GE sees digital ghost deployments in 2019
GE said it plans to make its digital ghost technology commercial available in late 2019 and expand it into oil and gas and renewable energy industries.
Launched in 2017 out of GE's research unit, digital ghost is a security spin on digital twin technology. Where the digital twin replicates physical equipment virtually for predictive maintenance and other use cases, digital ghost is a virtual version of control systems in industrial ethnology that can find attacks based on anomalies in how the machine is operating.
Digital ghost technology, which in theory is an "invisible presence" that watches over and monitors every part of a power system, has been in development with the U.S. Department of Energy. In October, GE said the Department of Energy awarded it a $12.6 million contract to develop cyber-protection technologies that will act like the immune system in the human body. Digital ghost is a part of that contract.
The digital ghost technology is designed to complement information and operational technology firewalls as well as mesh with edge computing and digital twin technologies.
GE's latest advance with digital ghost is to know when a sensor is being spoofed. Justin John, technology director for controls and optimization at GE Global Research, said power plants are increasingly being attacked by nation states. "For critical infrastructure there aren't any random hackers. Infrastructure is being attacked by well funded nation states," said John.
GE plans to launch independent industrial IoT company, unloads ServiceMax: Too little, too late? | GE's new industrial IoT software business: What it means for customers
By creating a digital twin of the control system and sensors, GE can use digital ghost to look at the physics behind a machine. Artificial intelligence can detect attacks based on comparing how a machine normally operates. What's changed with attacks is that attackers can spoof the code of controls. "This spoof code of controls can fake an attack or make operations look different," explained John. "With AI, we can look at 140 different dimensions and correlations with the sensors. If it's a staged attack sensors will be manipulated over time."
Digital ghost can now pick out the sensors that are being attacked and create an active defense, said John. For instance, a power plan may have six compromised sensors under an attack. The system would replace readings from those sensors with estimates from the digital ghost, said John.
- Cybercrime and cyberwar: A spotter's guide to the groups that are out to get you
- Cyberwar and the future of cybersecurity (free ebook)
- Cyberwar predictions for 2019: The stakes have been raised
The upshot is that by using those digital ghost estimates, a plant operator can replace those compromised sensors when it's most convenient to bring the equipment down.
John said GE's digital ghost tools can reconstruct results with less than 1 percent error in simulations. GE has been testing various attacks including one simulation where it monitored 15 sensors in a gas turbine, attacked six and was able to reconstruct results accurately, he added.
"We are working with business partners to deploy in 2019 with algorithms based on more than 30 years of normal operation," he said.
More:
- Can Russian hackers be stopped? Here's why it might take 20 years
- Survey shows IT professionals concerned about cyberwarfare, end users, and conducting international business
- What is cyberwar? Everything you need to know about the frightening future of digital conflict
- Governments and nation states are now officially training for cyberwarfare: An inside look
- Video: The impending cybersecurity disaster of industrial control systems
- Understanding the military buildup of offensive cyberweapons
- Video: The Internet of Insecure Things, and why we're still in denial
- Cybercrime Inc: How hacking gangs are modeling themselves on big business
- Why ransomware is exploding, and how your company can protect itself
- How the Dark Web works
- Disorganized crime and state-backed hackers: How the cybercrime and cyberwar landscape is constantly changing