Our Commitment to OT Security

We take the security of your operations very seriously. SDA was built from the start using design principles to ensure security, availability, reliability, and data protection.

Security Is in Our DNA

Your factory floor’s operational technology (OT) requires high standards for reliability and security. Software Defined Automation prioritizes security as a fundamental aspect of our solution, which is why we employ a framework for a zero trust environment with a layered defense model built on AWS.

Our fine-grained role-based access control (RBAC) for projects and devices, secure networking capabilities, tenant isolation, and data protection practices ensure your privacy and security. Our operational practices have enabled us to provide better than 99% uptime for our services in 2024.

Delivering Peace of Mind

OT Cybersecurity

Service Reliability

Data Protection

Manage All Devices From a Single Pane of Glass

Role-based access control

Manage user permissions integrated with centralized identity management for easy onboarding, offboarding, and time-based access grants.

Secure Remote Acces

Provide a secure connection to your OT devices from anywhere in the world.

Approval workflows

Enforce the four eyes principle out of the box to reduce risk.

SDA Is Secure by Design

Secure tenant isolation

  • SDA strictly separates network traffic between tenants within its cloud architecture.
Read more
  • SDA strictly separates network traffic between tenants within its cloud architecture.
  • Only tenants can perform actions on their data.
Show less

Service reliability

  • Highly available public cloud (Amazon Web Services (AWS)) facilities in different sites enable reliability and scalability.
Read more
  • Highly available public cloud (Amazon Web Services (AWS)) facilities in different sites enable reliability and scalability.
  • Infrastructure as code (IaC) deployment with backups can be used to resume operations in a secondary site in the event of an outage of an entire primary site.
  • Disaster recovery mechanisms in place to resume operations in a secondary site in the event of an outage of an entire primary site.
Show less

Data backup and recovery

  • Real-time data replication within the AWS primary site.
Read more
  • Real-time data replication within the AWS primary site.
  • Automatic regular backups in secondary AWS site.
Show less

Secure and limited access to data

  • Cloud only (no physical) access to data—the underlying infrastructure is secured as part of a shared responsibility model.
Read more
  • Cloud only (no physical) access to data—the underlying infrastructure is secured as part of a shared responsibility model.
  • Full control over access at the project level, with ability to enable temporary third-party access as needed and a complete audit trail.
  • Role-based SDA access limited to reliability engineers for maintenance and account operations management.
Show less

Secure network traffic and storage

  • All network traffic as well as all data stored in the cloud are fully encrypted at rest and in transit.
Read more
  • All network traffic as well as all data stored in the cloud are fully encrypted at rest and in transit.
  • Browser-based Engineering protects against malicious software and minimizes exposure of sensitive information.
  • Connectivity service allows for on-demand creation of secure VPN tunnels to a gateway on the shop floor only when needed.
Show less

Architected With Security and Scalability in Mind

Web console

A web-based console enables you to manage your devices and industrial controllers in an integrated, secured, and…

Read more

A web-based console enables you to manage your devices and industrial controllers in an integrated, secured, and vendor-agnostic interface.

Show less

Authentication

Users can authenticate via SSO (including but not limited to OpenID Connect (OIDC), OAuth 2.0, and SAML 2.0 protocols, as well as Active Directory)…

Read more

Users can authenticate via SSO (including but not limited to OpenID Connect (OIDC), OAuth 2.0, and SAML 2.0 protocols, as well as Active Directory). Organizations have full control of user permissions. Temporary, granular access control for third parties is also possible.

Show less

APIs

SDA provides a comprehensive REST API to enable integrations.

Encryption

SDA encrypts all data in transit and at rest using TLS v1.3 and AES-256.

Version Control

Version Control provides secure storage, versioning, and auditability of PLC source code changes for multiple languages and versions from many vendors.

Local client

SDA’s local client provides code check-in, check-out, and synchronization, establishing the cloud a…

Read more

SDA’s local client provides code check-in, check-out, and synchronization, establishing the cloud as the single source of truth, even for on-premises engineering integrated development environments (IDEs).

Show less

Browser-based Engineering

You can access specialized engineering IDEs from multiple vendors on demand directly in a web browser…

Read more

You can access specialized engineering IDEs from multiple vendors on demand directly in a web browser to create and edit projects and commit new versions to the Version Control repository.

Show less

Connectivity

SDA connectivity establishes a short-lived, on-demand virtual private network (VPN) connection…

Read more

SDA connectivity establishes a short-lived, on-demand virtual private network (VPN) connection to a local gateway running SDA Agent VPN Client.

Show less

Automated Backup and Deployment

Secure connectivity enables seamless deployment of projects to remote PLCs from various vendors with Automated Backup

Read more

Secure connectivity enables seamless deployment of projects to remote PLCs from various vendors with Automated Backup (API) or the Browser-based Engineering graphical user interface (GUI). Automated Backup provides code integrity checks and backup of PLCs on demand or on a recurrent scheduled basis.

Show less

Dive Deeper

Webinar

Webinar: Protect Your Critical Infrastructure

On-demand

Webinar

Webinar: Authentication Mitigates OT Security Risks

On-demand