band(s), where the wireless sensors, industrial IoT elements and devices are connected to the Infrastructure network.
Network Traffic Sensors and Analyzers: This tool includes a set of sensors and analysers dedicated to label IT and OT traffic data as normal or anomalous, based on the results from the training and analysis process.
Access Control using Electronic Locks: Mekorot manages the access to its facilities by traditional locks, a method with many drawbacks such as key losses or keys might be given to unknown factors. For this reason, an entire keys renovation is required every few years. MEKLOCK is an access control system based on the use of electronic locks and an application for smart phones that entirely can replace the traditional keys.
Fine-grain Cyber Access Control: This is a software engine, which implements a policy decision point. It is useful to develop a fine-grain access control system based on policies.
Real-Time Anomaly Detector: The Real-Time Anomaly Detector is a system capable of detecting unknown anomalies in real-time data, using different sources of information with automatic learning abilities, and with the supervision of a specialist to validate complex threats.
Successful application: As a conclusion of the development of the Smart-Locks and the successful demonstration activities that were done in STOP-IT, Mekorot has decided to implement MEKLOCK in tens facilities. The tool has improved the authorization policy dramatically by implementing an accurate and on-going updated access control policy. Reason for the development of MEKLOCK was that there were many types of authorization levels to the Mekorot facilities that required the employees/users to carry many physical keys. The smartlocks enable authorized employees/users to disarm the existing system in the facility without the need to carry physical keys. Instead, they will be equipped with only one electronic key and a smartphone application that controls the entrance and arms or disarms the facilities. The software also offers additional fixtures, such as navigation to the facilities by WAZE, connection to cameras, panic button and updated operational data. Therefore, the MEKLOCK tool increases the safety level in general, enables the supervision of the activity in the facilities and allows authorized staff to easily enter the Mekorot premises and facilities.
Conclusion: STOP-IT was a major step for Mekorot to increase its resilience by demonstrating a set of tools for cyber- and physical protection. The project took place in an era of increasing cyber attacks on water facilities in Israel, emphasizing the importance of projects like STOP-IT even more. The knowledge share that was done in the project and the exposure to innovative technologies accelerated the implementation of additional cyber tools and added more layers to the risk-management methodology that Mekorot follows.