CIP Security Phase 1 Secure Transport for EtherNet/IP

Similar documents
Transport Level Security

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Pull Model from the Implementation Standpoint. Jack Visoky and Joakim Wiberg Rockwell Automation and HMS. October 10, 2018

CIP Security Pull Model from the Implementation Standpoint

Internet security and privacy

FIREWORKS IN THE ETHER. Get ready now for emerging technology and standards that will take industrial Ethernet to new heights

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

CSCE 715: Network Systems Security

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Network Encryption 3 4/20/17

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

About FIPS, NGE, and AnyConnect

On the Internet, nobody knows you re a dog.

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Overview. SSL Cryptography Overview CHAPTER 1

How to Configure SSL Interception in the Firewall

Cisco IP Phone Security

Designing Network Encryption for the Future Emily McAdams Security Engagement Manager, Security & Trust Organization BRKSEC-2015

Sample excerpt. Virtual Private Networks. Contents

Facing the Challenges of M2M Security and Privacy Phil Hawkes Principal Engineer at Qualcomm Inc. onem2m

Information Security CS 526

ODVA Specification Mandatory Change List

Jonas Green, Björn Otterdahl HMS Industrial Networks AB. February 22, 2017

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

This presentation covers Gen Z s Security capabilities.

Transport Layer Security

Scalable and Interoperable DDS Security

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

CSE543 Computer and Network Security Module: Network Security

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Chapter 24 Wireless Network Security

IKE and Load Balancing

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Configuring Internet Key Exchange Security Protocol

But where'd that extra "s" come from, and what does it mean?

Configuring Secure Socket Layer HTTP

Configuring Secure Socket Layer HTTP

Lecture 12 Page 1. Lecture 12 Page 3

Securing Internet Communication: TLS

COSC 301 Network Management. Lecture 15: SSL/TLS and HTTPS

Transport Layer Security

Recommended Functionality for EtherNet/IP Devices

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

TLS1.2 IS DEAD BE READY FOR TLS1.3

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

Lecture 13 Page 1. Lecture 13 Page 3

Sensitive Information in a Wired World

Plaintext-Recovery Attacks Against Datagram TLS

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

Protection Profile Summary

Introduction and Overview. Why CSCI 454/554?

E-commerce security: SSL/TLS, SET and others. 4.1

IPv6 Adaptation of EtherNet/IP

Solving HTTP Problems With Code and Protocols NATASHA ROONEY

It Just (Net)works. The Truth About ios' Multipeer Connectivity Framework. Alban

Recommended Functionality for EtherNet/IP Devices

Network Security. Thierry Sans

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

IP Security. Cunsheng Ding HKUST, Kong Kong, China

The IPsec protocols. Overview

Grandstream Networks, Inc. GWN7000 Multi-WAN Gigabit VPN Router VPN Configuration Guide

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

Firewalls, Tunnels, and Network Intrusion Detection

Progressively Securing RIOT-OS!

Cisco Desktop Collaboration Experience DX650 Security Overview

Chapter 5: Network Layer Security

TLS. RFC2246: The TLS Protocol. (c) A. Mariën -

CIS 6930/4930 Computer and Network Security. Topic 8.1 IPsec

Link & end-to-end protocols SSL/TLS WPA 2/25/07. Outline. Network Security. Networks. Link and End-to-End Protocols. Link vs. End-to-end protection

MTAT Applied Cryptography

Overview of TLS v1.3 What s new, what s removed and what s changed?

Configuring SSL. SSL Overview CHAPTER

Network Security and Cryptography. 2 September Marking Scheme

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

Secure Communications on VoIP Networks

IP Security. Have a range of application specific security mechanisms

Network Working Group. Category: Standards Track December 2005

IPV6 SIMPLE SECURITY CAPABILITIES.

