Topsec Industrial control safety monitoring and auditing system

Product Overview

Topsec industrial Control System Security Monitoring and Auditing Platform (ToplAS) is a security auditing product developed for industrial control systems. Based on an industrial-grade hardware platform design, the product supports deep parsing of mainstream industrial control protocols such as S7, Modbus, OPC, IEC 104, EIP, MMS, and DNP3. It can effectively conduct real-time auditing and monitoring of abnormal attacks, abnormal traffic, unauthorized operations, misoperations, and other behaviors in industrial systems. It also records security incident details and retains data packets, providing a fundamental basis for security incident investigations.

Activity & Announcement

Hot Products Intelligent Computing Cloud Platform
New Products Ask Large Model
New Products LLM Security Gateway
Typical cases CNCC security construction project

Advantages

Comprehensive Business Auditing Capability

According to the characteristics of industrial business, it supports the creation of blacklist and whitelist auditing strategies, enabling effective security auditing of read/write operations, write frequency, parameter ranges, variation ranges, and rate of change ranges of communication content in industrial control systems.

Multi-Dimensional Security Baselines

Supports the establishment of security baselines from multiple dimensions such as assets, traffic, and behaviors, enabling effective monitoring of asset access status, communication business associations, data packet verification, and operation behaviors.

Security Event Playback for Forensics

Relying on protocol deep parsing technology, it can fully restore the industrial on-site communication process. Through two core functions—full recording of communication behaviors and event playback—it completes the traceability of security incidents, providing a fundamental basis for relevant authorities to investigate security incidents.

Industrial-Grade Dedicated Hardware

Strictly designed in accordance with industrial-grade hardware standards, it adopts a fanless fully enclosed chassis, which can meet the requirements of various industrial on-site operating environments and ensure stable equipment operation.

2025

2024

2023

Ranked fifth with a 7.2% market share.

Achieved a market share of 7.2%, ranking 5th in the CCID "China Industrial Control Security Market Development White Paper 2025"

April 2025

Recognized as an Innovative Product in the 2024-2025 Annual New Generation Information Technology Innovative Product selection organized by CCID

Ranked fourth with a 7.9% market share.

Achieved a market share of 7.9%, ranking 4th in the CCID "China Industrial Control Security Market Development White Paper 2024"

July 2024

Ranked in the IDC report "China Industrial Control Security Auditing Market Share, 2023: Driven by Dual Engines of Compliance and Business Demand, Market Grows Steadily" with a market share of 6.6%, annual revenue of RMB 53 million, and YoY growth of +23.6%

December 2023

Recognized as a Market Leader in the CCID "China Industrial Control Security Market Development White Paper 2023"

Applications

Scenario Description

Deployed in bypass mode on industrial switches of critical devices, it conducts multi-dimensional parsing of industrial control commands from the control network through protocol deep parsing, business rule auditing, and a "whitelist" mechanism—including integrity, function codes, address ranges, value ranges, and variation trends. This detects compliance with network protocol communication data and command operations, realizing security monitoring and auditing of critical systems and devices.

Problems Solved

Based on industrial protocol deep parsing, it real-time restores operation behaviors targeting critical devices, visualizing operation and maintenance management.
Business behavior auditing: Establishes business behavior rules based on self-learning and real-time detects unauthorized operations in accordance with these rules.
Real-time discovery of unauthorized access by abnormal assets and unauthorized external connections.
Abnormal event traceability: Provides event recording and alarm logs for abnormal incidents, offering first-hand data for event traceability.

Scenario Description

According to business function characteristics, it is deployed in bypass mode on aggregation layer switches of various areas in the production network. On one hand, it alarms, records, and analyzes abnormal communications, unauthorized operations, protocol anomalies, and key events (such as register read/write operations) of operator stations and PLCs in each business subsystem. On the other hand, it alarms and records abnormal operations, abnormal communications, and unauthorized operations from other networks, enabling timely preventive measures.

Problems Solved

Auditing of external operation behaviors: Real-time audits operation behaviors outside security zones, effectively detecting illegal operations from inter-zone or external sources.
Complex network traffic communication at the boundaries of production areas: Real-time monitors and alarms for large-traffic attacks initiated externally and inter-zone traffic.
Automatically sorts out regional asset information by production area, assisting operation and maintenance personnel in optimizing asset management strategies and establishing asset whitelists.
Security event traceability: Provides multiple traceability mechanisms such as event recording, alarm logs, alarm uploads, and situational analysis.

Value to Customers

Independent and Controllable Security Technologies

Topsec's industrial security team possesses mature and reliable independent R&D technologies for software and hardware security. The product adopts an industrial-grade hardware platform and a proprietary secure operating system (NGTOS) design, enhancing the security of each component in the overall solution and eliminating or reducing potential security vulnerabilities caused by a large number of non-independent and controllable technologies.

Visualization of Security Threats

Topsec Industrial Security Monitoring and Auditing System supports automatic sorting of industrial control network assets, providing intuitive and clear network topology and abnormal information lists. It truly solves the "black box" problem of industrial control systems, assisting users in understanding network operation status and easily grasping network abnormal trends.

Compliance with Regulatory Requirements

The system can meet the requirements of national and industry policies and regulations related to security protection, such as "Information Security Technology - Basic Requirements for Cybersecurity Level Protection" (GB/T 22239-2019) and "Guidelines for Information Security Protection of Industrial Control Systems" (Gongxin Ruan Han [2016] No. 338).

Evidence-Based Event Traceability

The system can provide audit logs for abnormal events, communication relationships, operational behaviors, and security incidents, enabling detailed and in-depth restoration of the root causes of events. Meanwhile, it supports event recording, which supplies raw data for security incident traceability and offers strong support for security incident investigations in industrial control systems.

Specification

0 > 0 > 0 >

	TIA-42106-E	TIA-5222C-E
Throughput	1Gbps	2Gbps
Event Logging Capacity	5,000	10,000
Concurrent Sessions	100,000	200,000
Fixed I/O Ports	6xGE	8xGE,4xSFP
Form Factor	DIN Rail	1U
RAM	8GB	32GB
Storage	1TB	4TB
Power Specification	36W, Dual DC	150W, Dual AC
Power Supply	DC 9-36V	AC 100-240V,50/60 Hz
Working Temperature	-40～70℃	0~40℃
Relative Humidity	5~95%, Non-Condensing	10~95%, Non-Condensing
Weight	2.5Kg	8Kg
Dimensions (W × D × H, mm)	80×132.5×167.3	440×510×44

Success Case

A Certain Mining Industry Mine Comprehensive Automation Project

The comprehensive automation system of a certain mining industry mine has deficiencies in traffic audit and monitoring. Based on the characteristics of production business, an industrial control security monitoring and audit system is deployed. By means of operation behavior restoration + traffic monitoring + asset management and control, it solves the pain points of operation and maintenance and ensures the safety of mine production and personnel.

Value to Customers：: Independent & Controllable Security Technologies Security Threat Visualization Well-Documented Incident Traceability

View details

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation

A Certain Mining Industry Mine Comprehensive Automation Project

Topsec industrial Control System Security Monitoring and Auditing Platform

Product Overview

Product Service

Security Research

Special Topics in Security

About Us