Mission Critical Industrial Ethernet Network Design Seminar
|
|
- Sophie Ferguson
- 6 years ago
- Views:
Transcription
1 Mission Critical Industrial Ethernet 2010 Mission Critical Appliance Hirschmann Tofino Security Network Design Seminar Justin Nga Senior Application Engineering Manager 1
2 Agenda Belden and Hirschmann Security Perspectives Trends and Driving Factors Common Misconceptions Technologies Firewalls Applying the Tofino - Defence in Depth Hirschmann Tofino Live Demo Conclusion 2
3 Belden and Hirschmann 3
4 History of Belden, Hirschmann, and Lumberg Automation In 1902, Belden is founded by Joseph Belden in Chicago, Illinois. In 1993, Belden expands into Europe. In 2004, Belden and Cable Design Technologies merge to form Belden CDT Inc. In 2007, Belden CDT Inc. is renamed Belden Inc. In 1924, Hirschmann company is founded by Richard Hirschmann in Esslingen near Stuttgart, Southern Germany. In 2005, Hirschmann Automation and Control GmbH is formed. In 2007, Belden Inc. acquires Hirschmann Automation and Control. In 1933, Lumberg company is founded by Karl and Erich Lumberg in Schalksmühle near Düsseldorf, Germany. In 2002, Lumberg Automation Components GmbH is formed. In 2007, Belden Inc. acquires Lumberg Automation. End to End Signal Transmission Solutions 4
5 Hirschmann 88 Years Of Innovation Setting trends for new technologies in Industrial Connector Richard Hirschmann company founded Invention of the»one-two-plug«audio connectors Actuator»cube«connector Certification of entire laboratory connector range to IEC 1010 World smallest self-assemble sensor connector M8 MiniQuick Self assemble sensor connector VarioQuick M12 BusQuick Fieldbus connecting system for Profibus PA & Foundations Fieldbus Self assemble IEC 1010 laboratory connector range Installed the world s first optical ETHERNET network at University of Stuttgart Developed Redundant Ethernet Ring Co-development of the Actuator Sensor Interface Fieldbus system over fiber-optic - RS485 & Profibus repeater Industrial Ethernet Rail hub New FiberFieldbus-System FIP New Fiber Fieldbus-System GENIUS Fast redundancy in industrial Fast Ethernet switch 12 Mbit/s Profibus fiber-optic repeater Modularize gigabit Ethernet Backbone Switch - Mach 3000 Modular Industrial Fast Ethernet Switch - MICE IP67 Railway certified switch EEC enabled Industrial Ethernet Switch & RS2-16M, SPIDER / Eagle mguard Modular Industrial Gigabit Ethernet Switch - Power MICE OpenRail & MACH Fast Ethernet, Gigabit Ethernet Railway certified wireless switch Ruggedized switches for substations Wireless LAN IP67 for ATEX Zone 2 Zero milliseconds failover test (IEC HSR/PRP) for substation automation RSP switches with IEC PRP (HSR future release) Setting trends for new technologies in Industrial Networking
6 Security Perspectives 6
7 Differences between IT and ICS Networks IT security solutions are based on assumptions that are often not fully transferable into ICS and SCADA networks Differing Security Focus Differing Performance Requirements Differing Reliability Requirements Differing Operating Systems and Applications Differing Risk Management Goals Differing Security Architectures 7 7
8 Differing Security Focus I.T.: Privacy First - Protect the Data SCADA/ICS: Safety First - Protect the Process Priority IT SCADA/ICS #1 Confidentiality Availability #2 Integrity Integrity #3 Availability Confidentiality Byres Security Inc. 8 8
9 Security Perspectives Control Networks vs Corporate Networks 9
10 Trends 10
11 Critical Control and Automation Trends Control and Automation Systems and Applications are migrating from proprietary to open standards, to enable seamless connectivity From serial to ethernet Profibus to Profinet Modbus to Modbus TCP Ethernet/IP, etc Analog Signal Enhancements and Evolution: 4-20mA to Hart, Fieldbus technologies, FDT DTMs, etc Automation technology trends tend to lag off IT technology trends by approximately years before gaining wider acceptance and deployment, e.g. Unix to Windows operating systems Databases/Historians Oracle, SQL, Pi Middleware applications e.g. OPC MES applications Network convergence - Data, Voice, Video / Enterprise to Control layer Typically categorised under the banner of Industrial Ethernet / Networking 11
12 Communications Hierarchy Level 1: Corporate level Level 2: Management Level Level 3: Process Management and Control Level Level 4: Field Level ERP: SCADA: DCS: PLC: Enterprise Resource Planning Supervisory control and data acquisition Distributed Control Systems Programmable Logic Controller Process and manufacturing data is not just available at the field level, but is seamlessly integrated into higher-level data acquisition systems via Industrial Ethernet Business drivers - Sensor to Boardroom.. Real time decision making Efficiency Increased dependence on the network for Asset Management, OHS, Maintenance, etc. A Mission Critical Network must be robust, reliable with fault tolerance, manageable, maintainable and scalable. 12
13 Common Misconceptions 13
14 Famous Last Words Most public utilities rely on a highly customized SCADA system. No two are the same, so hacking them requires specific knowledge. Scott Berinato Debunking the Threat to Water Utilities CIO Magazine March 15,
15 Security Incidents in the Water Industry Salt River Project SCADA Hack Maroochydore Shire Waste Water Treatment Plant Software Flaw Makes MA Water Undrinkable Trojan/Keylogger on Ontario Water SCADA System Viruses Found on Auzzie SCADA Laptops Audit/Blaster Causes Water SCADA Crash DoS attack on water system via Korean telecom Penetration of California irrigation district wastewater treatment plant SCADA. SCADA system tagged with message, "I enter in your server like you in Iraq." 15
16 Security Incidents in the Oil Industry Electronic Sabotage of Venezuela Oil Operations CIA Trojan Causes Siberian Gas Pipeline Explosion Anti-Virus Software Prevents Boiler Safety Shutdown Slammer Infected Laptop Shuts Down DCS Virus Infection of Operator Training Simulator Electronic Sabotage of Gas Processing Plant Slammer Impacts Offshore Platforms SQL Slammer Impacts Drill Site Code Red Worm Defaces Automation Web Pages Penetration Test Locks-Up Gas SCADA System Contractor Laptop Infects Control System 16
17 Security Incidents in the Chemical Industry IP Address Change Shuts Down Chemical Plant Hacker Changes Chemical Plant Set Points via Modem Nachi Worm on Advanced Process Control Servers SCADA Attack on Plant of Chemical Company Contractor Accidentally Connects to Remote PLC Sasser Causes Loss of View in Chemical Plant Infected New HMI Infects Chemical Plant DCS Blaster Worm Infects Chemical Plant 17
18 Security Incidents in the Power Industry Slammer Infects Control Central LAN via VPN Slammer Causes Loss of Comms to Substations Slammer Infects Ohio Nuclear Plant SPDS Iranian Hackers Attempt to Disrupt Israel Power System Utility SCADA System Attacked Virus Attacks a European Utility Facility Cyber Attacks Reported by Asian Utility E-Tag Forgery Incident in Power PSE Power Plant Security Details Leaked on Internet Stuxnet 18
19 Where Do All These Come From? maintains the Repository for Industrial Security Incidents (RISI) which tracks network security incidents that directly impact industrial operations. World s largest collection of control system security incidents. Both malicious and accidental incidents are tracked. 19
20 Cyber Security Incident Types General Incident Type N/A 0% External Hacker Outsider 47% Insider 53% Intentional 20% Software or Device Flaw Disgruntled Employee Human Error Unintentional 80% Insider 14% N/A 48% Outsider 38% Malware Infection 2011 Security Incidents Organization 20
21 Where do Hackers start? Conferences e.g. Blackhat / Toorcon SHODANHQ the Google for Hackers Feb Security researcher Oscar Kouroo, working for the Dutch nuclear physics institute NIKHEF, found out that national infrastructural systems were listed on Shodan, (a database of cyber security vulnerabilities) and could be easily accessed remotely. Those systems, controlling pumping stations and sluices, are vital for the water management of a large part of the Netherlands. Other white papers on the Internet. ICS Cert Website 21
22 Technologies - Firewall 22
23 Firewalls A H/W or S/W mechanism used to control and monitor traffic to and from a network, based on predetermined security criterias, for the purpose of protecting devices on the network Firewall Classes: Packet Filter: Static rules (allow/deny) Low cost and low impact on network performance Lacks the ability to understand the relationships between a series of packets Stateful Inspection: Ability to intelligently track relationships of packets High security and good performance Expensive and complex Application Proxy: Opens packets at the application layer, process against rules, reassembles and forwards High security, potentially slower network performance Deep Packet Inspection: Application firewalling - offers filtering deeper into the application layer but at lesser load 23
24 Limitations A firewall offers limited or no protection against: Internal attacks Social engineering attacks Attacks over permitted connections Malware such as Trojans, Viruses, Spyware, Phishing, or damaging active components (ActiveX, Java Applets, JavaScript) Passive attacks (Sniffing the LAN, traffic analysis, etc.) Improper use of mobile computers Removable media 24
25 Applying the Tofino For Defence in Depth 25
26 Bastion Strategy vs Defence in Depth I. Hard-perimeter II. Defense-in-depth 26
27 Security Issues in Control Networks Soft Targets PCs run 24x7 without security updates or even antivirus Controllers are optimized for real-time I/O, not for robust networking connections Multiple Network Entry Points The majority of cyber security incidents originate from secondary points of entry to the network USB keys, maintenance connections, laptops, etc. Poor Network Segmentation Many control networks are wide-open with no isolation between different sub-systems As a result problems spread rapidly through the network 27
28 Typical Control Network Architecture 28
29 Typical Control Network Architecture 29
30 A Perimeter Defense is Not Enough We can t just install a firewall at the edge of the network and forget about security. The bad guys will eventually get in Many problems originate inside the plant network We must harden the plant floor. We re crunchy Defense in Depth. on the Outside - Soft in the Middle 30
31 Defense-in-Depth Strategy By defense-in-depth strategy, we mean the protection measures composed of more than one security control to protect the property. By the use of this kind of multi-layer measures, another layer will protect the property even if one layer is destroyed, so the property is protected more firmly. Yokogawa Security Standard of System TI 33Y01B30-01E Byres Security Inc. 31
32 ANSI/ISA-99: Dividing Up The Control System A core concept in the ANSI/ISA-99 security standard is Zones and Conduits Offers a level of segmentation and traffic control inside the control system. Control networks divided into layers or zones based on control function. Multiple separated zones help to provide defense in depth. 32
33 Security Zone Definition Security zone: grouping of logical or physical assets that share common security requirements. [ANSI/ISA ] A zone has a clearly defined border (either logical or physical), which is the boundary between included and excluded elements. HMI PLC 33
34 Conduits A conduit is a path for the flow of data between two zones. Any communications between zone must have a conduit. We need to identify all the conduits, not just the obvious ones. Conduit HMI PLC 34
35 Protecting the Network with Zones and Conduits A firewall in each conduit will allow only the MINIMUM network traffic necessary for correct plant operation Generate alarm messages when traffic is blocked Conduit HMI PLC 35
36 Zones and Conduits provide Defense in Depth 36
37 Zones and Conduits provide Defense in Depth 37
38 Zones and Conduits provide Defense in Depth 38
39 Defense in Depth via Distributed Security Appliances Add the missing layers of defense using external hardware security appliances that are specifically designed for the task Make sure the product is easy to install, configure, and manage in the plant environment Ultra-reliable hardware Install, configure, and manage with no plant down time Support the equipment and protocols commonly used on the plant floor Tools that are focused on the needs and capabilities of plant personnel Byres Security Inc. 39
40 Hirschmann Tofino 40
41 Hirschmann Tofino The Hirschmann Tofino Industrial Security Solution: Byres Security Tofino software Tofino Argon Applicance Hirschmann Hardware Eagle20 Tofino Hirschmann s Tofino Sept 2011 Hirschmann / Belden acquires Byres Security 41
42 EAGLE Tofino System What is the EAGLE20 Tofino? A network security system designed specifically for Industrial Automation No IT knowledge required for configuration or operation Predefined templates for: > 50 industrial communications protocols > 25 families of industrial controllers Provides Defence in Depth Secure zones inside a network 42
43 EAGLE Tofino Key Benefits No IT knowledge required Enhanced security and safety Extend Cyber Security down into the control network Simplified regulatory and standards compliance FERC / NERC CIP ANSI/ISA-99 IEC
44 EAGLE Tofino Architecture Corporate Network HIRSCHMANN Centralised Management HIRSCHMANN HIRSCHMANN Firewalls Cluster of DCS Controllers SCADA RTU PLC Controller 44
45 Key Tofino Components Tofino Central Management Platform (CMP) Centralized Security Management Tofino Security Appliance Zone Level Security for your control network Tofino Loadable Security Modules (LSM) Firmware modules that customize the security features on your Tofino Security Appliances 45
46 Tofino Central Management Platform (CMP): centralized security management Configure, manage and monitor all your Tofino Security Appliances from one workstation Built-in Network Editor to quickly model your control network Visual drag-and-drop editors for quick and easy configuration of security rules 46
47 CMP Close Up 47
48 Fort Sask Network Corporate Firewall Corporate Network DMZ HIRSCHMANN HIRSCHMANN HIRSCHMANN Fort Sask Control Network HIRSCHMANN HIRSCHMANN Sumas Pump Station Network Jasper Pipeline Network 48
49 Network Hierarchy View HIRSCHMANN HIRSCHMANN HIRSCHMANN HIRSCHMANN HIRSCHMANN 49
50 Controllers Pre-configured rules for more than 25 families of controllers Special rules to handle known vulnerabilities 50
51 Industrial Protocols Pre-defined templates for more than 50 industrial communications protocols Additional protocols can be added 51
52 Network Devices Support for Hirschmann network devices. 52
53 EAGLE20 Tofino Security Appliance Simple installation requires no networking knowledge and no pre-configuration Install and configure Tofino with no disruption to the control system Unique 'Test' mode allows testing with no risk to your plant 53
54 Tofino Loadable Security Modules LSMs are software plug-ins providing security services such as: Firewall Secure Asset Management Content Inspection (Deep Packet Inspection) VPN encryption Event Logger Each LSM is downloaded into the security appliance to allow it to offer customisable security functions, depending on the requirements of the control system. 54
55 Tofino Firewall LSM: Traffic Control for industrial networks Control engineer defines list of traffic rules Automatically blocks and reports any traffic that does not match your rules Simple rule definition using graphical drag-and-drop editor Drag the HMI on to the PLC. The correct rules are created automatically 55
56 Tofino Secure Asset Management LSM: Tracks and Protects Network Devices Passive Asset Discovery locates network devices without any process disruption Newly-discovered devices are reported to the Tofino Management Platform (CMP) as a security alert Keep current and detailed inventory lists for ANSI/ISA-99 and NERC standards compliance Assisted Rule Generation wizard guides users to create firewall rules from 'blocked traffic' reports 56
57 Tofino Modbus TCP Enforcer LSM: content inspector for Modbus Protocol 'Sanity Check' blocks any traffic not conforming to the Modbus standard Control engineer defines list of allowed Modbus commands, registers and coils Automatically blocks and reports any traffic that does not match your rules 57
58 OPC Classic OPC Classic is the world s leading technology for integrating different automation products. Formerly known as OLE for Process Control, (where OLE stood for Object Linking and Embedding) Includes all OPC standards that are based on Microsoft's DCOM Technology (i.e. all but OPC-UA) Unfortunately OPC is famous for its poor security 58
59 Typical TCP/IP Protocols Most protocols use Fixed Port Numbers to identify the application to handle an incoming packet Similar to an extension for accounts payable on a company phone system Example: Most Modbus TCP slaves use port 502 Modbus Command (Dst Port = 502) Modbus Reply (Src Port = 502) Modbus Master Operator Station Modbus Slave PLC 59
