Comprehensive Cyber Security Features in SIPROTEC & SICAM. SIPROTEC Dag 11. Mei 2017
|
|
- Eileen Moore
- 6 years ago
- Views:
Transcription
1 Comprehensive Cyber Security Features in SIPROTEC & SICAM SIPROTEC Dag 11. Mei 2017 siemens.tld/keyword
2 Changes to Substation Automation and Protection over Time Evolving Threat Landscape (tomorrow today...) 1 st generation: Standard cabling Mimic board Ancient past 2 nd generation: Point-to-point connections since Recent past Security through Simplicity: the analog times Minimal connectivity in substation control and protection HMI Clear point-to-point connections Fault recorder Protection RTU Parallel wiring Bay Substation controller Other bays Serial connection Bay Secured buildings Owned communication networks Parallel wiring Parallel wiring Page 2
3 Changes to Substation Automation and Protection over Time Evolving Threat Landscape (tomorrow today...) 1 st generation: Standard cabling Mimic board Ancient past 2 nd generation: Point-to-point connections since Recent past 3 rd Generation: Digital Substations HMI Fault recorder Protection RTU Parallel wiring Bay Substation controller Other bays Serial connection Bay Parallel wiring Parallel wiring Page 3
4 Connectivity with Responsibility Cyber Security must be considered holistically Security Availability, Integrity, Confidentiality & Data Protection GENERATION TRANSMISSION DISTRIBUTION CONSUMPTION RAIL & MICROGRIDS Technological impact Remote control Seamless interfacing between the IT world and the Process world Usage of public infrastructure Increasing adoption of IT infrastructure Developments Renewable energy resources, Pro-/ Consumer markets, Network optimization GRID AND ENTERPRISE IT COMMUNI- CATION & AUTOMATION FIELD DEVICES SENSORS AND PROTECTION PRIMARY EQUIPMENT AUTOMATION GRID CONTROL PROTECTION SMART TRANSMISSION SENSORS HMI BIG DATA ANALYTICS, IT INTEGRATION EMS DMS ADMS Microgrids SMART DISTRIBUTION GRID APPLICATION POWER QUALITY Virtual Power Plants Demand Response Meter Data Mgmt. ecar Operation Center COMMUNICATION SMART METERS RAIL & MICROGRIDS SERVICE & SMART GRID SECURITY Page 4
5 Vulnerabilities in Digital Substations Potential Threats and Attackers Control Center Level Attackers: Remote access Station Level Nation states (spy agencies) Criminal organizations Attacks over Internet Attacks over Internet Malware Script kiddies Insiders / service providers Substation automation Unauthorized access Unauthorized access Malware Protection Field Level Malware Unauthorized access Unauthorized access Page 5
6 Cyber attacks against critical infrastructure State of IT-Security in the Energy Infrastructure Threats: Increase in software vulnerabilities Cloud Computing Hardware vulnerabilities Cyber attacks on industrial control systems More than 439 million Windows-malware variants Security Incidents in US, 2015: Yearly report on all critical infrastructure sectors Energy sector reported the second highest number of incidents Similar report from Australia Source: Page 6 Source:
7 Energy Concerns under Attack Example: Ukraine Page 7
8 Digital Substations are vulnerable to Cyber Attacks Threat Scenarios Substation automation threatened by DoS* Substation automation threatened by unauthorized access, malware Distribution automation threatened by insecure communication Protection threatened by malware, unsecured engineering changes Page 8
9 Field level Protection Technology Cyber Security Risks Unauthorized access: Risks with protection relays without adequate security features: Unauthorized access easily possible without password protection, in order to alter settings anonymously Endangered Operational Security Without device-side validation compromised firmware can be downloaded into device, that could harm primary topology Neglecting operational security for deployed devices / SW endangers system vulnerability Unsecured communication between device and configuration software cannot hinder sniffing / alteration of settings Settings SW PATCHES Einstell. SW Fehler! Increased chances for attackers to utilize vulnerabilities over remote access for attacks (no network segregation in device) Page 9
