1 / 22

H igh S ecured Inter-Cloud Connectivity via Public Networks

Fulfill the security policies and enable smart services without risking network, system or data of the product operator and of the service provider. This pilot use case explores the consequences of insecure Cyber-Physical Systems (CPS) and presents a state-of-the-art approach and results for achieving high-secured inter-cloud connectivity.

tmerritt
Download Presentation

H igh S ecured Inter-Cloud Connectivity via Public Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. High Secured Inter-Cloud Connectivity via Public Networks Andreas Aldrian Christoph Schmittner Austrian Institute of Technology Christoph.schmittner.fl@ait.ac.at AVL List GmbH andreas.aldrian@avl.com

  2. project network

  3. storyline Pilot Use Case Consequencesofinsecure CPS Goal State ofthe Art Approach Results

  4. use case in a nutshell no inbound initiation no routing isolated network internet AVL AVL product @customer • Typical use cases: • remote interaction • remote updates of software/firmware • health and status tracking • pre-emptive services (condition based) • logistic purposes • reporting of availability and utilization

  5. Consequencesofinsecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operationaland communication requirements(interfaces, protocols) http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks

  6. Consequencesofinsecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operationaland communication requirements(interfaces, protocols) http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

  7. Consequencesofinsecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operationaland communication requirements(interfaces, protocols) https://www.sentryo.net/cyberattack-on-a-german-steel-mill/ http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

  8. Consequencesofinsecure CPS Modern ICS and CPS require connection, cooperation, automation These (often legacy) systems have diverse operationaland communication requirements(interfaces, protocols) https://www.sentryo.net/cyberattack-on-a-german-steel-mill/ http://www.networkworld.com/article/2225104/microsoft-subnet/not-cyber-myths--hacking-oil-rigs--water-plants--industrial-infrastructure.html http://www.symantec.com/connect/blogs/iot-devices-being-increasingly-used-ddos-attacks http://www.theregister.co.uk/2016/03/24/water_utility_hacked/

  9. Goal Fulfillthe security policies and enable smart services without risking Network, system or data of the product operator and of the service provider Safety or reliability of machinery

  10. State ofthe Art First industrialsecuritystandard: IEC 62443: Industrial communication networks - Network and system security Considers IT-Security, securityofmachineryand also impacts on safetyandreliability

  11. State ofthe Art First industrialsecuritystandard: IEC 62443: Industrial communication networks - Network and system security Considers IT-Security, securityofmachineryand also impacts on safetyandreliability Under Review Development Development Planned Under Review Planned Available Available Under Review Draft Available Draft Draft

  12. Approach Weneededsomethingwhichworksforsafety & security Wedeveloped an approachforsafety & securityanalysisand iterative design workflow

  13. Safety & Security analysis approach System Model Basedon ISO 27005 IEC 60812 Microsoft STRIDE Securityobjectives Failurecatalogue Survey Threatcatalogue Unified catalogue Impactassessment Riskassessment Risk Catalogue Likelihoodassessment Based on: ETSI TS 102 165-1 IEC 60812

  14. Simplified systemmodel Toeaseriskassessmentsomecomponentshavebeencombined Stronglyrelatedprocesseswithin a trustboundary Data flowsbetweenthesamecomponents

  15. Threat & Failure Catalogue Similar approach for safety and security, use system model and identify potential manipulations (STRIDE) or deviations (failure modes) from normal operation STRIDE: Spoofing of user identity, Tampering, Repudiation, Information disclosure, Denial of service (D.o.S), Elevation of privilege Failuremodesforcommunicationorprocessingunits: Missing Data, Incorrect Data, Timing of Data, Extra Data, Halt/Abnormal, Omitted Event, Incorrect Logic, Timing/Order

  16. Risk Catalogue Investigate overlap between safety and security effects Estimate risk based on impact and likelihood Formulate safety and security goals

  17. Design workflow

  18. results of the security & safety analysis no inbound initiation non-routable communication (serial interface) AVL product @customer internet AVL infra mediator unit

  19. security controller

  20. final topology & encryption levels we utilized ISO20922 (MQTT) as data exchange between both clouds

  21. ArrowHead contribution ISO20922 + HW security as enabler for secure inter-cloud communication

  22. Thankyou!

More Related