Lindström Tomas Cyber security from ABB System 800xA PA-SE-XA

Similar documents
Cyber Security for Process Control Systems ABB's view

System 800xA Cyber Security Maximizing cyber security in process automation

IC32E - Pre-Instructional Survey

TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION

Cyber security - why and how

Ensuring Your Plant is Secure Tim Johnson, Cyber Security Consultant

Cisco Secure Ops Solution

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Industrial Security Getting Started

KASPERSKY ENDPOINT SECURITY FOR BUSINESS

Protecting productivity with Industrial Security Services

Securing Plant Operation The Important Steps

ДОБРО ПОЖАЛОВАТЬ SIEMENS AG ENERGY MANAGEMENT

Symantec Endpoint Protection Integration Component User's Guide. Version 7.0

ABB Process Automation, September 2014

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

T22 - Industrial Control System Security

Carbon Black PCI Compliance Mapping Checklist

Drive Remote Service Platform

Functional. Safety and. Cyber Security. Pete Brown Safety & Security Officer PI-UK

Internet of Things real life cases Alex Ahlberg

The Information Age has brought enormous

Reviewer s guide. PureMessage for Windows/Exchange Product tour

GUIDE. MetaDefender Kiosk Deployment Guide

Windows Server Network Access Protection. Richard Chiu

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Presenter Jakob Drescher. Industry. Measures used to protect assets against computer threats. Covers both intentional and unintentional attacks.

Cyber Security Solutions Mitigating risk and enhancing plant reliability

Windows IoT Security. Jackie Chang Sr. Program Manager

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Free Download BitDefender Business Security 3 Years 5 PCs full version free software download ]

Just How Vulnerable is Your Safety System?

McAfee Embedded Control

Watson Developer Cloud Security Overview

SIMATIC. Process Control System PCS 7 V7.0 SP1 Security Information Note: Setting up antivirus software. Preface. Using virus scanners 2

Practical SCADA Cyber Security Lifecycle Steps

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

Un SOC avanzato per una efficace risposta al cybercrime

Online Services Security v2.1

Virtualization Security & Audit. John Tannahill, CA, CISM, CGEIT, CRISC

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Ransomware A case study of the impact, recovery and remediation events

Simple and Powerful Security for PCI DSS

AT&T Endpoint Security

K12 Cybersecurity Roadmap

Datacenter Security: Protection Beyond OS LifeCycle

Security Architecture

Cyber security for digital substations. IEC Europe Conference 2017

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Cyber Security Solutions for Industrial Controls

Security

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Language for Control Systems

Server Hardening Title Author Contributors Date Reviewed By Document Version

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Case Study: Security Implementation for a Global Packaging Company

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Providing Cybersecurity Inventory, Compliance Tracking, and C2 in a Heterogeneous Tool Environment

SECURITY PRACTICES OVERVIEW

Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS

Security Fundamentals for your Privileged Account Security Deployment

McAfee Embedded Control for Retail

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

Surprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS

Roy Tanner, Extended Automation Product Group, June 2014 World Control Tour What s New 800xA v6. ABB Group October 14, 2014 Slide 1

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Designing and Building a Cybersecurity Program

Building Resilience in a Digital Enterprise

Process System Security. Process System Security

Mark Littlejohn June Improving ICS Cyber Security Consistency Using Managed Security Services

Lifecycle Performance Care Services. Bulletin 43D02A00-04EN

ConnectWise Automate. What is ConnectWise Automate?

White Paper April McAfee Protection-in-Depth. The Risk Management Lifecycle Protecting Critical Business Assets.

AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

Intelligent, Collaborative Endpoint Security

Cyber Security For Business

Dynamic Datacenter Security Solidex, November 2009

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Free Download BitDefender Business Security 2 Years 30 PCs web software free ]

Discount Bitdefender Security for SharePoint website for free software ]

Security by Default: Enabling Transformation Through Cyber Resilience

Managed Security Services - Endpoint Managed Security on Cloud

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Comodo cwatch Web Security Software Version 1.0

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

RIPE RIPE-17. Table of Contents. The Langner Group. Washington Hamburg Munich

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

HALO IN ACTION COMPLIANCE DON T LET LEGACY SECURITY TOOLS HOLD UP PCI COMPLIANCE IN THE CLOUD. Automated PCI compliance anytime, anywhere.