10 Field Level Protection Technology Deny unauthorized Access with SIPROTEC 5 Risks with protection relays without secured access control: Without password control it is easily possible to access the relays anonymously Unencrypted / weakly encrypted password handling enables sniffing Simple passwords and eternally valid passwords acquire feet over time Access Control in SIPROTEC 5 Connection password as per NERC-CIP and BDEW White Paper complexity requirements Transfer of connection password from DIGSI5 to device over secured SSL/TLS connection Secured storage of password hash in device Centralized management of password complexity, lifetime and access control for thousands of SIPROTEC 5 devices with Ruggedcom CrossBow Confirmation codes for safety-critical operations with the device All access attempts are logged securely in device and protected from being manipulated + Page 10
11 Field Level Protection Technology Avoid unsecured communication with SIPROTEC 5 Risks with protection relays without secured communication during engineering/operation: Unsecured communication between device and configuration software enables the sniffing and overwriting of protection settings Unencrypted / weakly encrypted password handling enables sniffing Danger of having relays configured using disallowed tools Secured Communication in SIPROTEC 5 Protection against sniffing and manipulation of settings / passwords: SSL/TLS encryption of the communication between DIGSI 5 and the SIPROTEC 5 device Cryptographic, two-way authentication between DIGSI 5 und SIPROTEC 5 means: Protection against usage of disallowed tools Protection against usage of SIPROTEC 5 like relays that have not been manufactured by Siemens Page 11
12 Field Level Protection Technology Avoid Endangered Operational Security with SIPROTEC 5 Negligence of operational security for already deployed devices / SW increases cyber risks: Manipulated firmware can be loaded into device due to missing device-side validation Malware on PC can influence device behavior 3 rd Party patches not compatible with products Unsecured internet connectivity increases the risks Unclear vulnerability / incident handling process High Operational Security with SIPROTEC 5 Protection against usage of manipulated logic in device thanks to cryptographically signed firmware: Validation of firmware signature prior to acceptance Validation of firmware signature at reboot DIGSI 5 is compatible with Application Whitelisting Monthly validation of DIGSI 5 compatibility with the latest 3 rd party patches (e.g. Microsoft, Adobe, etc.) and antivirus patterns Separation of process communication from management communication in device thanks to modular communication units DIGSI 5 compatible for remote/vpn connectivity Page 12 Transparent vulnerability handling over Siemens ProductCERT
13 Protection Technology High Future Readiness with SIPROTEC 5 Continuous Verification during Development Threat and risk analysis Product hardening Secure development process Ready for PKI : integrated Crypto-Chip Secure storage of cryptographic key material Cryptographic computations Physically protected against data theft Ready for future PKI* based applications *PKI: Public Key Infrastructure Page 13 Modularity for Tomorow Out-of-Band networks for today s and future applications Distribution of communication load on the device
14 Protection Technology Comprehensive Cyber Security with SIPROTEC 5 SECURED COMMUNICATION SECURED WITH SSL/TLS CLIENT/SERVER AUTHENTICATION OPERATIONAL SECURITY SIGNED FIRMWARE UPDATE APP. WHITELISTING COMPATIBILITY ACCESS CONTROL COMPLEX CONNECTION PASSWORD CENTRAL PASSWORD MANAGEMENT PRODUCTCERT 3RD PARTY PATCH MANAGEMENT VULNERABILITY HANDLING FUTURE READINESS READY FOR PKI MODULARITY FOR TOMORROW Page 14
15 Thank you for your attention! Chaitanya Bisale Product Lifecycle Manager Cyber Security & Substation Automation EM DG PRO LM SC Humboldtstr Nuremberg Phone: +49 (911) Mobile: +49 (172) siemens.com/gridsecurity Page 15
Cyber security for digital substations. IEC Europe Conference 2017
Cyber security for digital substations IEC 61850 Europe Conference 2017 Unrestricted Siemens 2017 siemens.com/gridsecurity Substation Digitalization process From security via simplicity 1st generation:
More informationДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT
ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT ENERGY AUTOMATION - SMART GRID Restricted Siemens AG 20XX All rights reserved. siemens.com/answers Frederic Buchi, Energy Management Division, Siemens AG Cyber
More informationCyber Security in the Digital Substation and Beyond. Energy Management > Energy Automation
