You are represented for the first time with the company IHSE in our cpmFORUM. However, the military environment is by no means new to your company. Could you give us a brief introduction to IHSE?
IHSE is a Hardware manufacturer of KVM technology which stands for Keyboard Video & Mouse and can trace our origins back to 1984 when the company was formed.
In layman’s terms we make transmitter boxes that plug into the Keyboard, Video & Mouse ports of a computer CPU and transcode those signals to transmit them via dedicated Cat X or Fiber optic cabling to one of our receiver boxes at an operator’s console desk which decodes the signal and has a Keyboard, Video and Mouse attached to it.
The distance of this cabling can be many metres (or kilometres) but due to advanced, low-latency design the user experience is the same as if the computer is sitting under your desk, other than the experience with standard remote desktop protocols.
In addition, we manufacture KVM matrices with secure switching and these sit between the computers and the users. And again, in simple terms, this is a type of switchboard where many computers attached to our IHSE KVM matrices can be connected to many operator’s desks or MediaWalls in a Command & Control Room; all secured to a high level.
The benefit of this is that the computers are moved out from under the desks in the Command & Control Room and stored in secure data rooms, thus eliminating the noise & heat in the room and reducing the risk of unauthorised access whilst enabling easy sharing or collaboration.
Whilst historically our products have been designed for the industrial and commercial market there has always been a steady demand from the defence industry who appreciated the functionality and integration ease that our highly secure systems brought to their projects and more recently this has led us to produce a specific product line for the NATO Defence Market with EAL4+ certification called IHSE Secure.
Data security is one of the most important topics of recent times in the field of critical infrastructures and military environments. To what extent do your products protect against internal and external attacks on highly sensitive data?
IHSE is very much concerned with internal attacks or what we call ‘The Insider Threat’. We mitigate against the threat that someone who works within the premises or the Command & Control room and has access to sensitive data is a bad actor and is either intent on stealing secrets for our adversaries or trying to damage our systems.
Think of Edward Snowden or Chelsea Manning who used USB Sticks plugged into computers to download sensitive data or of all the others yet to be discovered and whose methods are evolving and becoming far more sophisticated.
Of course, we could simply lock all the computers down but in an evolving defence environment, operatives need to be able to share systems, information, and data in order to analyse situations and make rapid decisions.
A modern Command & Control room during a major event receives more and more video information & messaging streams (often from a coalition of allies). These are being added continually to give a broader view of the defence situation and to give an immediate update on any action taken. This is ‘instant situational awareness’.
All this data is live, highly confidential, and potentially at risk of theft or corruption. Complexity is added in mixed environments combining classified and unclassified areas.
The IHSE KVM system only streams packets of pixels from the CPU to display the computer images. From the user desk, data transport is strictly limited to keyboard and mouse signals to control the CPU. All computer systems, their hard disks, USB ports and data are kept well away from the operatives and locked in a secure facility that can only be accessed by system managers with the highest of security vetting, processes, and procedures.
What certifications do your products have?
IHSE Secure is a range of products that we designed in response to the needs of our existing defence and critical infrastructure customers who felt that the risk of espionage and damage to systems has increased. IHSE is taking a more proactive approach to the cyber security market in general.
The first IHSE Secure products have the Common Criteria EAL4+ Certification for multi-class peripheral sharing; and this will be joined by other products for the Secure portfolio in future.
That sounds very exciting. When I think of the networking of many different systems on the battlefield, I also think of a wide variety of data packets with extreme amounts of data. Tamper-free data transmissions, even in real time, are particularly important for image evaluation. Does this pose a challenge for your products?
All these systems stream many petabytes of data and there is sort of ‘Information Arms Race’ to achieve information superiority over our adversaries whilst also striving to adhere to good information assurance practice.
These two necessities are clearly competing with each other and a further complication to all of this is that the operatives’ array of computers may be on classified and unclassified networks (or multi-class according to NATO Information Assurance Classifications). Good information assurance practice demands that there can be no possibility of data leakage from one network class to the other or indeed access of classified information from an unclassified network.
IHSE provides a solution whereby all of these operatives, needing immediate information in a rapidly evolving situation, have the facility to use and interact with these systems but without being able to take the data away or to corrupt them by injecting malicious software.
To mitigate against the constantly evolving tamper risk IHSE has developed a new Secure EAL4+ product line.
Are there already solutions from other manufacturers? If so, how does your approach differ?
