Context-based secure controller operation and malware prevention

Assignee

• Karamba Security Ltd. · IL

Inventors

• Tal Efraim Ben David · Hogla, IL
• Assaf Harel · Ramat HaSharon, IL
• Amiram Dotan · Birmingham, US
• David Barzilai · Hod HaSharon, IL

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/84
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

In one implementation, a method for providing security on an externally connected controller includes launching, by the controller, a security layer that includes a whitelist of permitted processes on the controller, the whitelist including (i) signatures for processes that are authorized to be executed and (ii) context information identifying permitted controller contexts within which the processes are authorized to be executed; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the determined signature with a verified signature for the particular process from the whitelist; identifying, by the security layer, a current context for the controller; determining, by the security layer, whether the particular process is permitted to be run on the controller based on a comparison of the current context with one or more permitted controller contexts for the particular process from the whitelist.