The experts over at United States Navy are busy in the development of a cyber-protection system, codenamed RHIMES (the Resilient Hull, Mechanical, and Electrical Security), to enhance cybersecurity and to protect the Naval’s shipboard electrical and mechanical control systems from the cyber attacks, according to the Office of Naval Research.
When the term cybersecurity appears on the Internet, most of the readers will conclude that the system is being developed to protect the data center or the Intranet system of the Navy. However, in this case, the cyber-protection systems are being upgraded in order to prevent hackers from disabling and controlling the physical machine.
Chief of Naval Research RADM Mathias Winter, while discussing the new anti-hacking system, said:
“The purpose of RHIMES is to enable us to fight through a cyber attack. This technology will help the Navy protect its shipboard physical systems, but it may also have important applications to protecting our nation’s physical infrastructure.”
On the other hand, Dr. Ryan Craven, a program officer of the Cyber Security and Complex Software Systems Program in the Mathematics Computer and Information Sciences Division of the Office of Naval Research, further explained about how implementing RHIMES system into the naval ships will prevent cyber-attacks. He stated that this new and improved system is designed to prevent hackers and attackers from taking control or disabling the programmable logic controllers – a shipboard system that is operated using computers and is responsible to communicate with the physical components of the ship.
For instance, the components that RHIMES is expected to protect include anchoring, electric power, damage control, and firefighting, steering and engine, electric power, climate control, hydraulics. In a nutshell, this anti-hacking system will protect all physical parts of the ship from hackers.
In a traditional computer security system, protection to the computer and the stored data is only provided against the viruses and malware that are previously detected. So whenever a new threat is developed by a hacker, first the security providers must detect it, update their databases and then release a new update in order to protect the users from the threat. Though, during the whole process, users remain vulnerable to the security threat.
Craven explained that instead of relying on the traditional security systems that keep users vulnerable to security threats for certain time period, the US Navy is working on RHIMES which depend on advanced cyber protection techniques in order to introduce diversity and stop the entire class of security threat in a single attempt.
“Vulnerabilities exist wherever computing intersects with the physical world, such as in factories, cars and aircraft, and these vulnerabilities could potentially benefit from the same techniques for cyber resilience.”
Craven further explained that the operating system being used these days are based on the same core programming and there is no diversity, which is why if one system gets infected then all the linked computer system would be infected too.
But with RHIMES, the developers have introduced diversity in the programming that uses different implementation for each controller system of the ship’s hardware. So in the event of a cyber-attack onto the shipboard, the hacker would not be able to attack more than one hardware system using the exact same exploit.