Cyber Security in the Digital Substation and Beyond Energy Management > Energy Automation siemens.com/gridsecurity Cyber Security Offerings From Siemens Energy Management Integrated Security in our products
More informationDigital Substation Unrestricted Siemens AG 2017 siemens.com/digital-substation
Digital Substation A Substation Why Should We Make It Digital? Adopt new business models Time to operation Quality assurance Business agility Avoid outages Investment security Ensuring grid availability
More informationSIPROTEC 5 New features of V7.5
SIPROTEC 5 New features of V7.5 siemens.com/siprotec5 New Features for SIPROTEC 5 Release 7.50 Feeder Protection Ground Fault Detection (Pulse Detection, Harmonic Detection) Automatic Load Shedding Vector
More informationSIPROTEC 5 V7.8 Protection, automation and monitoring for digital substations
SIPROTEC 5 V7.8 Protection, automation and monitoring for digital substations siemens.com/siprotec5 SIPROTEC 5 Table of content Introduction New functions of V7.8 SIPROTEC 5 - the core of Digital Substation
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationSecurity in grid control centers: Spectrum Power TM Cyber Security
Security in grid control centers: Spectrum Power TM Cyber Security Thomas Schmidt, Information Security Manager siemens.at/future-of-energy Spectrum Power TM 7 Historical Information System Table of content
More informationi-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS
i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS siemens.com/ruggedcom INTERACTIVE REMOTE ACCESS INTELLIGENT ELECTRONIC DEVICES Intelligent Electronic Devices (IEDs) Devices that can provide real-time
More informationEasily configurable HMI system for power automation siemens.com/sicam
SICAM SCC Easily configurable HMI system for power automation siemens.com/sicam Small components big prospects: Your SICAM SCC station control Power grid operation is becoming more and more dynamic. To
More informationDigital Grid Products At a Glance Protection, Substation Automation, Power Quality
Digital Grid Products At a Glance Protection, Substation Automation, Power Quality siemens.com/digitalgrid Digital Grid Products Broadest portfolio strong brands Substation Automation, RTU s Power Quality
More informationAnswers for energy. SIPROTEC 5 the new benchmark for protection, automation, and monitoring of transmission grids
Answers for energy. SIPROTEC 5 the new benchmark for protection, automation, and monitoring of transmission grids 2 SIPROTEC 5 the new benchmark for protection, automation, and monitoring of your transmission
More informationSICAM RTUs Ready for the Future
SICAM RTUs Ready for the Future, RC-AT EM DG PRO LM siemens.com SICAM RTUs News Overview SICAM A8000 Series SICAM Engineering SICAM AK3 Page 2 SICAM RTUs News Overview SICAM A8000 Series SICAM Engineering
More informationBUILDING A SMARTER SMART GRID: COUNTERACTING CYBER-THREATS IN ENERGY DISTRIBUTION
BUILDING A SMARTER SMART GRID: COUNTERACTING CYBER-THREATS IN ENERGY DISTRIBUTION INNOVATORS START HERE. EXECUTIVE SUMMARY Energy providers have arrived at a new frontier. Behind them lies the existing
More informationIEC A cybersecurity standard approaching the Rail IoT
IEC 62443 A cybersecurity standard approaching the Rail IoT siemens.com/communications-for-transportation Today s Siemens company structure focusing on several businesses Siemens AG Power and Gas (PG)
More informationEnsuring Your Plant is Secure Tim Johnson, Cyber Security Consultant
Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant 1 The Foxboro Evo TM Process Automation System Addressing the needs across your operation today and tomorrow. 2 Industrial Control Systems
More informationAddressing Cyber Threats in Power Generation and Distribution
Addressing Cyber Threats in Power Generation and Distribution VEO, Asko Tuomela o Bachelor of Science in Electrical Power Engineering o Over 6 years experience in power projects, PLCs and supervision systems
More informationSecuring Devices in the Internet of Things
AN INTEL COMPANY Securing Devices in the Internet of Things WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe
More informationFuture Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group
Future Challenges and Changes in Industrial Cybersecurity Sid Snitkin VP Cybersecurity Services ARC Advisory Group Srsnitkin@ARCweb.com Agenda Industrial Cybersecurity Today Scope, Assumptions and Strategies
More informationCybersecurity for IoT to Nuclear
Seminar Series Cybersecurity for IoT to Nuclear Fred Cohn, Program Director Property of Schneider Electric Who Am I? Program Director, Schneider Electric Product Security Office Cybersecurity Strategy
More informationConnectivity 101 for Remote Monitoring Systems
Connectivity 101 for Remote Monitoring Systems Paul Wacker Moxa, Inc. Manager - Edge Connectivity Ariana Drivdahl Moxa, Inc. Product Marketing Manager Pain Points of Remote Monitoring Pressure to enhance
More informationMethods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment
S&L Logo Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment Date: October 24, 2017 Authors/Presenters: J. Matt Cole, PE
More informationSubstation automation products. MicroSCADA Pro for substation automation
Substation automation products for substation automation Perfect control anywhere, anytime is an investment for today and tomorrow. Start, for instance, with monitoring or gateway functionality and integrate
More informationMaxwell Dondo PhD PEng SMIEEE
Maxwell Dondo PhD PEng SMIEEE 1 Evolution of grid automation SCADA introduction SCADA Components Smart Grid SCADA Security 2 Traditionally power delivery was unsophisticated Generation localised around
More informationMASP Chapter on Safety and Security
MASP Chapter on Safety and Security Daniel Watzenig Graz, Austria https://artemis.eu MASP Chapter on Safety & Security Daniel Watzenig daniel.watzenig@v2c2.at Francois Tuot francois.tuot@gemalto.com Antonio
More informationSIPROTEC 5 Protection, automation, and monitoring
Products for modern energy grids SIPROTEC 5 Protection, automation, and monitoring Integrated Advanced Cyber Security siemens.com/siprotec SIPROTEC 5 Innovative, modular, and high quality Innovation focal
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationGo beyond... IEC Leverage the full potential with leading-edge expertise. Answers for infrastructure and cities.
Go beyond... IEC 61850 Leverage the full potential with leading-edge expertise www.siemens.com/iec61850 HSR, PRP integrated Certified according to IEC 61850 Edition 2 Answers for infrastructure and cities.
More informationNext Generation Authentication
Next Generation Authentication Bring Your Own security impact Dominique Dessy Sr. Technology Consultant 1 2012 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 2 $ 3 4 Threat Landscape 60%
More informationAgile and 360 Digital: Path to the Future of Energy. Michael Carlson
Agile and 360 Digital: Path to the Future of Energy unrestricted Siemens AG 2016 usa.siemens.com/digitalgrid Michael Carlson 21 st Century Challenges Facing Utilities: Maintain Reliability, Resiliency,
More informationIndustrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017
Industrial Security Co-Sourcing: Shifting from CapEx to OpEx Presented by Vinicius Strey Manufacturing in America 03/22-23/2017 Unrestricted Siemens 2017 usa.siemens.com/mia Table of contents Industrial
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationSIPROTEC. Feeder Protection 7SC80. Preface. Contents. Goal/Purpose 1. System Overview 2. Hardening 3 V4.20. Malware Protection 4. Disaster Recovery 5
Preface SIPROTEC Feeder Protection 7SC80 V4.20 Security Guide Contents Goal/Purpose 1 System Overview 2 Hardening 3 Malware Protection 4 Disaster Recovery 5 Patch and Update Information 6 Logging 7 Literature
More informationTrusted Platform Module explained
Bosch Security Systems Video Systems Trusted Platform Module explained What it is, what it does and what its benefits are 3 August 2016 2 Bosch Security Systems Video Systems Table of contents Table of
More informationCSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT
CSI: VIDEO SURVEILLANCE CONVERTING THE JUGGERNAUT The Market and the Trend Cyber security market (2020): USD 170.21 billion, CAGR ~10% Storage market (2020): USD 18.28 billion, CAGR 22% Tons of data to
More informationSiemens AG All rights reserved.
SICAM Substation ti Automation ti Smart Substation Automation Panels DC PW SUPPLY DC PW SUPPLY GPS ARBITER SCALANCE X324 MONITOR RSG2100 RSG416 MONITOR GE UR T60 MUX GARD8000 7UT633 7SL87 7SL87 RACK PC
More informationSecuring the North American Electric Grid
SESSION ID: TECH-R02 Securing the North American Electric Grid Marcus H. Sachs, P.E. SVP and CSO North American Electric Reliability Corporation @MarcusSachs Critical Infrastructure s Common Denominator
More information/ sicam SICAM CMIC The smart cube for your distribution network Answers for infrastructure and cities.
www.siemens.com / sicam SICAM CMIC The smart cube for your distribution network Answers for infrastructure and cities. Simply smart: The compact telecontrol unit SICAM CMIC compact micro Three-stage intelligence
More informationThe Key Principles of Cyber Security for Connected and Automated Vehicles. Government
The Key Principles of Cyber Security for Connected and Automated Vehicles Government Contents Intelligent Transport System (ITS) & Connected and Automated Vehicle (CAV) System Security Principles: 1. Organisational
More informationKaspersky Industrial CyberSecurity. Cybersecurity for Electric Power Infrastructure. #truecybersecurity
Kaspersky Industrial CyberSecurity Cybersecurity for Electric Power Infrastructure www.kaspersky.com/ics #truecybersecurity Contents Introduction 1 Vulnerability of Electric Power Facility Pacs When Faced
More informationThe Importance of Cybersecurity Threat Detection for Utilities
The Importance of Cybersecurity Threat Detection for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationMobility, Security Concerns, and Avoidance
By Jorge García, Technology Evaluation Centers Technology Evaluation Centers Mobile Challenges: An Overview Data drives business today, as IT managers and security executives face enormous pressure to
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationSIPROTEC 7SC805. Merging Unit for conventional instrument transformer. Products for digital substations.
Products for digital substations SIPROTEC 7SC805 Merging Unit for conventional instrument transformer Integrated PRP, HSR www.siemens.com/processbus built to create digital substations based on IEC 61850-9-2
More informationOpenWay by Itron Security Overview
Itron White Paper OpenWay by Itron OpenWay by Itron Security Overview Kip Gering / R. Eric Robinson Itron Marketing / Itron Engineering 2009, Itron Inc. All rights reserved. 1 Executive Summary 3 Intent
More informationGrid Automation Products. MicroSCADA Pro Substation automation applications.
Grid Automation Products Substation automation applications. 2 Substation automation applications Automate, control and optimize your operations. is an investment for today and tomorrow. Start, for instance,
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationAS emas emudhra Authentication Solution
AS emas emudhra Authentication Solution Create your own trusted enterprise network of users, devices, applications! With malware, ransomware and other cyber threats constantly thrown at Enterprises, a
More informationAuthentication Technology for a Smart eid Infrastructure.
Authentication Technology for a Smart eid Infrastructure. www.aducid.com One app to access all public and private sector online services. One registration allows users to access all their online accounts
More informationSolutions for Energy Storage Systems
Solutions for Energy Storage Systems Open, modular, secure. Bachmann electronic is a member of the OPEN INTERFACES The openness of the overall system makes it possible to integrate third-party systems
More informationNIST Revision 2: Guide to Industrial Control Systems (ICS) Security
NIST 800-82 Revision 2: Guide to Industrial Control Systems (ICS) Security How CyberArk can help meet the unique security requirements of Industrial Control Systems Table of Contents Executive Summary
More informationIC32E - Pre-Instructional Survey
Name: Date: 1. What is the primary function of a firewall? a. Block all internet traffic b. Detect network intrusions c. Filter network traffic d. Authenticate users 2. A system that monitors traffic into
More informationSecurity and Privacy Issues In Smart Grid
Security and Privacy Issues In Smart Grid J. Liu and Y. Xiao, S. Li, W. Liang, C. Chen IEEE COMMUNICATIONS SURVEYS & TUTORIALS, to appear Wednesday, September 26, 2012 Mohamed M. E. A. Mahmoud PhD, PDF,
More informationSECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS
SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.