VPN Overview. VPN Types

Securing Internet Communication

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

IBM Education Assistance for z/os V2R1

HTTPS--HTTP Server and Client with SSL 3.0

Securing Network Communications

CSCE 715: Network Systems Security

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Security and Lawful Intercept In VoIP Networks. Manohar Mahavadi Centillium Communications Inc. Fremont, California

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/sicurezza1415/ Chapter 16: 1

VPN World. MENOG 16 Istanbul-Turkey. By Ziad Zubidah Network Security Specialist

Cisco Security Solutions for Systems Engineers (SSSE) Practice Test. Version

HTTPS--HTTP Server and Client with SSL 3.0

Encrypted Phone Configuration File Setup

IPSec. Overview. Overview. Levente Buttyán

Network Security and Cryptography. December Sample Exam Marking Scheme

14. Internet Security (J. Kurose)

Configuring SSL CHAPTER

Transcription:

CIP Security Phase 1 Secure Transport for EtherNet/IP Brian Batke, Rockwell Automation Dennis Dubé, Schneider Electric Joakim Wiberg, HMS Industrial Networks October 14, 2015

The Need for a Secure Transport Pump Off Production Equipment Attacker s Computer Poison Poison ARP ARP Pump Off Pump On Attacker s Router 2

Establish Secure Transport Pump Off Secure Transport Solution Production Equipment Attacker s Computer Poison ARP Poison Pump ARP Pump On Off Attacker s Router CIP Security Goals Reject data that has been altered (integrity) Reject messages sent by untrusted entities (authenticity) Reject actions that are not allowed (authorization, phase 2) 3

Specification Enhancements for CIP Security Specification Enhancements for CIP Security Device Hardening The CIP Networks Library 2015 PC2 General Description EtherNet/IP product hardening requirements and recommendations Secure communications between EtherNet/IP endpoints: data integrity, data confidentiality, and device authenticity Technical Description Protection Mode attribute to Identity Object. Recently updated to include Implicit and Explicit modes EtherNet / IP over TLS for UCMM and Class3 EtherNet / IP over DTLS for Class 0/1 Security is only assured on Ethernet The CIP Networks Library 2017+ Secure end-to-end communications between CIP endpoints: data integrity, device and user authenticity CIP enhancement to support user and device authentication along with device access policy enforcement (authorization) 4

CIP Security Features Security Properties CIP Security TM (2015) CIP Security TM (2017+) Device Authentication (Ethernet device) (CIP device) Device Trust Model Broad (group(s) of trusted devices) Narrow (individual trusted device or app) Device Identity (PSK or X.509 Certificate) (TBD) Integrity (Ethernet transport layer) (CIP application layer) Confidentiality (TBD) User Authentication Change Detection (Audit) Policy Enforcement (Authorization) (CIP device) 5

EtherNet/IP Integrity Profile : Provides device authentication and data integrity of packets on Ethernet networks. EtherNet/IP Confidentiality Profile : Provides confidentiality to data in transit (Adds Confidentiality to EtherNet/IP Integrity profile) CIP Security Profiles CIP Authorization Profile: Provides user & device authentication and device access policy enforcement (authorization) CIP Integrity Profile: Provides end to end data integrity at the CIP application layer (Adds CIP Integrity to the CIP Authorization profile) 6

Phase 1 Solution Summary TLS (TCP) and DTLS (UDP) provide the secure transport Same approach as HTTPS: HTTPS = HTTP over SSL/TLS Secure EtherNet/IP = EtherNet/IP over TLS and DTLS Same EtherNet/IP, but over a secure transport 7

CIP Security P1: EtherNet/IP over TLS/DTLS EtherNet/IP over (D)TLS Scanner Adapter CNet, DNet, etc. Normal CIP E/IP over TLS/DTLS 8

Phase 1 Solution Summary What is TLS? Transport Layer Security Defined via RFCs: RFC 5246 for TLS; RFC 6347 for DTLS Related RFCs for X.509 certificates, cipher suite definitions, etc. Standard protocol, widely used to secure Internet traffic Bottom line: We don t have to invent the secure transport We just use it for EtherNet/IP 9

Establish a session Agree on algorithms, share secrets, perform authentication Transfer application data Ensure privacy and integrity TLS Architecture Handshake Protocol Change Cipher Spec Alert Protocol TLS Record Protocol 10

TLS Architecture Initializes secure Communication HTTP, EtherNet/IP, etc. Error handling Change Cipher Alert Hand- Shake App Handles communication With the application Breaks msg into blocks Adds HMAC & encryption Transmits the result Performs opposite on receive Record Layer TCP Initializes communcation Between client & server 11

