RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich

Transcription

1 RIPE RIPE-17 Table of Contents The Langner Group Washington Hamburg Munich

2 RIPE Operations Technology Management Plan (MP-17) 0.1 Purpose Process Overview Implementation Scope Revision Notes Organizational Resources OT Support Center Cooperation of other Departments Use of External Resources Asset and Configuration Management System Inventory Network Architecture and Data Flow Diagrams OT Planning, Configuration, and Procurement Workforce and Contractor Management Workforce Information Database Training Program Policies and Standard Operating Procedures Incident Management Incident Response Capability Incident Detection and Assessment Procedure Incident Response and Recovery Protocol Managerial Control Performance Measurement Vulnerability and Fragility Analysis Performance Evaluation and Improvement Reporting and Management Sign-Off RIPE-17 Table of Contents Langner.com

3 RIPE Implementation Plan (IP-17) 0.1 Scope and Structure of this Document Using this Document Revision Notes Pre-RIPE: Setting the Stage Overview Define Objectives, Priorities, and Implementation Scope Provide Organizational Resources Set up an OT Configuration Management Database (CMDB) Set up a Workforce Information Database Set up an Online Document Repository Provide Tools for Creation of Network Diagrams Provide Tools for the Creation of Data Flow Diagrams Document Efforts, Results, and Lessons Learned RIPE Cycle Zero: Introducing the RIPE Instruments Overview Plan and Schedule Activities Develop a Conceptual Framework for the System Inventory Produce or Update Preliminary Network Diagrams Produce Preliminary Data Flow Diagrams Populate the Workforce Information Database Customize the Training Curriculum and Start Training Courses Customize and Rollout Policies and SOPs Customize and Rollout the OT Reference Architecture Introduce a System Procurement Guideline Customize Incident Management Procedures and Protocols Collect, Analyze, and Report Results RIPE Cycles One to N: Continuous Improvement Overview Write a Cycle Implementation Plan Introduce Improved RIPE Instruments Apply the Prescriptive RIPE Instruments Improve the System Model Develop and Maintain a Cyber Incident Response Capability Perform Audits Analyze and Report RIPE-17 Table of Contents Langner.com

4 RIPE System Inventory (SI-17) 0 Introduction Scope and Intended Audience The Role of the System Inventory within RIPE The RIPE System Inventory Data Model Revision Notes Identifier Nomenclature Purpose and Usage of a Nomenclature Component Identifiers Network Identifiers Cable Identifiers System Identifiers System Context Functional Context Product Context Location Device Classes Identification Attributes Qualifying Attributes Connectivity Attributes Informational Attributes Device Instances Inherited Attributes Identification Attributes Qualifying Attributes Configuration Attributes Remote Configuration Detection & Verification Support Informational Attributes Software Classes Identification Attributes Qualifying Attributes Integrity Attributes Connectivity Attributes Informational Attributes Software Instances Inherited Attributes Identification Attributes Qualifying Attributes Integrity Attributes Connectivity Attributes RIPE-17 Table of Contents Langner.com

5 6.6 Informational Attributes Developing a System Inventory Develop an Identification Nomenclature, if not existing already Collect System Context Information Identify OT Hardware and Software Products used at given Site Identify Individual Devices and Software Instances Complete Configuration Details RIPE-17 Table of Contents Langner.com

6 RIPE Network Diagram Style Guide (NW-17) 0.1 Scope of this Document Intended Audience Revision Notes Network Diagrams General Definitions and Conventions Granularity, Hierarchy Layers, and Network Diagram Types Identifying Location Diagram Labels Junction Points Referencing other RIPE Resources File Format for Documentation Purposes Nodes Node Symbols, Color Codes, and Labels Network Switch Router Firewall Wireless Access Point Modem Data Diode Server Workstation Operator Panel Mobile Workstation Industrial Automation and Control Device Sensor and Actuator Printer Other Components Networks and Subsystems Ethernet-based Networks Fieldbusses Subsystems Communication Links Link Type: Ethernet vs. Fieldbus Link Type: Copper vs. Fiber Optics Point-to-Point Connections Interface and Link Labels RIPE-17 Table of Contents Langner.com

