Technology

Operant has developed the first Data-centric solution exclusively for Operational Technology (OT).

What is a Data-Centric approach?

It’s common to think of connections as point-to-point, but in the real world they seldom are. Data traverses multiple VPNs, servers, and firewalls as it moves from the field to an operations center. Likewise, most security tools were developed for securing point-to-point infrastructure and network perimeters. Thus, cyber solutions end up stitched together between handoffs requiring an intricate coordination of data decryption/re-encryption, ongoing configurations, and key management in a best-effort attempt to prevent breaches. The end result is often an entangled assortment of solutions with marginal effectiveness.

Instead, a data-centric approach offers the ability to encrypt, authenticate, and validate each and every data packet. This fundamental technology offers seamless end-to-end security for all data transmissions, regardless of network topology or number of handoffs.

Allows for multi-path communications without the need for complex fail-over controls as found in IT solutions

Can connect over ‘any link that can pass bit’, making it easy to deploy, even in complex legacy systems

Segmentation where communications are only visible to trusted parties. Assisting with IT/OT/IoT convergence.

Each data packet is signed, encrypted, and authenticated. Allowing for each transaction to be authenticated

“Game Changing” Cybersecurity

In 2021, the US Department of Energy published the Solar Futures Study report calling Operant's technology potentially “game changing” in the category of cybersecurity solutions required to transition the US electric grid to distributed renewables, while also protecting national security.

Though Operant’s technology was developed before Zero Trust became an industry buzzword, it is based on zero trust principles and is customized specifically for industrial control systems. Operant applies these principles to each individual data packet without impacting overall network performance using the following attributes:

Identity

Each data packet is signed by a fundamental identity based on public key cryptography and validated by the trust chain.

Access

Fine-grained trust policies define specifically which network entities are trusted to perform what actions, and which key should be used for each purpose.

Admininstration

Keys and certificates are securely and seamlessly deployed within the network as with any data packet.

Secure-by-design

Secure-by-design is a cybersecurity and software development approach that incorporates security measures into the very foundation of a system or product. By integrating security from the outset, technology providers offer end customers a system that is resilient against cyber threats.

Incorporating Operant's sotluions as the embedded security layer provides OEMs with native cybersecurity and provides a competitive advantage with regards to end customers needing to retroactively identify and patch design vulnerabilities after deployment.

Data-centric Networking

Operant’s solution is built with Named Data Networking (NDN), which represents a fundamental paradigm shift that solves the most persistent problems in today's network communications, in particular: resiliency, security, and observability. NDN enables secure end-to-end communications without depending on the security of the underlying communication channels; data is always secured regardless of whether it is in flight or at rest.

NDN focuses on individual data packets versus traditional ‘sessions’. Each packet is named, secured, and immutable and can be delivered along any link that can deliver bits, either stored or processed by computational algorithms. This enables applications to reliably achieve data confidentiality, integrity, and availability (CIA). Additionally, NDN brings a crucial advantage to secure networking; by enabling users and applications to express policies that define the authority of each secure certificate within the application namespace.