60 Typical TCP/IP Protocols Consistent TCP/UDP port numbers makes it easy to create firewall rules Example: To allow only Modbus traffic to get to a PLC and block all other messages: Allow Dst Port = 502 (Modbus), Deny All Else Modbus (Port 502) Modbus Master Operator Station Modbus Slave PLC 60
61 OPC Classic (aka OPC DCOM) OPC Classic dynamically assigns TCP ports to each executable process serving objects on a server Clients discover port associated with an object by connecting to the server and sending messages like: find COM object XXX for me and tell me what port it is on OPC Client OPC Connection Request (Port 135) OPC Server Server Response: Use Port OPC DA Connection (Port 12345) OPC DA Data (Port 12345) 61
62 Until Now - An Unfirewallable Protocol Because OPC is free to use any port between 1024 and it is IT firewall unfriendly You don t know in advance what port the server will use So you can t define the firewall rule You have to leave all ports open on your firewall Configuring your firewall to leave such a wide range of ports open creates a serious security hole 2222 Rockwell-CSP 2404 IEC Mitsibishi MELSCQNA 5450 PI Data Historian 9100 Omron FINS And 1000 s more! 62
63 It Gets Worse! OPC/DCOM in the Real World DCOM callbacks in OPC are not handled on the same connection that is used for client/server calls Some OPC servers reject the first few connection attempts after they tell the client to use a specific port, completely breaking most firewall state engines! All this has made the industry consider OPC Firewalls virtually impossible 63
64 Tofino OPC Enforcer LSM: content inspector for OPC Classic Automatically tracks TCP ports assigned by OPC servers for data connections Dynamically opens tracked ports in firewall only when they are needed Protocol 'Sanity Check' blocks any OPC requests not conforming to the DCE/RPC standard 64
65 Simple Configuration Deny by default including: Any attempted OPC traffic that is not between defined OPC client and server pairs will be blocked and reported Any attempted TCP connection that was not successfully negotiated between a valid OPC client and server will be blocked and reported User-settable options Sanity check enable/disable on OPC connection attempts Maximum time to wait for data connection to start 65
66 Tofino VPN: secure tunnels over untrusted networks Creates secure tunnels between Tofino Security Appliances; between Tofino and PCs; and between Tofino and supported third-party devices Simple set-up and management Inter-operates with other Tofino LSMs (eg Firewall, Modbus TCP Enforcer) to combine security features Corporate Network Internet 66
67 Layer 2 Bridging Pipeline Example Create an Ethernet bridge over the Internet using Rapid Spanning Tree Internet 67
68 Tofino Event Logger: Automonous Security Appliances Logs events locally on Tofino Security Appliance Logs events locally to a USB stick (persistent) Transmits event messages to a Syslog server Removes potential single point of failure (CMP) No CMP required in production network Events Syslog Server 68
69 Live Demo 69
70 Any Questions? 70
Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance
Introducing the 9202-ETS MTL Tofino industrial Ethernet security appliance HAKIM- Sales Engineer 1 Cybersecurity of valuable assets and processes in a wide range of industry verticals, such as: Oil & Gas
More informationUsing ANSI/ISA-99 Standards to Improve Control System Security
Tofino Security White Paper Version 1.1 Published May 2012 Using ANSI/ISA-99 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. Why the Push for Productivity has degraded
More informationPresenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.
Presenter Jakob Drescher Industry Cyber Security 1 Cyber Security? Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks. Malware or network traffic
More informationTofino CMP User's Guide
Tofino CMP User's Guide Configuration Tofino Central Management Platform Version The naming of copyrighted trademarks in this manual, even when not specifically indicated, should not be taken to mean that
More informationAlternatives to Patching for more Secure and Reliable Control Systems
Alternatives to Patching for more Secure and Reliable Control Systems Eric Byres, P.Eng., ISA Fellow Chief Technology Officer Tofino Security, a Belden Brand The New World of Security For the past 30 years,
More informationBuilding Intrinsically Secure Control and Safety Systems
Building Intrinsically Secure Control and Safety Systems Using ANSI/ISA-99 Security Standards for Improved Security and Reliability May 2009 Eric Byres, Chief Technology Officer, Byres Security Inc. The
More informationCyber Security of Industrial Control Systems (ICSs)
Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationICS Security. Trends, Issues, and New Standards. Speaker: David Mattes CTO, Asguard Networks
ICS Security Trends, Issues, and New Standards Standards Certification Education & Training Publishing Conferences & Exhibits Speaker: David Mattes CTO, Asguard Networks 2013 ISA Water / Wastewater and
More informationPractical SCADA Cyber Security Lifecycle Steps
Practical SCADA Cyber Security Lifecycle Steps Standards Certification Jim McGlone CMO, Kenexis Education & Training Publishing Conferences & Exhibits Bio Jim McGlone, CMO, Kenexis GICSP ISA Safety & Security
More informationIndustrial Automation Automation Industrielle Industrielle Automation. 4 Access to devices. 4.3 OPC (Open Process Control ) 4.3.