How security intelligence can be used for incident management. Volker Rath, Techn. Lead Consulting Services

AUTHORITY FOR ELECTRICITY REGULATION

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

CompTIA Cybersecurity Analyst+

Cyber security tips and self-assessment for business

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

myabb/my Control System End User Manual

Transcription:

Lindström Tomas 2013-09-02 Cyber security from ABB System 800xA PA-SE-XA-015963

Cyber Security solutions from ABB Agenda Cyber Security in ABB: general view, activities, organization How we work with Cyber Security: The SD 3 +C framework in System 800xA Application whitelisting for System 800xA web portal Communication and SW tailored for your system What do I get from where? Solutions from ABB Solutions from ABB s partners September 5, 2013 Slide 2 Tomas Lindström Cyber Security Manager ABB BU Control Technologies tomas.lindstrom@se.abb.com, 021-343049

Cyber Security in the System Lifecycle An important factor in all phases Product Lifecycle Project Lifecycle Plant Lifecycle Design Implementation Verification Release Support Design Engineering FAT Commissioning SAT Operation Maintenance Review Upgrade September 5, 2013 Slide 3

Cyber security is an integral part of ABB s products and systems Embedded in the product life cycle From early design to service Embedded in the organization Cyber security Councils on Group, Division and BU level Collaboration Partner with industry collaborators and specialists Close collaboration with customers Compliance with standards Active role in standardization initiatives September 5, 2013 Slide 4

Security for System 800xA for all phases The SD 3 + C Security Framework Design Security in the Product Development Process: Requirements, Design, Implementation, Verification Default Default installation and usage with minimal attack surface Built in functions for Secure in Deployment Support for Secure Project and Plant Lifecycle Validation of 3 rd party software and solutions Communication Correct information to those who need to know September 5, 2013 Slide 5

Design Security in the Product Development Processes SD 3 + C Design Default Secure in Deployment Communication Security integrated in the Quality Management System Security check points at Project Gates Threat modeling Secure coding guidelines Design and code reviews Aligning with Microsoft s SDL (Security Development Lifecycle) Security Testing By R&D teams By ABB s Device Security Assurance Center (DSAC) By 3 rd party testers September 5, 2013 Slide 6

Default Secure Built in Functions and Default Settings SD 3 + C Design Default Secure in Deployment Communication September 5, 2013 Slide 7 Automatic installation with Secure default settings and system hardening Advanced Role Based Access Control User Authentication based on Windows Active Directory or Workgroup 800xA Access Control Based on User, Role, and Location Set on Structure, Object and Attribute level Special Authentication functions Re-authentication, Double authentication Log over Audit trail of user actions Digital signatures

Default support for Networks and Hosts SD 3 + C Design Default Windows Firewall in Servers and Workstations Client-Server communication protected with IPSec Network redundancy based on dual separated networks Network filter in Controllers and Communication Modules Blocks unsupported traffic Network Storm protection Secure in Deployment Communication IPSec protection of the Client Server Network Separated networks enable fault isolation September 5, 2013 Slide 8

Secure in Deployment Supporting installations throughout all their Lifecycles SD 3 + C Design Default Secure in Deployment Communication User manuals, guidelines and system functions Best practices for Secure Architectures Backup/restore solutions Malware protection solutions Validating Antivirus SW (Automation Sentinel) Application : 800xA SE46 Patch management solutions Validating Security updates (Automation Sentinel) Patch deployment solutions Industrial Defender Security Event management with Monitor September 5, 2013 Slide 9 Asset Inventory Management with Manage