More informationGuide to cyber security/cip specifications and requirements for suppliers. September 2016
Guide to cyber security/cip specifications and requirements for suppliers September 2016 Introduction and context The AltaLink cyber security/cip specification and requirements for suppliers (the standard)
More informationMake your life safer and simpler
Make your life safer and simpler PACiS solutions for utilities micro-grid and electrical substations Serious challenges to your changing business Understand how current and future transition in the energy
More informationSecurityconcept fortheprotectionofindustrialplants. Industrial Security. White PaperV1.0
Securityconcept fortheprotectionofindustrialplants Industrial Security White PaperV1.0 June 2013 Prologue This whitepaper gives an overview of Industrial Security. It describes the threats and risks to
More informationSIPROTEC 5 Application Note
www.siemens.com/protection SIPROTEC 5 Application Note SIP5-APN-010: Answers for infrastructure and cities. SIPROTEC 5 - Application: SIP5-APN-010 SIPROTEC 5 Application Content 1 Application 3 1.1 Summary
More informationDigital substations. Introduction, benefits, offerings
Digital substations Introduction, benefits, offerings Outline What is a digital substation? Benefits of digital substations ABB offering for digital substations Substation evolution June 26, 2017 Slide
More informationCIP Cyber Security Configuration Change Management and Vulnerability Assessments
CIP-010-2 Cyber Security Configuration Change Management and Vulnerability Assessments A. Introduction 1. Title: Cyber Security Configuration Change Management and Vulnerability Assessments 2. Number:
More informationBuilding Trust in the Internet of Things
AN INTEL COMPANY Building Trust in the Internet of Things Developing an End-to-End Security Strategy for IoT Applications WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Recent security breaches
More informationEPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use
EPRI Research Overview IT/Security Focus November 29, 2012 Mark McGranaghan VP, Power Delivery and Utilization Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use Transmission
More informationCeedo Client Family Products Security
ABOUT THIS DOCUMENT Ceedo Client Family Products Security NOTE: This document DOES NOT apply to Ceedo Desktop family of products. ABOUT THIS DOCUMENT The purpose of this document is to define how a company
More informationSIPROTEC 5 Application Note
www.siemens.com/protection SIPROTEC 5 Application Note SIP5-APN-007: with IEC 61850 Answers for infrastructure and cities. SIPROTEC 5 - Application: SIP5-APN-007 Interconnection of SIPROTEC 5 devices to
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including steep financial losses, damage
More informationBorderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity
Borderless security engineered for your elastic hybrid cloud Kaspersky Hybrid Cloud Security www.kaspersky.com #truecybersecurity Borderless security engineered for your hybrid cloud environment Data
More informationSHA-1 to SHA-2. Migration Guide
SHA-1 to SHA-2 Migration Guide Web-application attacks represented 40 percent of breaches in 2015. Cryptographic and server-side vulnerabilities provide opportunities for cyber criminals to carry out ransomware
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationMicroSCADA Pro Substation automation applications.
G R I D AUTO M ATI O N PRO D U C T S Substation automation applications. ABB Oy Finland Power Grids Grid Automation P.O. Box 614 FI-65101 Vaasa, Finland Phone: +358 10 22 21999 (Customer Support Center)
More informationSECURING DEVICES IN THE INTERNET OF THINGS
SECURING DEVICES IN THE INTERNET OF THINGS WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Security breaches at the device level in the Internet of Things (IoT) can have severe consequences, including
More informationIndustrial Control System Security white paper
Industrial Control System Security white paper The top 10 threats to automation and process control systems and their countermeasures with INSYS routers Introduction With the advent of M2M (machine to
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationThe Top 6 WAF Essentials to Achieve Application Security Efficacy
The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and
More informationAccessories / 7XV5820
Accessories / XV0 XV0 industrial modem and modem-router with switch LSP.tif LSP.tif LSP.tif Modem k / ISDN TA Modem /ISDN Router Pocket Modem / ISDN Fig. / Industrial modems Depending on the available
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationCyber Resilience Solution for Smart Buildings
Cyber Resilience Solution for Smart Buildings Integrated IT/OT Security Oren Aspir, Cyberbit, CTO 2017 by CYBERBIT 2017 by CYBERBIT Proprietary CYBERBIT Proprietary Buildings getting smarter IT systems
More informationIEC in Digital Substation and Cyber security
ABB GRID AUTOMATION IEC 61850 in Digital Substation and Cyber security 72 nd Annual Georgia Tech Protective Relaying Conference Steven Kunsman, May 4, 2018 The digital systems Communication services SV,
More informationDigital Wind Cyber Security from GE Renewable Energy
Digital Wind Cyber Security from GE Renewable Energy BUSINESS CHALLENGES The impact of a cyber attack to power generation operations has the potential to be catastrophic to the renewables industry as well
More informationABB Ability Cyber Security Services Protection against cyber threats takes ability
ABB Ability Cyber Security Services Protection against cyber threats takes ability In today s business environment, cyber security is critical for ensuring reliability of automation and control systems.