Automation Industrielle Industrielle Automation 4 Access to devices 4.3 OPC (Open Process Control ) 4.3.1 Common elements Executive Summary OPC is a standard, manufacturer-independent programming interface
More informationIntroduction to ICS Security
Introduction to ICS Security Design. Build. Protect. Presented by Jack D. Oden, June 1, 2018 ISSA Mid-Atlantic Information Security Conference, Rockville, MD Copyright 2018 Parsons Federal 2018 Critical
More informationPROFINET The leading communication system
Titel einer Beispielpräsentation PROFINET The leading communication system Proven and future-oriented PROFINET 2 3 4 Market & Applications PROFINET overview 0 Reasons for PROFINET Industrie 4.0 and PROFINET
More informationCritical Infrastructure Protection for the Energy Industries. Building Identity Into the Network
Critical Infrastructure Protection for the Energy Industries Building Identity Into the Network Executive Summary Organizations in the oil, gas, and power industries are under increasing pressure to implement
More informationA. Carcano, I. Nai Fovino, M. Masera, A. Trombetta European Commission Joint Research Centre Critis 2008, Rome, October 15, 2008
Scada Malware, A Proof of Concept A. Carcano, I. Nai Fovino, M. Masera, A. Trombetta European Commission Joint Research Centre Critis 2008, Rome, October 15, 2008 Outline Motivations Testing Environment
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationUnderstanding OPC: Basic Overview
Understanding OPC: Basic Overview Colin Winchester VP Operations Nathan Pocock Chief Architect & Developer Understanding OPC: Basic Overview Agenda 60 Minutes Original problem How to share data Original
More informationNew concept in automation: epac. November 2015
New concept in automation: epac November 2015 21 st century megatrends are significantly changing the industrial world Connectivi ty Safety and Security Agility Scarcity of Resources 2 Connectivity 50
More informationHacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK
Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for
More information4 Access to devices. Prof. Dr. H. Kirrmann. ABB Research Centre, Baden, Switzerland
Automation Industrielle Industrielle Automation 4 Access to devices 4.3 OPC (Open Process Control formerly OLE for Process Control) 4.3.1 Common elements Prof. Dr. H. Kirrmann 2007 May, HK ABB Research
More informationINDUSTRIAL NETWORK RESILIENCE. Davide Crispino Salvatore Brandonisio
INDUSTRIAL NETWORK RESILIENCE Davide Crispino Salvatore Brandonisio Cyber Attacks: A risk among the most feared At the World Economic Forum 2016: «Cyber Attacks are considered to be one of the highest
More informationConnectivity 101 for Remote Monitoring Systems
Connectivity 101 for Remote Monitoring Systems Paul Wacker Moxa, Inc. Manager - Edge Connectivity Ariana Drivdahl Moxa, Inc. Product Marketing Manager Pain Points of Remote Monitoring Pressure to enhance
More informationSANS SCADA and Process Control Europe Rome 2011
SANS SCADA and Process Control Europe Rome 2011 Ian Buffey Director International Services Industrial Defender ibuffey@industrialdefender.com A Holistic Approach Planning, training and governance Cybersecurity
More informationSecurity analysis and assessment of threats in European signalling systems?
Security analysis and assessment of threats in European signalling systems? New Challenges in Railway Operations Dr. Thomas Störtkuhl, Dr. Kai Wollenweber TÜV SÜD Rail Copenhagen, 20 November 2014 Slide
More informationSecurity protection to industrial control system based on Defense-in-Depth strategy
Security protection to industrial control system based on Defense-in-Depth strategy X. Luo The College of Mechatronics and Information Engineering, Shanghai Lida Polytechnic Institute, China Abstract In
More informationUCOS User-Configurable Open System
UCOS User-Configurable Open System User-Configurable Open System (UCOS) UCOS is a complete control system solution. It includes graphical development software, a graphical human machine interface (HMI),
More informationCybersecurity was nonexistent for most network data exchanges until around 1994.
1 The Advanced Research Projects Agency Network (ARPANET) started with the Stanford Research Institute (now SRI International) and the University of California, Los Angeles (UCLA) in 1960. In 1970, ARPANET
More informationRIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich
RIPE RIPE-17 Table of Contents The Langner Group Washington Hamburg Munich RIPE Operations Technology Management Plan (MP-17) 0.1 Purpose... 4 0.2 Process Overview... 4 0.3 Implementation Scope... 5 0.4
More informationT22 - Industrial Control System Security
T22 - Industrial Control System Security PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 Holistic Approach A secure application depends on multiple layers of protection and industrial
More informationIndegy. Industrial Cyber Security. Matt Petrauskas Regional Director.
Indegy Industrial Cyber Security Matt Petrauskas Regional Director mpetrauskas@indegy.com Discussion Focus Unveiling Security Gaps in Industrial Control Networks About the Presenter Matt Petrauskas 33
More informationHow can I use ISA/IEC (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits
How can I use ISA/IEC- 62443 (Formally ISA 99) to minimize risk? Standards Certification Education & Training Publishing Conferences & Exhibits What is ISA 62443? A series of ISA standards that addresses
More informationBe Certain with Belden
Be Certain with Belden Effective ata Communication Solutions for Smart Grid Systems A B C OpenRail Family Compact Industrial Switches Available in customized versions Available with conformal coating High
More informationUA-5200 IIoT Communication Server
UA-5200 Series UA-5200 IIoT Communication Server Features OPC UA Server and MQTT Client Service MQTT Broker Inside AM3354, 1 GHz 256 MB RAM and 512 MB Flash Linux kernel 3.2.14 OS Real-Time Capability
More informationGeneral. Remote I/O A4/1.
www.stahl.de > Intrinsically safe Ex ia IIC, Ex e, Ex na or Ex nl inputs and outputs > Fieldbus communication: Modbus RTU, Profibus DP V0 and DP V1 HART, Industrial Ethernet, Modbus TCP, EtherNet/IP, PROFINET
More informationJust How Vulnerable is Your Safety System?
Theme 3: Cyber Security Just How Vulnerable is Your Safety System? Colin Easton MSc, CEng, FInstMC, MIET, ISA Senior Member TUV Rhienland FS Senior Expert PHRA & SIS 6 th July 2017 1 Safety System Security
More informationFunctional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK
Functional Safety and Cyber Security Pete Brown Safety & Security Officer PI-UK Setting the Scene 2 Functional Safety requires Security Consider just Cyber Security for FS Therefore Industrial Control
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationFirewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003
Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003 A system or combination of systems that enforces a boundary between two or more networks - NCSA
More information1756-EN2TP Parallel Redundancy Protocol Module Network Redundancy
1756-EN2TP Parallel Redundancy Protocol Module Network Redundancy PUBLIC Copyright 2017 Rockwell Automation, Inc. All Rights Reserved. 1 1756-EN2TP Parallel Redundancy Protocol Module The 1756-EN2TP Parallel
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationSECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS
SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.
More informationTop 10 ICS Cybersecurity Problems Observed in Critical Infrastructure
SESSION ID: SBX1-R07 Top 10 ICS Cybersecurity Problems Observed in Critical Infrastructure Bryan Hatton Cyber Security Researcher Idaho National Laboratory In support of DHS ICS-CERT @phaktor 16 Critical
More informationSecuring Plant Operation The Important Steps
Stevens Point, WI Securing Plant Operation The Important Steps September 24, 2012 Slide 1 Purpose of this Presentation During this presentation, we will introduce the subject of securing your control system
More informationCybersecurity. Good Practices Guide. HA Issue 1 July 2017
Cybersecurity Good Practices Guide HA032968 Issue 1 July 2017 2017 All rights are strictly reserved. No part of this document may be reproduced, modified, or transmitted in any form by any means, nor may
More informationYour Global Automation Partner. The Full Range for Industrial Ethernet
Your Global Automation Partner The Full Range for Industrial Ethernet Turck is a global leader in automation technology. Over 4,000 employees in 28 countries strive to deliver the best sensor, connectivity,
More informationFirewalls (IDS and IPS) MIS 5214 Week 6
Firewalls (IDS and IPS) MIS 5214 Week 6 Agenda Defense in Depth Evolution of IT risk in automated control systems Security Domains Where to put firewalls in an N-Tier Architecture? In-class exercise Part
More informationTestOut Network Pro - English 4.1.x COURSE OUTLINE. Modified
TestOut Network Pro - English 4.1.x COURSE OUTLINE Modified 2017-07-06 TestOut Network Pro Outline - English 4.1.x Videos: 141 (18:42:14) Demonstrations: 81 (10:38:59) Simulations: 92 Fact Sheets: 145
More informationSecuring Industrial Control Systems in the Age of IoT
Securing Industrial Control Systems in the Age of IoT Jeff Lund October 2016 2016 Belden Inc. belden.com @BeldenInc info.beldon.com/iiot Control System Security Is Gaining Public Recognition 2016 Belden
More informationSubstation. Communications. Power Utilities. Application Brochure. Typical users: Transmission & distribution power utilities
Power Utilities Application Brochure Communications Typical users: Transmission & distribution power utilities For more than 30 years, RAD has worked closely with its worldwide energy utility customers
More informationData Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users
Data Diode Cybersecurity Implementation Protects SCADA Network and Facilitates Transfer of Operations Information to Business Users Standards Certification Education & Training Publishing Conferences &
More informationThomas J. Burke Paul Hunkar Matthias Damm
Thomas J. Burke Paul Hunkar Matthias Damm 1 2 1 Consumer-electronics are driving the way of future with respect to setting the stage for the engineers of today and tomorrow and expectations in industrial
More informationSolutions in conveyor technology
Solutions in conveyor technology With Belden s wide product portfolio in automation technology and logistics, you ll be a clear step ahead: with maximum reliability, flexibility and investment security.
