gener8tor startup Blocmount aims to protect industrial control systems

It’s not your imagination – cyber breaches in industrial control systems are rising.

In February 2021, a hacker gained access to the computer system at the Oldsmar water treatment plant in Florida and briefly increased the level of sodium hydroxide in the water to a dangerous level. The breach was quickly detected, and no one was harmed, but it highlighted the vulnerability of critical infrastructure systems to cyber attacks. 

In May of the same year, the Colonial Pipeline, which supplies fuel to much of the eastern United States, was hit by a ransomware attack that forced the company to shut down its pipeline for several days. The attack caused widespread fuel shortages and panic buying in many parts of the country.

These attacks represent the growing need for an innovative solution.

Texas State University computer science professor Mina Guirguis launched a cybersecurity startup called Blocmount focused on improving control systems’ protection. Incorporated in 2022, the company has developed a comprehensive library of anomaly and threat detection algorithms. Its Artificial Intelligence (AI) agent uses these algorithms to monitor control processes actively.

“When you become a professor, you’re always looking for the next big problem to solve,” Guirguis said. “My cybersecurity expertise in cyber-physical systems made me look at industrial control systems and how to protect them better.”

Blocmount provides on-premise and off-premise cloud services that monitor the contextual behavior of a company’s control system and flag suspicious behaviors due to faults, failures, configuration errors, and cyber threats. Blocmount develops and maintains a comprehensive library of anomaly and threat detection algorithms (called ‘blocs’). At its core, Blocmount’s technology is an AI agent that orchestrates these blocs to monitor the control process actively. 

“Our technology, in essence, becomes the ‘eyes and ears’ on the floor to protect production, equipment, and human life,” Guirguis said.

Blocmount’s detection algorithms are designed to work with a wide range of control systems and protocols. The company uses an open architecture approach to integrate with various third-party systems and tools.

To maintain a comprehensive and extensible library of detection algorithms for the cybersecurity of control systems, Blocmount leverages machine learning to identify new threats as the platform improves its detection algorithms. The combination of automated and manual processes helps Blocmount analyze and respond to new threats as they arise. 

Small- and medium-sized manufacturers are struggling to maintain increasingly complex control systems. Plus, the manufacturing sector in the U.S. has a severe talent shortage, as legacy employees retire and are replaced by a less-experienced workforce.

This scenario opens the door for potential configuration errors and hinders manufacturers from continuously providing adequate monitoring, especially as adversaries become more sophisticated in their attacks.

The San Antonio-based startup employs two senior software engineers – Noah Dunsttater and Alireza Tahsini. Both are Texas State University graduates who worked in Guirguis’ lab and have “collaborated on many successful research projects published in top venues,” Guirguis said.

Last year, Guirguis was admitted to and completed the nation’s first cybersecurity accelerator program created by gener8ator. The accelerator program helped Guirguis learn the business side of scaling a startup.

“Critical infrastructure is a massive target for bad actors,” said Amanda Keammerer, gener8tor’s cybersecurity accelerator program managing director. “Blocmount works with manufacturers to establish specific baselines for their specific machinery.”

Keammerer explained partnerships with integrators would be key to Blocmount’s growth in this market.

“What’s exciting is that this same AI can detect any anomaly, not just cyberattacks, which expands Blocmount’s market beyond cybersecurity,” Keammerer added.

In 2022, Blocmount won a National Science Foundation (NSF) SBIR (Small Business Innovation Research) Phase I grant of $256,000 for its AI defense agent. Guirguis plans to apply for a Phase 2 SBIR grant with NSF. The non-dilutive funding would help fund the manufacturing of Blocmount’s tool for broader distribution.

“As these systems become increasingly interconnected and digitized, the risk of cyberattacks will continue to grow,” Guirguis said. “Blocmount can help small- and medium-sized manufacturers that are typically resource constrained understand the contextual behavior of their assets at run-time.”

The featured image is of the Blocmount team (from left): Mina Guirguis, Noah Dunsttater, and Alireza Tahsini. Courtesy photo.