apta 2006 rail conference

1. APTA 2006 RAIL CONFERENCE Robert P. Evans Idaho National Laboratory Engineer Good morning. As Mr. McDonald indicated, I�m Bob Evans. I�m an engineer at the Idaho National Laboratory in Idaho Falls, Idaho. Unlike most of you, I am not a seasoned transportation professional, but like most of you I am here to learn. The INL is a Department of Energy national laboratory. One of our missions is to assist the Department of Homeland Security in helping organizations to secure control systems against cyber intrusions. This morning I will be talking with you for a few minutes on communications and control system security, specifically in the area of cyber security within the railway industry and what we are doing to assist. I would also recognize Dave Teumim for his contributions in the preparation of this presentation.Good morning. As Mr. McDonald indicated, I�m Bob Evans. I�m an engineer at the Idaho National Laboratory in Idaho Falls, Idaho. Unlike most of you, I am not a seasoned transportation professional, but like most of you I am here to learn. The INL is a Department of Energy national laboratory. One of our missions is to assist the Department of Homeland Security in helping organizations to secure control systems against cyber intrusions. This morning I will be talking with you for a few minutes on communications and control system security, specifically in the area of cyber security within the railway industry and what we are doing to assist. I would also recognize Dave Teumim for his contributions in the preparation of this presentation.

2. Outline Introduce Rail Control System Cyber Security Describe Government Support for this Area Describe APTA Communications Subcommittee Control System Cyber Security Working Group and its Goals Status Report on these Efforts I will start this presentation by introducing the idea of control system cyber security and why it is important, then describe my understanding of how government can assist the industry in this area of cyber security. The role of the APTA Communications Subcommittee�s Control System Cyber Security Working Group will be presented along with its goals. I will then conclude with a brief statement on the status of these efforts. I will start this presentation by introducing the idea of control system cyber security and why it is important, then describe my understanding of how government can assist the industry in this area of cyber security. The role of the APTA Communications Subcommittee�s Control System Cyber Security Working Group will be presented along with its goals. I will then conclude with a brief statement on the status of these efforts.

3. Control System for Rail Controls the system process Provides the control logic and safety functions Provides for the transport and storage of information Includes all the hardware and software including sensors, controllers, actuators, wiring, HMIs, etc. When I talk about a control system for rail, I would suppose that each of you will have some concept in mind, but so that we all have the same understanding, let me just provide some ideas of what I mean when I use the term Control System. A control system is the system that controls a process. This might be everything from switching and signals to fare collections. The control system provides control logic and safety functions for the system. The control system provides transport and storage of information. This could include the wires or radio signals that transport information from the control center to the engineer and the storage of information such as routes and time tables in a data base. The control system consists all of the hardware and software that make up the system. This includes of all the sensors, controllers, actuators, wiring, human-machine interfaces, databases, control programs, etc.When I talk about a control system for rail, I would suppose that each of you will have some concept in mind, but so that we all have the same understanding, let me just provide some ideas of what I mean when I use the term Control System. A control system is the system that controls a process. This might be everything from switching and signals to fare collections. The control system provides control logic and safety functions for the system. The control system provides transport and storage of information. This could include the wires or radio signals that transport information from the control center to the engineer and the storage of information such as routes and time tables in a data base. The control system consists all of the hardware and software that make up the system. This includes of all the sensors, controllers, actuators, wiring, human-machine interfaces, databases, control programs, etc.

4. Attack Targets Petroleum 28% Power and utilities 19% Transportation 16% Chemical 14% Other 23% Eric Byres Why is the government concerned about the cyber security of the railway industry? Our nation is interdependent on many sectors. When any one is threatened, all are threatened. This nation is very dependent on the railroads for the transportation of goods and people that keep out nation running. Because of the openness of our society, rail systems are becoming ever more vulnerable to cyber attacks by those that would wish to damage our nation. The government is therefore concerned about this vulnerability. It is realize that if the rail industry is compromised, it could affect the entire nation and probably the rest of the world. This slide shows targets of cyber attacks as of about a year ago. Although transportation is not the leading target, there have been several documented attacks against transportation organizations. Why is the government concerned about the cyber security of the railway industry? Our nation is interdependent on many sectors. When any one is threatened, all are threatened. This nation is very dependent on the railroads for the transportation of goods and people that keep out nation running. Because of the openness of our society, rail systems are becoming ever more vulnerable to cyber attacks by those that would wish to damage our nation. The government is therefore concerned about this vulnerability. It is realize that if the rail industry is compromised, it could affect the entire nation and probably the rest of the world. This slide shows targets of cyber attacks as of about a year ago. Although transportation is not the leading target, there have been several documented attacks against transportation organizations.

5. Methods of Cyber Attacks on Control Systems Using malware or directed attacks: Disruption of control system operation by delaying or blocking information flow Sending of false information Modification of control system software Interfere with operation of safety systems Making unauthorized changes to program instructions or set points When I talk about attacks I mean everything from malware (i.e., viruses, worms, Trojan horses) to targeted attacks, both from inside and outside the organization. What are some of the methods used to attack control systems? These methods are not unique to transportation or rail. As I go thought you can probably put in how these actions could directly affect your particular agency. The methods include: Disruption of a system by delaying or blocking of information. This action could cause the system to go into a fail-safe mode. Sending out false information such as a train stalled on the track. Modification of the control system software. This could be changing the actions the system takes when a specific signal is received from the track. Interfere with the operations of safety systems such as changing the direction of exhaust fans. Making unauthorized modifications to program instructions or set points.When I talk about attacks I mean everything from malware (i.e., viruses, worms, Trojan horses) to targeted attacks, both from inside and outside the organization. What are some of the methods used to attack control systems? These methods are not unique to transportation or rail. As I go thought you can probably put in how these actions could directly affect your particular agency. The methods include: Disruption of a system by delaying or blocking of information. This action could cause the system to go into a fail-safe mode. Sending out false information such as a train stalled on the track. Modification of the control system software. This could be changing the actions the system takes when a specific signal is received from the track. Interfere with the operations of safety systems such as changing the direction of exhaust fans. Making unauthorized modifications to program instructions or set points.

6. Government Support February, 2003: the National Strategy to Secure Cyberspace called for DHS . . . to work in partnership with industry to �. . . develop best practices . . . to increase security of DCS/SCADA . . .� DHS identified 13 critical infrastructure sectors, including transportation Support for Transportation Security is coming from National Laboratories and National Institute of Standards and Technology Two National Laboratories (Idaho National Laboratory and Sandia National Laboratories) are supporting APTA by co-chairing the Control Systems Security Working Group of the Communications subcommittee. Let me just give you some brief history of the government�s involvement in cyber security. In February of 2003, following the incidents of 9/11, the National Strategy to secure Cyberspace called for the Department of Homeland Security to work with industry to develop best practices to increase the security of control systems. DHS identified 13 infrastructure sectors, including transportation, which are considered critical for our nation�s well being. DHS then enlisted the assistance of the National Laboratories and the National Institute of Standards and Technology to assist with cyber security for industries in these sectors. Two of these National Laboratories (INL and SNL) are supporting APTA by co-chairing a working group to develop recommended practices for cyber security.Let me just give you some brief history of the government�s involvement in cyber security. In February of 2003, following the incidents of 9/11, the National Strategy to secure Cyberspace called for the Department of Homeland Security to work with industry to develop best practices to increase the security of control systems. DHS identified 13 infrastructure sectors, including transportation, which are considered critical for our nation�s well being. DHS then enlisted the assistance of the National Laboratories and the National Institute of Standards and Technology to assist with cyber security for industries in these sectors. Two of these National Laboratories (INL and SNL) are supporting APTA by co-chairing a working group to develop recommended practices for cyber security.