More informationWHITE PAPER. Vericlave The Kemuri Water Company Hack
WHITE PAPER Vericlave The Kemuri Water Company Hack INTRODUCTION This case study analyzes the findings of Verizon Security Solutions security assessment of the Kemuri Water Company security breach. The
More informationChallenges of Multivendor Systems in Implementation of IIoT-ready PLCs. ISA/Honeywell Webinar 10 November 2016
Challenges of Multivendor Systems in Implementation of IIoT-ready PLCs ISA/Honeywell Webinar 10 November 2016 2 Before we begin: Challenges of Multivendor Systems in Implementation of IIoT-ready PLCs Listen
More informationWho Goes There? Access Control in Water/Wastewater Siemens AG All Rights Reserved. siemens.com/ruggedcom
WEAT Webinar Who Goes There? Access Control in Water/Wastewater Siemens AG 2018. siemens.com/ruggedcom ACCESS CONTROL WEBINAR TABLE OF CONTENTS TOPIC Why Access Control? Risks If Not Used Factors of Authentication
More informationAutomation Services and Solutions
Automation Services and Solutions Automate substation data acquisition and control to improve performance Maintain uninterrupted power services with proactive grid monitoring and controlling features.
More informationMinewide Convergence of Control and Information
Minewide Convergence of Control and Information Pat Murray June 2010 Copyright 2009 Rockwell Automation, Inc. All rights reserved. Production Management Concerns Maintaining a Safe work Environment Lack
More informationCOMPUTER NETWORK SECURITY
COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls
More informationACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems
ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been
More informationCyber Security for Process Control Systems ABB's view
Kaspersky ICS Cybersecurity 2017, 2017-09-28 Cyber Security for Process Control Systems ABB's view Tomas Lindström, Cyber Security Manager, ABB Control Technologies Agenda Cyber security for process control
More informationOvation Ethernet Link Controller Module Data Sheet
Ovation Ethernet Link Controller Module Features: Provides native Ethernet connectivity capability at the I/O level Enables faster, more efficient integration of robust data from third-party devices Dedicated
More informationThe IT Implications of ISA 95 and ISA 99 Dennis Brandl
The IT Implications of ISA 95 and ISA 99 Dennis Brandl dnbrandl@brlconsulting.com Abstract As manufacturing operations, defined in the ISA 95 standard, moves more into the standard information technology
More informationTABLE OF CONTENTS. Section Description Page
GPA Cybersecurity TABLE OF CONTENTS Section Description Page 1. Cybersecurity... 1 2. Standards... 1 3. Guides... 2 4. Minimum Hardware/Software Requirements For Secure Network Services... 3 4.1. High-Level
More informationRuchiman Priatna (Control Technology) Freelance The easy-to-use distributed control system
Ruchiman Priatna (Control Technology) Freelance The easy-to-use distributed What is Freelance? Freelance Engineering Freelance Operations AC 700F AC 800F AC 900F Controller Controller Controller + I/O
More informationUnderstanding Device Level Connection Topologies
Sept. 2013 Understanding Device Level Connection Topologies Author: Advantech E-mail: eainfo@advantech.com Sept. 2013 Even ten years ago, most factory floor sensors were connected directly to a PLC or
More informationTriconex Safety System Platforms
Triconex Safety System Platforms Presented to OpsManage 13 ANZ User Conference Presented by Al Fung May 6, 2013 2010 Invensys. All Rights Reserved. The names, logos, and taglines identifying the products
More informationEssentials of Cyber Security Intelligence for Protecting ICS
November 3, 2016 Essentials of Cyber Security Intelligence for Protecting ICS Jeffery S. Bridgland Advisory Board Member N-Dimension Solutions jeff.bridgland@n-dimension.com Lots of Ground to Cover ICS
More informationSteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)
Internet Communications Made Safe SteelGate Overview SteelGate Overview SteelGate is a high-performance VPN firewall appliance that Prevent Eliminate threats & attacks at the perimeter Stop unauthorized
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationICALEPCS 2013 San Francisco
UNIDIRECTIONAL SECURITY GATEWAYS Unidirectional Security Gateways Stronger Than Firewalls ICALEPCS 2013 San Francisco Andrew Ginter VP Industrial Security Waterfall Security Solutions Proprietary Information
More informationCIH
mitigating at host level, 23 25 at network level, 25 26 Morris worm, characteristics of, 18 Nimda worm, characteristics of, 20 22 replacement login, example of, 17 signatures. See signatures SQL Slammer
More informationPipeline Unit/Station Control. Combining Unit and Station Control into Siemens PCS 7. Application Brief
Pipeline Unit/Station Control Combining Unit and Station Control into Siemens PCS 7 Application Brief Pipeline Unit/Station Control Application Description... 1 Process Description...1 Process Drawing...1
More informationHigh performance monitoring & Control ACE3600 Remote Terminal Unit
High performance monitoring & Control ACE3600 Remote Terminal Unit Empower Your SCADA Network Utilities, now more than ever, are facing newer and greater hurdles. Multiple wired and wireless communication
More informationThe Claroty Difference
Solution Brief Bringing Clarity To OT Network Claroty enables customers to secure and optimize the industrial control networks that run the world s most critical infrastructure. The company s enterprise-class
More informationChapter 9. Firewalls
Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however
More informationAllen-Bradley Communications Modules Implementing network-based access control for users, devices and networks
Allen-Bradley Communications Modules Implementing network-based access control for users, devices and networks Rockwell Automation offers a variety of standard Allen-Bradley communications modules that
More informationCyberFence Protection for DNP3
CyberFence Protection for DNP3 August 2015 Ultra Electronics, 3eTI 2015 DNP3 Issues and Vulnerabilities DNP3 is one of the most widely used communications protocols within the utility space for the purpose
More informationMaturity assessment on Cybersecurity for critical infrastructures
Maturity assessment on Cybersecurity for critical infrastructures 28TH SEPTEMBER 2015, AMSTERDAM DR THIEYACINE FALL www.thalesgroup.com Cyber-Security Today (Maturity assessment) Anticipate threats Perform
More informationAn Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)
An Operational Cyber Security Perspective on Emerging Challenges Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL) Johns Hopkins University Applied Physics Lab (JHU/APL) University
More informationIndustrial Network Trends & Technologies
Industrial Network Trends & Technologies EtherNet/IP on the Plant Floor PUBLIC INFORMATION 5058-CO900F IHS Technology Industrial Internet of Things 2014, April 2014 PUBLIC INFORMATION Forecasts tremendous
More informationOPC and MES DAY 15 October 2013, Tampere Improving manufacturing IT security with OPC UA
OPC and MES DAY 15 October 2013, Tampere Improving manufacturing IT security with OPC UA Pasi Ahonen, Senior Scientist, COREQ-ACT project manager, VTT Technical Research Centre of Finland 2 Agenda 1. What
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationMatrikonOPC and HMS. Presenting the Anybus OPC server
MatrikonOPC and HMS Presenting the Anybus OPC server Anybus OPC server page 1 Agenda What is OPC Why OPC Common Specifications Leveraging OPC Anybus products and OPC HMS INDUSTRIAL NETWORKS Anybus OPC
More informationModicon M580 The World First epac
Modicon M580 The World First epac Modicon M580 epac Offer description Customer values Targeted segments 2 Culture of Innovation The new Modicon M580 is the world s first epac Ethernet Programmable Automation
More informationGE Intelligent Platforms PAC8000 RTU
GE Intelligent Platforms PAC8000 RTU A ruggedized, reliable RTU PAC8000 Remote Terminal Unit (RTU) thrives in the desert heat of the Arabian Peninsula and the arctic cold of Siberian oil fields delivering
More informationFERC Hydroproject Cyber Security [FERC 3A Section 9 versus CIP v5]
FERC Hydroproject Cyber Security [FERC 3A Section 9 versus CIP v5] Presentation Goals Provide a clear distinction between the intent of FERC cyber security and NERC CIP cyber security Discuss opportunities
More informationOvation Compact Controller
Ovation Compact Controller Model OCC100 Features Secure, reliable and mission-critical control capability for remotely located plants or processes Modular I/O base design for flexible placement within
More informationCyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationPROFIBUS and Integrated Safety architectures in Ex areas
PROFIBUS and Integrated Safety architectures in Ex areas Since 1989, PROFIBUS has developed into a worldwide leading fieldbus system used in machine and process plant automation. The main reason why PROFIBUS
More informationDetection and Analysis of Threats to the Energy Sector (DATES)
Detection and Analysis of Threats to the Energy Sector (DATES) Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationHow Can I Reduce Vulnerability to Cyber Attacks? V2.2
How Can I Reduce Vulnerability to Cyber Attacks? V2.2 System Technical Note Cybersecurity Recommendations Design your architecture Important Information Notice People responsible for the application, implementation
More informationCyber Security of Industrial Control Systems and Potential Impacts on Nuclear Power Plants
Cyber Security of Industrial Control Systems and Potential Impacts on Nuclear Power Plants IEEE NPEC April 18, 2006 Joe Weiss, PE, CISM KEMA, Inc. Joe.weiss@kema.com (408) 253-7934 2 Why are we here? Ostensibly:
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationICS Cybersecurity: You Cannot Secure What You Cannot See. David Zahn CMO and General Manager, Cybersecurity Business Unit
ICS Cybersecurity: You Cannot Secure What You Cannot See David Zahn CMO and General Manager, Cybersecurity Business Unit ICS Cybersecurity: You Cannot Secure What You Cannot See Cover Table of Contents
More informationIndustry Best Practices for Securing Critical Infrastructure
Industry Best Practices for Securing Critical Infrastructure Cyber Security and Critical Infrastructure AGENDA - Difference between IT and OT - Real World Examples of Cyber Attacks Across the IT/OT Boundary
More informationCybersecurity for IoT to Nuclear
Seminar Series Cybersecurity for IoT to Nuclear Fred Cohn, Program Director Property of Schneider Electric Who Am I? Program Director, Schneider Electric Product Security Office Cybersecurity Strategy
More informationConnectivity from A to Z Roadmap for PI Connectors and PI Interfaces
Connectivity from A to Z Roadmap for s and PI Interfaces Presented by Chris Coen, Product Manager Zdenek Ryska, Senior Software Developer Technology Evolves What if I asked you to: Call your coworker?
More information