Claroty's AI-Driven CPS Library Brings New Dimensions to Visibility, Vulnerability Attribution
Learn More
Background Image
 
English Deutsch Español Français Italiano Português 日本語 한국어 繁體中文
Request a Demo
Claroty Toggle Search

Report

Resolving the CPS Identity Crisis

A new digital library of cyber-physical systems asset information aims to solve an industry-wide problem of inconsistency in product identifiers.

Cover image for our report: Resolving the CPS Identity Crisis

View the Report

Cyber-physical system (CPS) asset information is as diverse as the original equipment manufacturers (OEMs) and medical device manufacturers (MDMs) supplying these critical systems. And while each OEM and MDM has a well-structured way of identifying assets in the physical world, the same isn’t true for naming conventions in the cyber realm. 

Inconsistencies stemming from different collection methods or protocols can leave security teams having to manually infer which assets may be exposed to which vulnerabilities. The risk for partial matching related to CVE attribution is real, impairing a team’s ability to accurately assess cyber risk in their environments. 

This report examines the nuances of asset visibility and their impact on overall CPS protection. We break down the core challenges to CPS asset identification, and then discuss how Claroty’s CPS Library, an AI-driven approach to device information mapping, dramatically improves this aspect of asset visibility.

Interested in learning about Claroty's Cybersecurity Solutions?

Request a Demo

Key Findings

1. First, we analyzed a data set of 17 million CPS assets and learned that:

  • 88% of CPS assets do not transmit an exact product code from data collection

  • 76% of devices transmit product codes that differ from the vendor's official record

2. Our AI-driven approach to tackling this fragmentation of device data demonstrates that the CPS Library solves a real risk-reduction problem.

  • For one large industrial automation vendor, our process for mapping accuracy showed a significant improvement, increasing the product code identification from single digits to 83%

  • With a matched product code, 56% of devices received new or updated security recommendations for outdated firmware

As a result, we were able to improve the accuracy of identifying vulnerabilities by 25%

Learn more about the CPS Library here:

Claroty
LinkedIn Twitter YouTube Facebook