Communication Inform those who need to know in case of problems SD 3 + C Design Default Secure in Deployment Reporting a suspected problem: ABB Customer: Your regular ABB contact Others: www.abb.com/cybersecurity or cybersecurity@ch.abb.com ABB s Responses in case of product vulnerability Field Communication Security Bulletin or Safety Report or Product Alert if Safety impact If publically disclosed è public response: ICS-CERT and www.abb.com/cybersecurity Communication September 5, 2013 Slide 10

Application for System 800xA 800xA SE46 from ABB and Cryptzone Antivirus SW blocks malware based on a blacklist Application SW only allows known SW to run SE46 Agents on 800xA Servers and Workstations known SW identified with Application Certificates:(AppCerts) SE46 runs on existing 800xA nodes: No extra system HW needed SE 46 Studio on secured computer Integration with Industrial Defender: SE46 log events collected for centralized analysis SE46 Agents protect the computers September 5, 2013 Slide 11 Industrial Defender Agents forward SE46 Events to the Automation Systems Manager

800xA SE46 System components Policies: What should the SE46 Agents do with unknown SW Viewing SE46 log Monitor mode: Report execution in SE46 log Blocking mode: Block execution (and report) Application Certificates and Policies Installed in the Distribution Point Management Application 800xA Servers and Workstations SE 46 Distribution Point in the 800xA Central Licensing Server DP SE46 Agents protect the computers September 5, 2013 Slide 12 Application Certificates and Policies Distributed to the Agents from the Distribution Point

800xA SE46 Creating Application Certificates The SE46 Inventory tool scans the computers and creates Fingerprint files i i i i i i Fingerprint Files The SE46 Studio creates the Application Certificates based on the Fingerprint files September 5, 2013 Slide 13

800xA SE46 Creating Application Certificates After installation Based on inventory of what is actually installed Based on agent log entries Pre-made, before installation (unique feature for SE46!) Fingerprint the executables in advance 100% coverage not possible, but still very valuable Some code is site adapted, e.g. just in time compiled Pre-made by ABB (future) Operating System ABB applications Drivers for IIT Certified HW September 5, 2013 Slide 14 Qualified 3 rd party SW security updates

800xA SE46 Installing new Software 1. Install pre-made Application Certificates if there are any 2. Switch to Monitor mode 3. Install new SW 4. Do new inventory 5. Go through the list of new/modified applications (Shorter list if pre-made Application Certificates are used) If you trust them: Include them in a new Application Certificate If not: Exclude and remove from the computer 6. Install the new Application Certificates 7. Check the SE46 log for any exceptions 8. Switch to Blocking mode September 5, 2013 Slide 15

Security via web portal Communication and SW tailored for your system Field Communication related to your system e.g. Security Bulletins Security fingerprint reports With ABB Automation Sentinel 800xA SW updates 3 rd party SW Security updates validation results PDF document with validation status Qualified Security Updates ZIP-file (the files) Coming: New distribution and deployment methods Anti Virus Definition Files validation results (daily!) McAfee Virus Scan Enterprise (validation status) Symantec Endpoint Protection (validation status + files) Coming: Cyber Security Benchmark ( traffic light status) September 5, 2013 Slide 16

What do I get from where? Solutions from ABB System 800xA Covering your essential needs/the good start Malware protection: Application 800xA SE46 ABB Automation Sentinel Keeps you up to date ABB s Cyber Security Fingerprint Configuration compliance management service E163 Cyber Security for System 800xA Expert Workshop training September 5, 2013 Slide 17

What do I get from where? Solutions from ABB s partners Malware protection: AntiVirus McAfee VirusScan Enterprise with epo server Symantec Endpoint Protection Security Event Monitoring Industrial Defender Monitor Configuration compliance management (24*7) Industrial Defender Manage September 5, 2013 Slide 18

September 5, 2013 Slide 19

Secure in Deployment details, Qualified partner additions System 800xA with Industrial Defender ASA+ASM Introduction Security Objectives Security practices Products and Solutions Plant Intranet Demilitarized Zone 800xA Servers and Workstations 800xA Client Server Network 800xA Connectivity Servers 800xA Control Network Controllers Field Networks September 5, 2013 Slide 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback