TEDDI: Tamper Event Detection on Distributed Infrastructure

TEDDI (Tamper Event Detection on Distributed Infrastructure) is a distributed, sensor-based approach to tamper detection for devices connected to a utility’s SCADA network. TEDDI consists of three components: Tamper Information Points (TIPs), which live inside a utility’s cabinets, use their sensors to monitor the cabinets for possible intrusions, and send tamper signals upstream when they see an abnormal reading; Tamper Enforcement Points (TEPs), which act on tamper decisions that are made; and Tamper Decision Points (TDPs), which reside in a higher-security area of the network, collect information from the TIPs within the network, and send tamper event detection decisions to the TEPs in the network. To fuse together the sensor data and determine what events are occurring, TEDDI uses factor graphs made up of the indicators that denote the events we are looking for, which allows operators to configure our system quickly and efficiently. We also developed the TEDDI Generation Tool, which automatically generates the necessary TIP, TDP, and TEP files based on the operator’s input.

Tech category: