1 / 27

Eran Salfati , Amir Ellenbogen , Meir Arad, Yagil Kadmon

Security Standards Implementation To Improve ICS and SCADA Security. Eran Salfati , Amir Ellenbogen , Meir Arad, Yagil Kadmon. Subjects. Introduction. Cyber Attacks. ICS Weakness. Security Model. Case Study. Subjects. Introduction. Cyber Attacks. ICS Weakness. Security Model.

felice
Download Presentation

Eran Salfati , Amir Ellenbogen , Meir Arad, Yagil Kadmon

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Standards Implementation To Improve ICS and SCADA Security EranSalfati, Amir Ellenbogen, Meir Arad, YagilKadmon

  2. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  3. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  4. Introduction • ICS - Industrial Control System: • SCADA - Supervisory Control and Data Acquisition • DCS - Distributed Control Systems • PLC - Programmable Logic Controllers

  5. What is a Cyber Attack? A cyber attack can include a wide variety of computer-based events that could impact: • Confidentiality: violate the security of data or software. Unauthorized access (internal or external) by those without appropriate authorization and “need to know”. • Integrity: unauthorized modification, destroy of data, systems, and information. • Availability: deny access to systems, networks, services, or data. CIA

  6. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  7. Attack Vectors

  8. ICS Security Vs IT Security

  9. Cyber Incidents types

  10. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  11. ICS Weakness • No Authentication • What is the “identity” of an automated system? • How would policies such as “change password monthly” be applied on systems that supposed to run un attended for years? • How do you manage rights for each person? • No Patching • Systems have never needed security patches in the past. • Old: Install a system, replace it in 5 years. • New: Install a system, patch it every month.

  12. ICS Weakness • Denial about how much they are connected to the internet • Belief: not connection at all. • Reality: • numerous uncontrolled connections. • Reality: even network that are separate get connected via • roaming USB drives and laptops.

  13. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  14. Awareness Standardization Efforts • International Society for Automation • International Electro technical Commission • National Institute for Standards and Technology • United State Computer Emergency Readiness Team

  15. ISA 99 Work Products

  16. Control Systems Security Program (CSSP) • The cyber security program must be designed to: • Prevention and Mitigation – Coordinates activities to reduce the likelihood of success and severity of impact of a cyber attack through risk-mitigation activities. • Defense-in Depth – Apply and maintain protective strategies to ensure the capability to detect, respond to, and recover from cyber attacks.

  17. Security Model • A-I-M • A– Assess. • I– Implement. • M– Maintain.

  18. A – Assess • Risk assessments and critical asset identification. • Perform a ICS & SCADA assessment. • Perform a risk analysis • Create a security policy.

  19. A – Assess

  20. A – Assess

  21. I – Implement • Design for desired security level. • Deploy protective measures. • Mitigation. • Test Security.

  22. M – Maintain • Update assessment. • Review and update risk analysis. • Update security policy. • Apply Standards to Future Projects. • Continue to Test your Protected System.

  23. Subjects • Introduction. • Cyber Attacks. • ICS Weakness. • Security Model. • Case Study.

  24. Case Study • This case study is referring to the following SCADA security viewpoints: • Different security stations (computers) on one control network. • HMI software product. • Restrict access. • Cycle pass codes. • No connection to other networks.

  25. Case Study Physical & Hardware hardring • Restricted number of technicians responsible for maintenance. • No CD-ROM drive • No internet access. • No keyboard – touch screen interface only. • Segregated control network, no connection to other networks. • Each computer is locked in a restricted room or cabinet.

  26. Case Study Software Restrictions • No Windows games loaded. • Only runtime versions deployed. • Development computer located in a restricted access room. • Boot up automatically starts application in “run” mode. • In run mode the Windows key and alt key are disabled. • Only a unique key sequence can interrupt the runtime application.

More Related