7 RIPE Data Flow Diagram Style Guide (DF-17) 0.1 Scope and Intended Audience Understanding Data Flow Diagrams Revision Notes Components and Subsystems General Components Subsystems Data Flow General Interfaces Connected Interfaces vs. Open Interfaces Data Flow Categories and Color Codes Interface Labels... 9 RIPE-17 Table of Contents Langner.com

8 RIPE Reference Architecture (RA-17) 0.1 Scope and Intended Audience Reading the Rules Revision Notes Network Architecture General Corporate Network Interface Remote Access Web Access Wireless LAN Network Access by Mobile Systems from Non-Staff Isolation of Black Boxes Network Infrastructure Services General DHCP DNS Active Directory, Domain Controllers, and LDAP Time Servers (NTP and similar Protocols) Backup Sinks Anti-Virus Signature Update Service Security Patch Update Service Network Devices Firewalls Wireless Access Points Network Switches and Routers Computer Systems General SCADA/DCS Servers HMIs and Operator Panels Mobile Engineering Systems Operations Technology Systems other than SCADA/DCS Industrial Control Systems General Programmable Logic Controllers RIPE-17 Table of Contents Langner.com

9 RIPE System Procurement (SP-17) 0.1 Intended Audience The Role of System Procurement in RIPE The RIPE System Procurement Philosophy Suggested Use of the RIPE System Procurement Module Revision Notes Product Documentation Basic documentation quality Hardware Documentation Software Documentation Network Documentation Disaster Recovery and Contingency Planning Configuration Integrity Assurance System Hardening Detection of Unauthorized Software Installation and Execution Version Control Controller Configuration Target Verification Configuration Integrity Verification Disaster Recovery Network Resilience and Robustness Address Space Allocation Network Resilience Vulnerability Scans Non-Use of Insecure Services System and Network Monitoring Clock Synchronization Access Control and Account Management Authorization Passwords Account Management Logging Network Accessibility Vendor Processes and Procedures Quality Management Policy Compliance Statement Flaw Remediation Cyber Security Focal Point RIPE-17 Table of Contents Langner.com

10 RIPE Workforce Management (WM-17) 0 Introduction Scope and Intended Audience The Role of Workforce Management within RIPE Understanding User Roles Workforce Management Functions Revision Notes End User Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Engineer Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Administrator Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Planner/Developer Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege RIPE Support Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Visitor Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Supervisor Typical Job Positions and Use Cases RIPE-17 Table of Contents Langner.com

11 7.2 Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege Incident Response Typical Job Positions and Use Cases Operations Technology Rights and Responsibilities Document Access Nomad Systems and Remote Access Privilege RIPE-17 Table of Contents Langner.com

12 RIPE Policies and Standard Operating Procedures (PO-17) 0.1 Scope and Intended Audience Understanding User Roles, Policies, and SOPs The RIPE Policy Philosophy Revision Notes External Engineers (Contractors) Using Computer Systems Using Mobile Systems that Enter and Leave the Facility (Nomad Laptops) BYODs (Smartphones, Tablet Computers, MP3 Players etc.) Using Networks Using Mobile Media Exchanging Files Using Remote Access Configuration Change Management Procedure Operations Technology Users Using Computer Systems Using Mobile Media and Mobile Systems Using the Internet and Exchanging Files Engineering and System/Network Administration Using Computer Systems Using Mobile Systems not Leaving the Facility (Resident Laptops) Using Mobile Systems Entering and Leaving the Facility (Nomad Laptops) Using Networks Using Mobile Media Exchanging Files Maintaining Endpoint Security Maintaining Network Security Firewall Rule Set Update Procedure Generic Configuration Change Management Procedure OT Planning and System Design Exchanging Files Planning Design and Configuration Change Procedure System Acquisition Procedure Visitors Using Computer Systems and Networks Using the Internet and Exchanging Files RIPE-17 Table of Contents Langner.com

13 RIPE Incident Management (IM-17) 0.1 Scope and Intended Audience The Role of Incident Management in RIPE Understanding OT Incident Management Revision Notes Cyber Incident Response Capability Cyber Incident Response Personnel and Relevant External Parties Technical Cyber Incident Management Requirements Cyber Incident Response Prerequisites Training and Exercises Cyber Incident Detection and Assessment Cyber Incident Identification, Validation and Assessment Cyber Incident Prioritization Cyber Incident Notification Mobilization of Response Forces Cyber Incident Response Predictive Analysis of Potential Incident Response Side Effects Cyber Incident Containment Eradication and Recovery Post-Incident Procedures Post-Recovery Notification In-Depth Forensic Analysis Cyber Incident Response Review and Documentation RIPE-17 Table of Contents Langner.com

14 RIPE Training Curriculum (TC-17) 0.1 Scope Training Formats Training Overview Verification Revision Notes Policy Related Training End User Policies Contractor Policies Part I: Acceptable System Use Contractor Policies Part II: Network and Media Use Engineering and Administrator Policies Part I: Acceptable System Use Engineering and Administrator Policies Part II: Network and Media Use Remote Access Visitor Policies Task Specific Training Applying the RIPE System Procurement Module Turning RIPE System Procurement Security Criteria into Requirements Applying the RIPE Reference Architecture to Network Infrastructure Applying the RIPE Reference Architecture to Systems Applying the RIPE Reference Architecture to Electrical Systems Maintaining Endpoint Security Practical Control Network Troubleshooting Incident Response Procedures and Protocols Incident Response Drill Incident Response Tabletop Exercise for Management Background Knowledge OT Boot Camp Cyber Attacks Against Industrial Facilities: Lessons Learned from Known Attacks Control Networks Design Issues and Strategies for Control Networks RIPE-17 Table of Contents Langner.com

15 RIPE Capability Metrics (CM-17) 0 Introduction Purpose Subject Under Consideration and Time of Verification Metric Types Revision Notes Indexes OT Security Resources Workforce Installed System Base: Resident Hardware Components Installed System Base: Mobile Devices Installed System Base: Networks System Inventory (SI) RIPE.SI.Capability RIPE.SI.%Completeness RIPE.SI.%Accuracy Network Architecture Model (NA) RIPE.NA.Capability RIPE.NA.%Completeness RIPE.NA.%Accuracy Data Flow Model (DF) RIPE.DF.Capability RIPE.DF.%Completeness RIPE.DF.%Accuracy RIPE.DF.%Accuracy.Protocols RIPE.DF.%Accuracy.MobileDevices Workforce Management (WM) RIPE.WM.Capability RIPE.WM.%Completeness RIPE.WM.%Accuracy RIPE.WM.%Completeness.ThirdParties Training Program (TP) RIPE.TP.Capability RIPE.TP.%Completeness RIPE.TP.%Compliance RIPE.TP.%Compliance.ThirdParties Policies and Standard Operating Procedures (PO) RIPE.PO.Capability RIPE.PO.%Completeness RIPE-17 Table of Contents Langner.com

16 7.3 RIPE.PO.%Compliance RIPE.PO.%Compliance.ThirdParties System Procurement (SP) RIPE.SP.Capability RIPE.SP.%Completeness RIPE.SP.%Conformity OT Planning and Configuration (PC) RIPE.PC.Capability RIPE.PC.%Completeness RIPE.PC.%Conformity Consolidated Security Capability (SC) RIPE.SC.Overall RIPE.SC.Model RIPE.SC.Policies RIPE-17 Table of Contents Langner.com

17 RIPE Concepts and Terminology (CT-17) Asset CAPEX CCSE CIFS CMDB Computer Console Control Network Controlled Software CPE Critical Systems/Networks DCOM Digital Device DCS Distributed System DMZ Downstream Engineering FAT FTP HMI Incident ICS IED ISMS Mobile System Network Zone Network Component Nomad System NTP OPC Operations Technology (OT) OPEX OS OTSC Perimeter PG PLC Quality RPC Remote Access Point Resident System REST RFP RIPE SAT SCADA SDL SMB Sniffing SNMP SOAP SOP System Context TCO Thin Client Upstream USB Whitelisting Workforce Management Unauthorized Software, Hardware, Access UML UPS VLAN VPN RIPE-17 Table of Contents Langner.com