There is a large range of desktop switching products from other manufacturers. Some of the manufacturers produce multi-Class desktop switches which have the keyboard, video and mouse cables connected locally at the desktop where we believe they are vulnerable to attack. Our IHSE KVM system moves all these interfaces back into the Secure Data room.
A key difference with IHSE and other KVM is that we shield the keyboard, video and mouse interfaces behind Data Isolators (Diodes). This provides end-to-end protection for all data streams delivered to the user desk, using an IHSE KVM matrix in between or not. To our knowledge, no other KVM manufacturers shield their extenders to the same degree as IHSE.
Our approach begins with the belief that the key risk is at the user and computer sides of the KVM system as this is where the interfaces are open standard, often physically exposed and generic.
For example, the monitor video interface is usually bi-directional to feed EDID information back to the computer and this represents an attack opportunity for a bad actor to feed malicious code into the computer via the monitor back channel.
IHSE Secure products have EAL4+ certified isolators built into the extender endpoints which prevent these bi-directional data flows but also mitigate against a range of far more sophisticated attack vectors which target the audio, keyboard and mouse interfaces.
Digital environments are subject to constant change. How does your company ensure future-proof use and to what extent can users cover all solutions across your portfolio?
There are two sides to that question:
The first is that our CPU/Console extender endpoints connect with the keyboard/video/mouse interfaces and there has been change in these over the years particularly video which has developed from simple VGA to display port 1.4 and IHSE has steadily supported each new interface as soon as they became ubiquitous.
The second part concerns the transmission cabling for the signals between the endpoints. For the KVM world this has taken the form of dedicated end-to-end cabling either via Cat X or fiber optic pairs and utilising a dedicated proprietary matrix or alternatively by utilising a TCP/IP Ethernet network with a standard network switch.
The relative merits of each approach would take many pages to discuss but certainly creating a segregated space on an existing IP network with appropriate provisioning for bandwidth and security is challenging and adds to the existing network Information Assurance load exponentially due to the quantity of data that the video streams create.
IHSE’s Secure Products use dedicated end-to-end cabling via an IHSE matrix as we believe that this is quicker to build and is more able to handle the huge quantities of video data without difficulty and IHSE’s use of proprietary transmission protocols make it far harder to hack than the open standards of IP networking.
However, in a legacy environment such as a retrofit to a Command & Control room there may not be full and unfettered access to completely re-cable and this is where the flexibility of the IHSE products show particular adaptability.
We manufacture a large range of different transmitter/receiver endpoints with a variety of video interface options which include VGA, DVI, HDMI and DisplayPort so we have most of them catered for,
In addition, our matrix technology monitors and re-clocks incoming signals. This makes it possible to receive a signal on one type of cable or one video standard/resolution and to send that signal out on another, for example, DVI-in and DisplayPort-out.
Another example of this would be a C2 Room already cabled with Cat X and with a MediaWall of HD tiles and HD monitors, however, a coalition source computer configured with a 4K graphics card is fiber-optically connected to the matrix.
Thanks to the above features, our IHSE KVM matrix can still send it over legacy Cat X Cabling into the C2 room.
So, all in all, IHSE is leading the KVM market in terms of latest interfaces and making integration into heterogenous or legacy environments, whilst optimizing compliance with Information Assurance!
If a system fails due to a malfunction, what options do your products offer to return to safe operation as quickly as possible?
IHSE endpoints can be specified with dual power supplies and redundant path where each unit has 2 network ports for primary and secondary operation, the secondary network is a backup network that is fully live and takes over immediately that there is a failure of the primary network.
Our matrices also have redundant power supplies and can be specified with multiple controller cards where the secondary controller takes over if there is a failure (redundant matrices).
There are many additional design possibilities depending on how resilient a customer needs to be vs how layered and complex the system can be.
The Command & Control environment is growing and becoming more complex, what are your future plans?
The required computing power and the number of systems to analyse these complex, evolving situations is constantly growing. More and more data streams need to be analyzed concurrently and a more collaborative effort is required.
Meanwhile, the attack vectors of insider threat are also evolving and good Information Assurance practice has never been more important.
The IHSE Secure range helps system managers resolve these complex, competing requirements both in new-build and in legacy environments and, as the threat evolves, the IHSE Secure product range will grow to help mitigate against these.
First published in cpmForum, Volume 4-2023
Copyright: cpm GmbH