Improving SCADA System Security

Similar documents
Language for Control Systems

Space Cyber: An Aerospace Perspective

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Vulnerability Disclosure

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

The GenCyber Program. By Chris Ralph

Bird of a Feather Automated Responses

Cyber Attacks & Breaches It s not if, it s When

IE156: ICS410: ICS/SCADA Security Essentials

Department of Management Services REQUEST FOR INFORMATION

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

Strategies for Maritime Cyber Security Leveraging the Other Modes

Mark Littlejohn June 23, 2016 DON T GO IT ALONE. Achieving Cyber Security using Managed Services

Cyber Defence Situational Awareness

Continuous protection to reduce risk and maintain production availability

align security instill confidence

Digital Wind Cyber Security from GE Renewable Energy

Wireless e-business Security. Lothar Vigelandzoon

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Dynamic Risk Management for Cyber Defence

Software & Supply Chain Assurance: Enabling Enterprise Resilience through Security Automation, Software Assurance and Supply Chain Risk Management

How AlienVault ICS SIEM Supports Compliance with CFATS

HPH SCC CYBERSECURITY WORKING GROUP

COUNTERING IMPROVISED EXPLOSIVE DEVICES

Summary of Cyber Security Issues in the Electric Power Sector

Ensuring System Protection throughout the Operational Lifecycle

The Perfect Storm Cyber RDT&E

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Advanced Cyber Risk Management Threat Modeling & Cyber Wargaming April 23, 2018

PREPARE & PREVENT. The SD Comprehensive Cybersecurity Portfolio for Business Aviation

Appendix 12 Risk Assessment Plan

Security Standards for Electric Market Participants

Position Description. Computer Network Defence (CND) Analyst. GCSB mission and values. Our mission. Our values UNCLASSIFIED

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

IBM Security Network Protection Solutions

Cyber Criminal Methods & Prevention Techniques. By

A Government Health Agency Trusts Tenable to Protect Patient Data and Manage Expanding Attack Surface

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Medical Device Cybersecurity: FDA Perspective

Firewalls (IDS and IPS) MIS 5214 Week 6

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Changing face of endpoint security

CERT Overview. Jeffrey J. Carpenter 2008 Carnegie Mellon University

Security by Default: Enabling Transformation Through Cyber Resilience

OCNI Workshop. Kathryn A. McCarthy, VP R&D 2017 September 6. Petawawa Golf Club UNRESTRICTED -1-

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Cyber Protections: First Step, Risk Assessment

CompTIA Cybersecurity Analyst+

Awareness as a Cyber Security Vulnerability. Jack Whitsitt Team Lead, Cyber Security Awareness and Outreach TSA Office of Information Technology

An Operational Cyber Security Perspective on Emerging Challenges. Michael Misumi CIO Johns Hopkins University Applied Physics Lab (JHU/APL)

Threat and Vulnerability Assessment Tool

Best Practices for a Cyber Fortified Supply Chain. By Craig Bowman. Vice President Verizon Advanced Solutions Division.

6 KEY SECURITY REQUIREMENTS

2 nd Cybersecurity Workshop Test and Evaluation to Meet the Advanced Persistent Threat

TOP 10 VULNERABILITIES OF CONTROL SYSTEMS AND THEIR ASSOCIATED MITIGATIONS 2007

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

Science & Technology Directorate: R&D Overview

Cyber Security on Commercial Airplanes

Vulnerability Management Policy

INFORMATION ASSURANCE DIRECTORATE

CS 356 Operating System Security. Fall 2013

AUTHORITY FOR ELECTRICITY REGULATION

Appendix 12 Risk Assessment Plan

Cybersecurity Test and Evaluation Achievable and Defensible Architectures

to Enhance Your Cyber Security Needs

CIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra

Transportation Security Risk Assessment

Cyber Security Summit 2014 USCENTCOM Cybersecurity Cooperation

Cybersecurity Session IIA Conference 2018

Arbor White Paper Keeping the Lights On

CISO as Change Agent: Getting to Yes

Principles of Information Security, Fourth Edition. Chapter 1 Introduction to Information Security

Engineering Your Software For Attack

Think Like an Attacker

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Securing Industrial Control Systems

Sage Data Security Services Directory

Grid Security & NERC. Council of State Governments. Janet Sena, Senior Vice President, Policy and External Affairs September 22, 2016

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

DHS Cybersecurity: Services for State and Local Officials. February 2017

Indicate whether the statement is true or false.

