Maarten Oosterink for PPA 2010 Delft, Vendor Requirements. Process Control Domain - Security Requirements for Vendors

Transcription

1 Maarten Oosterink for PPA 2010 Delft, Vendor Requirements Process Control Domain - Security Requirements for Vendors

2 Contents Purpose, Scope and Audience Development process Contents of WIB Standard Relationship with other initiatives Questions/discussion 2

3 Purpose, Scope and Audience Purpose Guarantee Vendors supplying secure systems & services at all stages of the lifecycle! Fit-for-purpose security, based on best practices in Shell and all the good work by many others Affordable solution for Vendors to gain certificate Minimum Standard freely available for everyone Many end-users to join, such that Vendors are only facing one requirement saving costs Step change now and evolve over time! Scope used with all new developments Audience big Vendors (MAC) small Vendors (>300) 3

4 Upfront Upfront Vendor Vendor Involvement = = Long Long Term Term Savings Savings Procurement Site Acceptance Run & Maintain $ Investment Trend With Certification INVESTMENT $ Investment Trend Without Certification 4

5 Contents Purpose, Scope and Audience Development process Contents of WIB Standard Relationship with other initiatives Questions/discussion 5

6 Smartness Level Concepts 6

7 Procurement Language Cyber Security Procurement Language for Control Systems Department of Homeland Security (DHS) More control over content e.g. describes multiple options for potential requirements Gaps e.g. only covers procurement phase Target audience different (procurement dept. vs. knowledgeable vendors) 7

8 Development of the ideal standard 8

9 WIB standards used ISO Code of Practice for Information Security Mgt AGA12-2 SCADA encryption API 1164 Security Guidelines for the Petroleum Industry CIDX (Cybersecurity in the chemical industry) ISO ISO ISO IEC IEC IEEE 1402 ISA99-1 ISA99-2 NERC Security Guidelines NERC CIP NIST SP NIST SP Principles and Practices for securing IT NIST SP ISA99-3 ISA99-4 ISA99-6 ISA SP100 Wireless Systems for Automation IEC High Availability Automation Networks ISO Information Technology - vocabulary - security IEC IEC Telecontrol Equipment and Systems 9

10 Development process IDEAL* IDEAL* standard standard Cyber Cyber Security Security Procurement Language Language for for Control Control Systems Systems Shell Shell DEP DEP Security Security requirement s s for for vendors vendors WIB WIB Security Security requirement s s for for vendors vendors 10

11 Development Process Global coverage outside Shell Standard shared with and comments received from: End-users: BP, Total, AkzoNobel, DSM, Heineken, Wintershall, Dow Chemical, DuPont, Southern Company, Laboralec, Aramco, Vendors: Invensys, Emerson, HIMA, Honeywell, READY! READY! 1st Vendor certified Min Min Security Security Std Std PCD PCD Systems Systems WIB WIB 650+ Comments 70+ Reviewers Wurldtech s Certificate Certificate Development Development Vendor s Vendor s Achilles Achilles Practices Practices Certificate Certificate 250+ Vendors March 2010 Time April

12 WIB s Process Control Domain Security Requirements for Vendors Mandatory for the whole Shell Enterprise! 2010 Vendors to obtain Achilles Practices certificates 2011 Vendors with no Achilles certificate no new systems in Shell! Join us, save costs and operate more securely! 12

13 Contents Purpose, Scope and Audience Development process Contents of WIB Standard Relationship with other initiatives Questions/discussion 13

14 WIB Std -Table of Contents 1. INTRODUCTION 2. GENERAL SECURITY POLICY 3. PROCESS CONTROL SECURITY FOCAL POINT 4. CONTROLS AGAINST MALICIOUS CODE 5. SOFTWARE PATCH MANAGEMENT 6. SYSTEM HARDENING 7. PROTECTION OF PCD DOCUMENTATION 8. ACCOUNT MANAGEMENT 9. BACKUP, RESTORE AND DISASTER RECOVERY 10. REMOTE ACCESS AND TRANSFER OF DATA FILES 11. WIRELESS CONNECTIVITY 12. SECURE CONNECTIONS TO SIS (SAFETY INSTRUMENTED SYSTEMS) 13. STANDARDS AND CERTIFICATION 14. SECURITY MONITORING 15. PROCESS CONTROL DOMAIN NETWORK ARCHITECTURE 16. HANDLING OF REMOTE AND ADVISORY SETPOINTS 17. DATA HISTORIANS 18. COMMISSIONING AND MAINTENANCE 19. REFERENCES APPENDICES APPENDIX 1 ARCHITECTURE LEVELS IN ANSI/ISA , PART 1 APPENDIX 2 WIB s DACA (DATA ACQUISITION AND CONTROL ARCHITECTURE) APPENDIX 3 WIB S APPROVED CONNECTIVITY APPLICATIONS 20 % Technology 80 % People, Process 14

15 Example: Security Focal Point (chapter 3) The Vendor shall nominate a Process Control Security Focal Pointin its organization, who is responsible for the following. Acting as liaison with Principal or the Contractor, as appropriate, about compliance of the Vendor s system with this requirements document. Communicating the Vendor s point of view on process control security to Principal s Engineers, Project Managers, and other relevant staff. Ensuring that tenders to Principal are aligned and in compliancewith both this requirements document and the Vendor s own internal requirements for process control security. Communicating deviations from, or other issues not conforming with, this requirements document to the organization of the Principal that is requesting the tender. Providing Principal with timely information about cyber securityvulnerabilities in the vendor s supplied systems and services. Providing timely support and advice to the Principal in the event of cyber security incidents involving the Vendor s systems and services. 15

16 Contents Purpose, Scope and Audience Development process Contents of WIB Standard Relationship with other initiatives Questions/discussion 16

17 ISA-SP99 suite of standards ISA99 Common ISA Terminology, Concepts And Models ISA-TR Master Glossary of Terms and Abbreviations ISA System Security Compliance Metrics Security Program ISA Establishing an IACS Security Program ISA Operating an IACS Security Program ISA-TR Patch Management in the IACS Environment was ISA Technical System ISA Target Security Assurance Levels for Zones and Conduits was Target Security Levels ISA System Security Requirements and Security Assurance Levels was Foundational Requirements was ISA ISA Product Development Requirements ISA-TR Security Technologies for Industrial Automation and Control Systems was ISA-TR Technical Derived ISA Embedded Devices ISA Host Devices ISA Network Devices ISA Applications, Data And Functions Released 17 17

18 ISA 99 and links to other initiatives Standard 18 The Future

19 Contents Purpose, Scope and Audience Development process Contents of WIB Standard Relationship with other initiatives Questions/discussion 19

20 20