Integrating Electronic Security into the Control Systems Environment: differences IT vs' Control Sys - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Integrating Electronic Security into the Control Systems Environment: differences IT vs' Control Sys

Description:

In January, 2003, the SQL Slammer Worm penetrated a computer network at Ohio's ... five hours; SQL Slammer Worm downed one utility's critical SCADA network in US; ... – PowerPoint PPT presentation

Number of Views:114
Avg rating:3.0/5.0
Slides: 29
Provided by: enzot
Category:

less

Transcript and Presenter's Notes

Title: Integrating Electronic Security into the Control Systems Environment: differences IT vs' Control Sys


1
Integrating Electronic Security into theControl
Systems Environment differences IT vs. Control
Systems Enzo M. Tieghi etieghi_at_visionautomatio
n.it
2
Security IT Control System Security where are
we?
3
Some cases about industrial -infrastructure Cyber
incidents
  • In January, 2003, the SQL Slammer Worm penetrated
    a computer network at Ohios Davis-Besse nuclear
    power plant and disabled a safety monitoring
    system for nearly five hours SQL Slammer Worm
    downed one utilitys critical SCADA network in
    US another utility lost its Frame Relay Network
    used for communications some petrochemical
    plants lost Human Machine Interfaces (HMIs) and
    data historians a 911 call center was taken
    offline Airline flights were delayed and
    cancelled
  • in 2001, a series of cyber attacks were conducted
    on a computerized waste water treatment system by
    a disgruntled contractor in Queensland,
    Australia. One of these attacks caused the
    diversion of millions of gallons of raw sewage
    into a local river and park. There were 46
    intrusions before the perpetrator was arrested.

4
Some cases about industrial -infrastructure Cyber
incidents
  • In September, 2001, a teenager allegedly hacked
    into a computer server at the Port of Houston
    the ports web service, which contained crucial
    data for shipping pilots, mooring companies and
    support firms responsible for helping ships
    navigate in and out of the harbor, was left
    inaccessible
  • 1997 Shutdown at traffic air control system
    tower at Worchester Regional Airport (MA) USA
  • Italy 2004 Sasser halts 40 PCs in production
    plant of leading pharmaceutical company (batches
    to rework, week-end spent to restart plants,
    reinstall and revalidate systems etc.)
  • Water distribution SCADA system in California
    attacked and down (2005)
  • No official statistical source database with
    20-30 tracked incidents in 2002-2004 in
    California (USA)
  • Database at BCIT (CA) in construction

5
The 3 security faces
  • Phisical Security (Perimeter)
  • Guard on duty, gates, ports, etc.
  • Human factor Security (Organization)
  • Security policy
  • Security procedures
  • Awareness and training
  • Cyber-Security (Technology)
  • Antivirus
  • Acces control, authentication,
  • Firewalls,

6
Network Vulnerability examples
Firewall
Browser Clients
SAP
Mail Server
Corporate Network
MES
Desktops
Plant Network
Web Server
Historian
Wireless AP
Remote Access Server
Mobile Operator
Ethernet
HMI
Control System Application Server
Process Control Network (Proprietary or Ethernet)
Controller or PLC
7
eSecurity in control systems industrial and
infrastructure consideration about security
(not only Safety)
  • 11 items why Security in control systems (DCS,
    PLC, SCADA/HMI, plant networks, etc. )
  • is different from IT Security

8
BS7799 vs. ISA-99.00.01Comparison of Objectives
9
ANSI/ISA-95 Functional Hierarchy
10
ANSI/ISATR99.00.022004
  • Art. 6.5
  • Special Considerations for Manufacturing and
    Control Systems
  • Manufacturing and Control System electronic
    security plans and programs are consistent with,
    and build on, existing IT security experience,
    programs, and practices. However, there are
    critical operational differences between IT and
    Manufacturing and Control Systems that influence
    how specific measures should be applied. ().

11
Why eSec is different - 1
  • Differing risk management goals
  • Rirsk Definition Human safety and fault
    tolerance to prevent loss of life or endangerment
    of public health or confidence, loss of
    equipment, loss of intellectual property, or lost
    or damaged product.

12
Perché la Sicurezza è diversa? /2
Why eSec is different - 2
  • Differing architecture security focus
  • In a typical IT system, the primary focus of
    security is protecting the information stored on
    the central server.
  • In manufacturing systems, the situation is
    reversed. Edge clients (e.g., PLC, operator
    station, or DCS controller) are typically more
    important than the central server.

13
Perché la Sicurezza è diversa?/3
Why eSec is different - 3
  • Differing availability requirements
  • Many manufacturing processes are continuous in
    nature. Unexpected outages of systems that
    control manufacturing processes are not
    acceptable. Exhaustive pre-deployment testing is
    essential to ensure high availability for the
    Manufacturing and Control System. In addition to
    unexpected outages, many control systems cannot
    be easily stopped and started without affecting
    production. In some cases, the products produced
    or equipment being used is more important than
    the information being relayed. The requirement
    for high availability, reliability, and
    maintainability reduces the effectiveness of IT
    strategies like rebooting.

14
Perché la Sicurezza è diversa?/4
Why eSec is different -4
  • Unintended consequences
  • Manufacturing and Control Systems can be very
    complex in the way that they interact with
    physical processes. All security functions
    integrated into the process control system must
    be tested to prove that they do not introduce
    unacceptable vulnerabilities. Adding any physical
    or logical component to the system may reduce
    reliability of the control system, but the
    resulting reliability should be kept to
    acceptable levels.

15
Perché la Sicurezza è diversa?/5
Why eSec is different- 5
  • Time critical responses
  • For some systems, automated response time or
    system response to human interaction is critical.
  • For example, emergency actions on regulatory
    process control systems should not be hampered by
    requiring password authentication and
    authorization.
  • Information flow must not be interrupted or
    compromised.

16
Perché la Sicurezza è diversa?/6
Why eSec is different -6
  • Differing response time requirements
  • Manufacturing and Control Systems are generally
    time critical
  • Delay is not acceptable for the delivery of
    information, and high throughput is typically not
    essential.

17
Perché la Sicurezza è diversa?/7
Why eSec is different -7
  • System software
  • Differing and custom operating systems and
    applications may not tolerate typical IT
    practices.
  • Networks are often more complex and require a
    different level of expertise (e.g., control
    networks are typically managed by control
    engineers, not IT personnel).
  • Software and hardware applications are more
    difficult to upgrade in a control system network.
  • Many systems may not have desired features
    including encryption capabilities, error logging,
    and password protection.

18
Perché la Sicurezza è diversa?/8
Why eSec is different -8
  • Resource constraints
  • Control systems and their real time operating
    systems are resource constrained systems that do
    not include typical IT security technologies.
  • There may not be available computing resources to
    retrofit these security technologies.

19
Perché la Sicurezza è diversa?/9
Why eSec is different -9
  • Information integrity
  • In-bound information is highly essential to the
    control system operation.
  • It is important to take practical precautions to
    eliminate malicious in-bound information in an
    effort to maintain control operation.

20
Perché la Sicurezza è diversa?/10
Why eSec is different -10
  • Communications
  • Communication protocols and media used by control
    systems environments are typically different from
    the generic IT environment, and may be
    proprietary.
  • Examples include radio telemetry using
    asynchronous serial protocols and proprietary
    communication networks.

21
Perché la Sicurezza è diversa?/11
Why eSec is different - 11
  • Software Updates
  • Security patches cannot always be implemented on
    a timely basis because software changes need to
    be thoroughly tested by the vendor of the
    manufacturing control application and the end
    user of the application before being implemented
  • Change management control is necessary to
    maintain integrity of the control systems.

22
Perché la Sicurezza è diversa?
Why eSec is different final
  • These differences require careful assessment by
    Manufacturing and Control System experts working
    in conjunction with security and IT personnel.
  • This team of people should carefully evaluate the
    applicability of IT and specific Manufacturing
    and Control Systems electronic security features,
    including thorough testing before application,
    where necessary.

23
Network Segregation
Rings of Defense for Corporate and SCADA
Networks www.dyonyx.com
24
What to do ad hoc methodology and tools
  • Industrial Security Assessment
  • Industrial Security Vulnerability Tests
  • Industrial Security Policy
  • Industrial Incident Response Plans
  • Business Continuity Disaster Recovery Plans
  • Industrial Protection (Industrial IDS/IPS)
  • Monitoring and Managed Services for Industry
  • Audit

25
Where Control Systems are?
  • Everywhere
  • Industrial but also Infrastructure
  • Production and Distribution Water, Oil Gas,
    Power, etc.
  • Traffic control Railways, Highways, Tunnels,
    Air, etc.
  • Buildings Airports, Hospitals, Schools,
    Governament, Research Centers, Universities,
    Municipalities, etc.
  • TLCs

26
Whats moving
  • 21 Steps to improve Cyber Security of SCADA
    Networks(USA White House)
  • Common vulnerabilities in critical
    infrastructure control systems(U.S. Dept. Of
    Energys National Nuclear Security
    Administration)
  • Securing Process Control Systems - IT Security
    (European Commission)

27
Industrial security and international standards
  • BS7799-ISO27000 Information security management
    systems Specification with guidance for use
  • ISO/IEC 177992005 Information Technology Code
    of practice for information security management
  • ANSI/ISA SP99 TR1 Security for Manufacturing and
    Control Systems
  • ANSI/ISA SP99 TR2 Integrating Electronic Security
    into Manufacturing and Control Systems
    Environment
  • ISO/IEC 15408 Common Criteria
  • NIST System Protection Profile for Industrial
    Control Systems (SPP-ICS)
  • CIDX Chemical Industry Data Exchange -
    Cibersecurity Vulnerability Assessment
    Methodology (VAM) Guidance
  • ISPE/GAMP4 Good Automated Manufacturing
    Practices App. O Guideline for Automated System
    Security
  • NERC standards
  • AGA standards

28
need more information?www.visionautomation.it
Enzo M. Tieghi - etieghi_at_visionautomation.it
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Integrating Electronic Security into the Control Systems Environment: differences IT vs' Control Sys" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!