PT Unified Application Security Enforcement. ptsecurity.com

LESSONS LEARNED IN SMART GRID CYBER SECURITY

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013

Fundamentals of Information Systems Security Lesson 5 Auditing, Testing, and Monitoring

Cyber Security in Timothy Brown Dell Fellow and CTO Dell Security

Advanced Threat Protection Buyer s Guide GUIDANCE TO ADVANCE YOUR ORGANIZATION S SECURITY POSTURE

Solutions Technology, Inc. (STI) Corporate Capability Brief

ALTITUDE DOESN T MAKE YOU SAFE. Satcom Direct s Comprehensive Cyber Security Portfolio for Business Aviation

Defense Security Service. Strategic Plan Addendum, April Our Agency, Our Mission, Our Responsibility

Beyond Firewalls: The Future Of Network Security

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

About Issues in Building the National Strategy for Cybersecurity in Vietnam

ALIGNING CYBERSECURITY AND MISSION PLANNING WITH ADVANCED ANALYTICS AND HUMAN INSIGHT

Interactive Remote Access FERC Remote Access Study Compliance Workshop October 27, Eric Weston Compliance Auditor Cyber Security.

Required Reading: Conference Activity #1

Cyber Security for Process Control Systems ABB's view

Transcription:

Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September 30, 2004

Orientation

National Security Division Mission Areas Homeland Security Combat Support/Demilitarization Nonproliferation/Counter-proliferation Intelligence Technology and Analysis Information and Communications Safeguards and Security

Critical Infrastructure Assurance Critical Infrastructure Test Range Wireless SCADA Cyber Security Transportation Physical Security systems Test Range Protocols

Infrastructure Interdependencies Problem: Given the increasing interconnections and interdependencies of our critical infrastructure systems, it is absolutely essential that we understand their vulnerabilities, so we can correct or compensate for them. Infrastructure systems were designed by engineers to address a specific need. Security, (physical or Cyber), is an after thought, if addressed at all.

Cyber Security Research Mission Provide internationally recognized Cyber Security resources capable of providing unique solutions to complex problems in the protection of our nation s infrastructure.

Genesis Tasked to protect the integrity of the INEEL production environment IT while enabling the successful completion of mission objectives. Areas of Expertise: Intrusion Detection Network Traffic Analysis Automated Modem War Dialing Incident Response and Reporting Operating System Vulnerability Assessment System Forensics Strategic Technology Assessment Unique Tool Development

SCADA / PCS assessment and mitigation Cyber Security Centric Engineering Design Review Comprehensive Remote and Onsite assessments Vendor / Industry interactive National SCADA Test Bed Control Systems Security & Test Center

Cyber Security Lab Problem: The risks to U.S. critical infrastructure from cyber attacks are real and evolving. Leveraged Solution: Utilizing multi-faceted capabilities from various design engineering components of the INEEL IT and RD organizations. Resources like the Cyber Security Lab can play an integral role in all aspects of solution development.

Vendor / Industry interactive System Arrives Sponsor path Provide baseline recommendations Baseline Identify Vulnerabilities Identify Script Kiddie concerns Generate Exploit Code Demonstrate examples of hostile activity Work with Sponsor To mitigate Assist in mitigation or T&E of same Determine acceptable level of risk Assess modified risk state Repeat Secure path Document Initial State Prioritize and classify (1-n) vulnerabilities Address most probable attack mechanisms at this layer Document vendor / sponsor modifications Evaluate / record effectiveness and impact

SCADA System Exploit Demonstration NPCC Task Force on Infrastructure Security and Technology, October 26 27, 2004 - Boston MA Afternoon Workshop split into two sessions Phase 1 Component Overview Attack demonstration and Impact Phase 2 Detailed configurations Hands On detection / mitigation

Typical Utility Network Architecture

Demonstration Overview Phase 1 Demonstration of cyber exploit on multiple levels Operating System Standard network protocol SCADA system protocol Network Component overview Assessment/Mitigation/Protection Strategies

Demonstration Overview Phase 2 Layered defense configuration Exploit/Defense interaction What does an IDS see during an exploit? What does a Firewall see during an exploit? Rule set configuration Security Tools of the Trade

Points of Contact Robert Hoffman, Manager Cyber Security Research hoffrw@inel.gov, (208) 526-8599, (208) 521-4247

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback