IC COHORT 5_1: Forrest Shriver of Sentinel Devices says, “Industrial cybersecurity is really an underserved field right now”
(EDITOR’S NOTE: This is the first article in a series introducing the innovators in Cohort 5 of “Innovation Crossroads.” Each founder will have an article focused on his or her company. Cohort 5 started “Innovation Crossroads” on June 21. Look for the rest of the series in the coming weeks.)
By Kailyn Lamb, Marketing Content Writer and Editor, PYA
For Forrest Shriver, Co-Founder and Chief Executive Officer of Sentinel Devices LLC, engineering has always been about working out a puzzle, but with a slightly different approach.
“It’s really interesting to think on, not just how am I going to engineer this to work, but how do I engineer this so that it’s secure? How do I engineer this so that somebody else can’t get into it,” he askes?
Although his Ph.D. from the University of Florida is in nuclear engineering, Shriver said he wanted to turn his entrepreneurial focus on cybersecurity. He added he enjoys “studying the different creative ways that people have found to get into different devices.”
Shriver recently relocated to Knoxville as part of Cohort 5 of the “Innovation Crossroads” program through Oak Ridge National Laboratory (ORNL) and the Department of Energy. Sentinel Devices works in cybersecurity, specifically in the industrial sector where things are “a bit further behind on the schedule,” Shriver said.
“Industrial cybersecurity is really an underserved field right now,” he added. “The problem right now is digital industrial devices and industrial infrastructure are really the foundation of everything we do. There are some significant challenges which you need to overcome which are very different compared to the consumer space.”
Over the past 10 years, there have been many improvements in cybersecurity for homes and personal devices. In the industrial world, digital controllers for places like water and power facilities can also be the target of attacks and may not have all the protections which are in place on modern devices. Cyber threats to these facilities pose a larger problem for communities as we are all dependent on this infrastructure for our day-to-day lives.
The core technology for many of these controllers was developed several decades ago, as early as the 1960s, Shriver said. Back then, cybersecurity wasn’t the threat that it is now. Today, this means much of the underlying digital infrastructure controlling machinery is “trust-based,” as he put it. Many controllers will accept any instructions coming from the outside world and may not implement any sort of encryption or verification to check that the instructions they receive are valid.
Most cybersecurity companies work from the top down, starting with the network. What Shriver’s company does instead is start with the controller that needs to be protected and work up. Its devices can be deployed alongside a controller and then learn its behavior, continuously monitoring the controller for any signs of a cyberattack. Shriver said Sentinel Devices has signed an exclusive license with the University of Tennessee, Knoxville for on-the-fly anomaly detection technology, which is part of the start-up’s core product.
Because the controllers often function in harsh conditions and need to execute commands efficiently and quickly, it’s not as simple as adding encryption, Shriver said. He added that some advanced security methods used in today’s cell phones could overload the processor and cause them to be unable to perform their intended function.
The fewer external connections, the more secure a device usually is, Shriver said. His company is working to take advantage of this guidance by developing cybersecurity devices that don’t need to connect or upload to the outside world to perform their function.
“What we’re effectively trying to do is make the device a mini-fortress unto itself where all it cares about in the world is the controller that its monitoring and itself,” Shriver said.
Through “Innovation Crossroads,” he said Sentinel Devices is looking to test its product in several live or near-live scenarios to evaluate the device’s effectiveness in the field.
Another challenge to be solved during “Innovation Crossroads” will be the development of an on-the-fly database construction technology, which can be independently applied to different controllers in different situations.
“If you’re trying to do this completely autonomously, it can be really expensive to deploy a cybersecurity expert to create a cleaned and managed data set for each and every device in your facility especially because no two facilities and no two devices are going to ever be the same and behave the same way,” he said. With the technology developed under “Innovation Crossroads,” Shriver explained, you don’t need a premade database outlining all the normal states of your device’s operation; you can build one on the fly.
Because cybersecurity is a concern for many industries, Shriver also said Sentinel Devices is hoping to make its device applicable to multiple fields and potential types of attacks. One he is focusing on is internal attacks, whether that is someone plugging in a USB with malware, or someone taking over a connection that allows remote workers to connect to their company network. The key is finding some common ground, Shriver said.
“What they have in common is that the base controllers that they’re using are a lot of times very similar so we can relatively easily make our solution robust that way,” he said. “We very much believe that this technology will be applicable to any industrial facility.”
In January, we posted this earlier article on Sentinel Devices.
