1 / 20

Security, Access and Control of an Industrial Wireless Network Mike Malone Microwave Data Systems

Security, Access and Control of an Industrial Wireless Network Mike Malone Microwave Data Systems. Agenda. Industry Trends Network Security Analysis Security and Wireless Serial Networks Wireless LAN Risk Management Summary. Industry/Market Trends.

DoraAna
Download Presentation

Security, Access and Control of an Industrial Wireless Network Mike Malone Microwave Data Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security, Access and Control of an Industrial Wireless Network Mike Malone Microwave Data Systems

  2. Agenda • Industry Trends • Network Security Analysis • Security and Wireless Serial Networks • Wireless LAN Risk Management • Summary

  3. Industry/Market Trends • Security needs are growing on a daily basis - Dispersed networks and multiply access points can leave a network vulnerable to hackers and terrorists Corporate WAN VSAT Leased line Corporate Host Centralized database holds corporate information

  4. Industry/Market Trends • Heightened awareness and sensitivity has led to increased security efforts in all aspects of our lives • Security of critical infrastructure/assets is one of our nation’s most important objectives.

  5. Network Security Analysis • Wired networks are also vulnerable • Telephone, fiber optic, coaxial cable have higher risk for breakage or damage due to storms, motor vehicle accidents, construction work, sabotage, and tapping • Repairs may take days or weeks during a widespread crisis • Wireless has potentially less failure points • Network Access Priority • During heavy periods of telephone use, such as an emergency situation, voice traffic is the priority, not data • Private networks have a more predictable traffic composition

  6. Network Security Analysis • Two types of networks • Multiple service IP networks • Dedicated service serial networks • Several types of risks • Free access to internet • Databases: company records, password files, account numbers, network diagrams, manuals, location of instruments, etc. • Applications: controlling behavior of remote devices and resources

  7. SCADA Polling Systems • Single Service Oriented • A host sends commands or requests, and expects an action/report from the RTU/PLC • Gaining access to a host through a serial channel nearly impossible • No access to console prompt and/or host operating system commands

  8. SCADA Polling Systems • Proprietary protocols provide protection • Information is stored in custom specific registers are programmed into the devices • Passwords are used at the application layer • Hacker must “replace” the host computer to control RTU/PLC and/or have a copy of the host application as configured for the particular host • Know and understand the exact radio and RTU/PLC models • Know the protocol or have knowledge of specific site logic configuration • Be close enough to override the Master signal

  9. Network Security Analysis • Current security issues with 802.11b wireless LAN solutions • Available protection not enabled by users • Off the shelf solutions provide relatively easy access to physical layer • WEP weaknesses published on Internet • Free software available to help break WEP encryption

  10. Risk Management • Nothing is perfect • Network security is about layering • You can not completely eliminate risk, but you can reduce it to a manageable level

  11. Risks and Mitigation • Eavesdropping • RC4 128 bit encryption • Key cracking • Dynamic key rotation • War driving and “sniffing” • No promiscuous mode of operation • Proprietary physical layer • Not readily available to commodity market

  12. Risks and Mitigation • Unauthorized Network Access • Foreign remote radios • Authorized access list of remotes at Access • Rogue Access Points • Authorized Access Point list at every remote

  13. Risks and Mitigation • Denial of Service attacks • Network overload • Bandwidth limiting • Traffic Prioritization (QoS) • Per remote radio • Per interface • Radio Frequency jamming • Frequency Hopping more resilient than Direct Sequence

  14. Risks and Mitigation • Denial of Service attacks • Network Availability • Remote configuration • All Logins with password protection • Directory attacks • Limited login retries with temporary lockdown • HTTP with MD5 protection • Remote access lockdown • HTTP (web browser) • Telnet • SNMP v3 (encryption)

  15. Risks and Mitigation • Denial of Service • Network availability • Industrial rated devices: Class 1 Div 2 • Industrial MTBF (35 years) • Redundancy (device and system level)

  16. Risks and Mitigation • Intrusion Detection • Early warning notification • SNMP alarms • Login attempts • Successful Login/logout • Configuration changes executed • Unauthorized remote MAC detected • Unauthorized AP MAC detected • Network Wide Device Polling

  17. Security Beyond Wireless • Secure communications end-to-end • Firewalls and Virtual Private Networks are essential to maintaining a secure network • Security policies include physical access • Security is not something you buy, it’s something you practice 24x7

  18. Summary • Wireless communications provides security benefits that a wired environment cannot, but issues still exist • Internal precautions--firewalls and Virtual Private Networks--will help prevent attacks on wireless and wired networks • Industrial wireless networks can be secure despite bad press of commercial products

More Related