CIP Security Layers CIP Application (including objects) CIP I/O Application UCMM / Class 3 Class 0/1 EtherNet/IP Encapsulation EtherNet/IP Common Packet Format Transport Layer Security (TLS) DTLS TCP UDP Internet Protocol (IP) 12

CIP Security Capabilities Only trusted entities (device or s/w app) able to connect. Two trust options: Pre-Shared Keys (PSK), configured in originator and target X.509 Certificates, with common root authority In both cases, both originator and target verified Prevent untrusted comms Message integrity and authenticity Provided by HMAC on (D)TLS packets. Includes anti-replay Prevent msg tampering Optional message encryption Will be a user choice (performance impact) Prevent eavesdropping 13

Originator Target Class 0/1 over DTLS FwdOpen [if class 0/1 AND no DTLS session] Open DTLS session FwdOpen Request FwdOpen Reply Class 0/1 Connected Data Note: FwdOpen over UDP Class 0/1 Connected Data Class 0/1 Connected Data FwdClose Class 0/1 Connected Data FwdClose Request FwdClose Reply [if no class 0/1] close DTLS session 14

Volume 8 Content Chapter 1: Introduction Chapter 2: <currently empty, expected to be CIP Security> Chapter 3: EtherNet/IP Security Chapter 4: Configuration and Commissioning Chapter 5: Object Library Chapter 6: Security Profiles Chapter 7: <currently empty, expected to be EDS Files> Chapter 8: Certificate Management 15

Volume 8 Content Behavior of EtherNet/IP over TLS and DTLS (Chapter 3) New port number (2221 for both TCP and UDP, registered with IANA) Required (D)TLS cipher suites New CPF message for FwdOpen over UDP (in Volume 2, Chapter 2) Originator and target behavior with respect to (D)TLS Multiple connections, sequence number rollover, etc. 16

Cipher Suite TLS_RSA_WITH_NULL_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA25 6 TLS_RSA_WITH_AES_256_CBC_SHA25 6 TLS_ECDHE_ECDSA_WITH_NULL_SHA TLS_ECDHE_ECDSA_WITH_AES_128_C BC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_C BC_SHA384 TLS_ECDHE_PSK_WITH_NULL_SHA25 6 TLS_ECDHE_PSK_WITH_AES_128_CBC _SHA256 Cipher Suites Description RSA for key exchange; null encryption; SHA256 for message integrity. Encryption not provided. RSA for key exchange. AES 128 for message encryption, SHA256 for message integrity. RSA for key exchange. AES 256 for message encryption, SHA256 for message integrity. ECDHE_ECDSA for key exchange; null encryption; SHA1 for message integrity. Encryption not provided. ECDHE_ECDSA for key exchange. AES 128 for message encryption, SHA256 for message integrity. ECDHE_ECDSA for key exchange. AES 256 for message encryption, SHA256 for message integrity. ECDHE in conjunction with PSK for key exchange; null encryption; SHA256 for message integrity. Encryption not provided. ECDHE in conjunction with PSK for key exchange. AES 128 for message encryption, SHA256 for message integrity. 17

CIP Security Object Exclusivity during commissioning EtherNet/IP Security Object EtherNet/IP Security Object instance 1 Active Device Certificates attribute Trusted Authorities attribute CRL attribute Certificate Management Object Certificate Management Object instance x Device Certificate attribute CA Certificate attribute Volume 8 Content File Object File Object instance File Object instance EtherNet/IP Security Object Configuration of TLS/DTLS related settings (other attributes) File Object instance Certificate Management Object Interface to get/set certificate and related files File Object instance 18

Volume 8 Content Certificate management requirements / recommendations Vendor certificate recommended (802.1AR) Self-signed default certificate if no vendor cert Key generation and storage considerations CIP Security profiles Defined groupings of capabilities Will drive conformance test 19

But will it work? Several vendors have prototype implementations UCMM / Class 3 over TLS Class 0 / 1 over DTLS (partial implementation) Possibility of multi-vendor prototype interop event Tentative More participants welcome! 20

Next steps CIP Security Phase 1.5 Certificate enrollment via standard protocol (EST required, SCEP optional) Multiple certificate support Investigate secure multicast support CIP Security Phase 2 CIP level authentication and authorization Users and devices Will require further input and scoping with ODVA Security Task Force 21

THANK YOU

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback