Cyber security for digital substations. IEC Europe Conference 2017

Transcription

1 Cyber security for digital substations IEC Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity

2 Substation Digitalization process From security via simplicity 1st generation: Standard cabling 2nd generation: Point- to point connections since rd generation: Digital - Station Bus since Mimic board Control Center Control Center IEC HMI HMI Fault recorder Protection Substation controller Substation controller RTU Other bays Serial connection Other bays Station Bus Parallel wiring Bay Bay Bay Parallel wiring Parallel wiring Parallel wiring Page 2

3 to Cyber Security Possible Threats and Challenges Control center Untrusted network Remote access Special operational conditions in a substation Station level Field level Service PC Router HMI PC Station controller 24/7 operation Components from different vendors Interfaces to unsecure networks Standard operating systems components Proprietary technology IEDs Protection and field devices Unauthorized access Misuse of administration rights Malware Attacks via Internet Tampered Firmware Page 3

4 A real risk with an IEC malware - Industroyer used during Ukraine Attack in December 2016 The 2 nd cyber attack in Ukraine power grid A vendor independent malware Additional targeting of some vendor products Page 4 Source: ESET

5 Standards and Regulations Cyber Security Framework in a Nutshell Following Key-Guidelines Describing What should be done NERC CIP NIST Cyber Security Framework bdew white paper Compliant with Key-Standards Describing How should it be done ISO/IEC (System Security) ISO/IEC (Communication Security) ISO/IEC 27001/27019 (Security Mgmt) Conform to regulatory requirements Describing what must be done IT Security Law Security Catalogue Protection Profile Follow industry standard, i.e. bdew Report on incidents Implementation and Certification of an Information Security Management System (ISMS) Cryptographic requirements for Smart Metering Assessment and certification of ICS systems Auditable compliance (NERC) is required for bulk power systems (since 2010) Page 5

6 IEC Standards and Regulations Holistic approach is necessary Focus: Power Systems Design Details / Technical Aspects Smart Grid Coordination Group / Smart Grid Information Security Mandate M/490 Focus: Information Systems Focus: Industrial Automation IEC Details for Operations Relevance for Products Key Standards ISO/IEC TR IEC (System Security) IEC (Communication Security) ISO/IEC 27001/27019 (Security Mgmt) Page 6 ISO/IEC 27001/2 Completeness / Governance & Policy Aspects

7 Managing Cyber security risks Secure products as a basis for secure digital substations Secured Communication Operational Security Access Control Security Monitoring Secured with SSL/TLS/IPsec (IEC ) Client/server authentication (IEC /6) Signed software/firmware (IEC ) Malware protection ProductCERT Vulnerability handling Centralized account management Centralized password management (IEC ) Centralized event logging (IEC ) Installed base monitoring (IEC ) Future Readiness Ready for PKI (IEC ) Modularity for tomorrow Page 7

8 Managing Cyber security risks - Implementation of a Secure Substation Control center Untrusted network Remote access Cyber security measures Station level DMZ Service PC Router HMI PC Station controller Trusted zone Access control and account management Security logging and monitoring System hardening Field level Trusted zone IEDs Protection and field devices External certification as per - IEC Secure Processes - IEC Technical security controls Security patching, Backup and restore Malware protection Data protection, data integrity and system architecture Secure remote access Page 8

9 Managing Cyber security risks - Host-based / network-based Intrusion detection Security Monitoring Central level Central monitoring on premise with analysis and alarming functionalities Station level Central Log server collecting all security events/alarms from IEDs and substation automation systems (e.g. port scanning) Bay level IEDs providing security event/alarm data Page 9

10 Timeline for Industroyer Security patch management in practice Vulnerability Handling EN100 FW Update and advisory to address security researcher findings: SSA [1] Mid 2015 Patch management service offering and IEC certification for secure substation blueprint Autumn 2016 Siemens reemphasizes systematic patch management to customers worldwide 12th June 2017 Mid 2016 Spear Phishing s assumed to be used to deploy malware to gain network information at Ukraine utility Dec Industroyer : 2nd cyber attack at Ukraine utilities in 2 years Analysis Reports claim [2]: Industroyer can attack SIPROTEC 4 devices by addressing known vulnerability [1] Page 10 [1] [2]

11 Managing Cyber security risks Security Patch Management Vendor side Operator side Single point of contact Siemens ProductCERT Security Advisories Asset Owner s Patch Management Process Responsible Disclosure process Security Researchers Central Database Monitoring and Information CERT network Monitoring Notification 3 rd Party Vendors, OSS Siemens Digital Grid Products Service Sales R&D Security Newsletter Service Contract Patch from Vendor 2 Patch from Vendor 1 Patch from Vendor n Pentesters US ICS-CERT Free-time Hackers IT-Security Contractors BSI Defect Database Patch qualification/testing/ deployment Page 11

12 Cyber security conclusion, a pre-requisite for digital substations A multi-level approach with multi-level responsabilities Secure products manufacturers Secure systems system integrators Security and reliability of supply Business targets Achieve Power System Operator Organization Processes Infrastructure Secure operations operator Mitigate Cyber risks Comply Regulations & Standards Page 12

13 Thank You Cédric Harispuru Product Lifecycle Manager IEC & Communication protocols Chaitanya Bisale Product Lifecycle Manager, Senior Key Expert Cyber Security Siemens siemens.com/gridsecurity Page 13