Abstract: Disclosed are methods, circuits, devices, systems and functionally associated machine executable code for context aware zero trust monitoring of critical infrastructure data network messages. Monitoring agents are functionally associated with and monitoring message communications to and from each of one or more transportation network units regulating components of the transportation network. Transportation network message evaluation logics evaluate a message intercepted by one of the monitoring agents, wherein each evaluation logic detects adherence violations of the message from a different transportation network aspect protocol. a scoring module for calculating, for each of the transportation network evaluated aspects, a score, a score aggregation module aggregates the message's scores, and a thresholding module compares the aggregated message score to a message adherence violation score threshold.
Abstract: Disclosed are methods, systems, devices, circuits and functionally related machine executable instructions for cybersecurity of a transportation management network, based on operational commands. A unit policy generation module generates expected behavior policies for transportation management network units—based on the signals/data-streams received by the behavior monitoring server and/or based on data, from one or more resources, indicative of the transportation network's activity. Generated policies are relayed to respective agents associated with the policy-generated/profiled unit. Expected behavior policies of the transportation management network units are based on Railway Signaling to and from systems used to control railway traffic safety and trains collision prevention.
Abstract: Disclosed is a secured transportation control network. A distributed set of transportation network management units are spread across different functional points of the transportation network. At least one network management unit agent functionally coupled to a respective network management unit is adapted to monitor communications of the respective management unit. A behavior monitoring server is adapted to generate a behavior profile for a network management unit based on information provided by an agent functionally coupled to the network management unit. A communication policy generator generates for at least one network management unit a communication policy based on behavior profiles of network management units with which the at least one network management unit communicates; wherein the communication policy is sent to an agent application functionally coupled to the at least one network management unit.
Abstract: Disclosed is a secured transportation control network. A distributed set of transportation network management units are spread across different functional points of the transportation network. At least one network management unit agent functionally coupled to a respective network management unit is adapted to monitor communications of the respective management unit. A behavior monitoring server is adapted to generate a behavior profile for a network management unit based on information provided by an agent functionally coupled to the network management unit. A communication policy generator generates for at least one network management unit a communication policy based on behavior profiles of network management units with which the at least one network management unit communicates; wherein the communication policy is sent to an agent application functionally coupled to the at least one network management unit.