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationSecure energy supply. Energy Automation for the Semiconductor Industry
Secure energy supply for the Semiconductor Industry (EA) Integral Part of Energy Sector Energy Sector Oil & Gas Fossil Power Generation Renewable Energy Service Rotating Equipment Power Transmission Power
More informationEvolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa
Evolution of Cyber Security Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa Nasser.Kettani@microsoft.com @nkettani MODERN SECURITY THREATS THERE ARE TWO KINDS OF BIG COMPANIES:
More informationMaximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
More informationNicolás Vidal, CLABB System Data Manager SDM600. See the unseen from a new perspective
Nicolás Vidal, CLABB System Data Manager SDM600 See the unseen from a new perspective See the unseen from a new perspective A comprehensive software solution for automatic management of service and cyber
More informationMay SCADA Testbed Cyber-Security Evaluation. Iowa State University. Advisor: Members: Manimaran Govindarasu
Iowa State University SCADA Testbed Cyber-Security Evaluation Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Advisor: Manimaran Govindarasu May 1013 Project Overview Problem/Need statement
More informationAN IPSWITCH WHITEPAPER. The Definitive Guide to Secure FTP
AN IPSWITCH WHITEPAPER The Definitive Guide to Secure FTP The Importance of File Transfer Are you concerned with the security of file transfer processes in your company? According to a survey of IT pros
More informationBlueprint Data Center
Systems and Applications for Data Center Siemens Industy 1. Overview / Purpose In EM EA the datacenter market is seen as one of the fastest growing of the energy businesses. This blueprint is designed
More informationNERC CIP Compliance Matrix of RUGGEDCOM ROX II Operating System
Application description 03/2017 NERC CIP Compliance Matrix of RUGGEDCOM ROX II Operating RUGGEDCOM ROX II https://support.industry.siemens.com/cs/ww/en/view/109745671 Warranty and Liability Warranty and
More informationCyber Security and Privacy Issues in Smart Grids
Cyber Security and Privacy Issues in Smart Grids Acknowledgement: Slides by Hongwei Li from Univ. of Waterloo References Main Reference Liu, J. and Xiao, Y. and Li, S. and Liang, W. and Chen, C. Cyber
More informationInternet of Things real life cases Alex Ahlberg
Internet of Things real life cases Alex Ahlberg Sales Manager, Symantec Finland & Baltics Symantec At a Glance 175M endpoints under protection $4.6B annual revenue 2123 patents 385,000 customers worldwide
More informationPOWER GRIDS. We are bridging the gap. Enabling Digital Substations.
POWER GRIDS We are bridging the gap. Enabling Digital s. 2 A B B D i g i ta l S u b s tat i o n s ABB s Digital provides customers in the utility sector with unmatched control and efficiency. The digital
More informationSecuring IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems
Securing IEDs against Cyber Threats in Critical Substation Automation and Industrial Control Systems Eroshan Weerathunga, Anca Cioraca, Mark Adamiak GE Grid Solutions MIPSYCON 2017 Introduction Threat
More informationPlant Security Services Protecting productivity in the digital era October
Plant Security Services Protecting productivity in the digital era October2017 Restricted www.siemens.com/plant-security-services Internet of (hacked) Things Page 2 Use case - No OT cybersecurity company
More informationAT&T Endpoint Security
AT&T Endpoint Security November 2016 Security Drivers Market Drivers Online business 24 x 7, Always on Globalization Virtual Enterprise Business Process / IT Alignment Financial Drivers CapEx / OpEx Reduction
More informationProtecting productivity with Industrial Security Services
Protecting productivity with Industrial Security Services Identify vulnerabilities and threats at an early stage. Take proactive measures. Achieve optimal long-term plant protection. usa.siemens.com/industrialsecurityservices
More informationCyber Security for Renewable Energy Systems
Cyber Security for Renewable Energy Systems Asia Pacific Clean Energy Summit August 31, 2010 Juan J. Torres Manager, Energy Systems Analysis Sandia National Laboratories jjtorre@sandia.gov Sandia is a
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationANATOMY OF AN ATTACK!
ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable
More information21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING
WWW.HCLTECH.COM 21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING THE AGE OF DISRUPTION: THE AGE OF CYBER THREATS While the digital era has brought with it significant advances in technology, capabilities
More information