7. Idaho National Laboratory Member of the Standards Awareness Team Multi-Laboratory Team Develop General Requirements for Control System Cyber Security Control System Security Program Assess Vulnerabilities and Risks Enhance Security Awareness Support Standards Bodies National SCADA Test Bed Program Test Commercial Control Systems for Vulnerabilities This is the commercial slide for the Idaho National Laboratory. INL is not one of the better know labs but we hope, within then next few years to become much better known in the transportation community. From the cyber security standpoint, INL is a member of the Standards Awareness Team whose mission is to make organizations aware of the value of standards, guidelines, and recommended practices in securing communication and control systems. We are also trying to develop general requirements that can be used by any organization in developing a cyber security program. PCSRF Our Control System Security Program assists in the assessment of vulnerabilities and risks within organizations, as stated earlier, to enhance security awareness, and support standards bodies. We are not in the business of writing standards but hope to assist those that are. INL is also a member of the National SCADA Test Bed Program which does testing of commercial control systems.This is the commercial slide for the Idaho National Laboratory. INL is not one of the better know labs but we hope, within then next few years to become much better known in the transportation community. From the cyber security standpoint, INL is a member of the Standards Awareness Team whose mission is to make organizations aware of the value of standards, guidelines, and recommended practices in securing communication and control systems. We are also trying to develop general requirements that can be used by any organization in developing a cyber security program. PCSRF Our Control System Security Program assists in the assessment of vulnerabilities and risks within organizations, as stated earlier, to enhance security awareness, and support standards bodies. We are not in the business of writing standards but hope to assist those that are. INL is also a member of the National SCADA Test Bed Program which does testing of commercial control systems.

8. Control System Security Working Group Members represent transit agencies, equipment vendors, engineers, and consultants Goal � produce recommended practices for transit agencies to secure control and communications networks Method � leverage technical documents and standards from other sectors using control systems This brings me to why I am here today. It came to our attention that there was some concern within APTA about cyber security of transportation communication and control systems. We offered to assist APTA in preparing recommended practices. This led to the formation of the Control System Security Working Group. The group consists of members representing transit agencies, equipment vendors, engineers, and consultants within the transportation industry. Our goal is to produce a recommended practice for transit organizations to help secure communications and control networks. We hope to accomplish this goal by leveraging control system cyber security technical documents and standards that have been developed for other sectors and employing the knowledge of transportation communication experts.This brings me to why I am here today. It came to our attention that there was some concern within APTA about cyber security of transportation communication and control systems. We offered to assist APTA in preparing recommended practices. This led to the formation of the Control System Security Working Group. The group consists of members representing transit agencies, equipment vendors, engineers, and consultants within the transportation industry. Our goal is to produce a recommended practice for transit organizations to help secure communications and control networks. We hope to accomplish this goal by leveraging control system cyber security technical documents and standards that have been developed for other sectors and employing the knowledge of transportation communication experts.

9. Resources Available Control system cyber security standards such as ISA-99 NIST 800-82 NERC CIP AGA 12 Some of the technical documents and standards we hope to be able to leverage include such standards as: ISA-99 � Instrumentation, Systems and Automation Society NIST SP800-82 � National Institute of Standards and Technology NERC CIP � North American Electric Reliability Council AGA 12 � American Gas Association These are standards aimed specifically at control systems cyber security.Some of the technical documents and standards we hope to be able to leverage include such standards as: ISA-99 � Instrumentation, Systems and Automation Society NIST SP800-82 � National Institute of Standards and Technology NERC CIP � North American Electric Reliability Council AGA 12 � American Gas Association These are standards aimed specifically at control systems cyber security.

10. Recommended Practice - Preliminary Title � �Recommended practice for a Communication and Control System Security Program within a Transit Agency Part 1 � Evaluation and Decision Making: Relates Control System Security to existing physical, personnel and cyber security efforts and risk assessment/risk management Part 2 � Segmentation of Communication and Control System Networks: A step-by-step method to segment control and communication networks by risk level and apply countermeasures. The Control System Security Working Group has made some preliminary headway in this effort in the preparation of an outline and preliminary draft. This draft was presented to the working group for review yesterday. The document will be titled �Recommended Practice for a Communication and Control System Security Program for a Transit Agency� and will consist of two parts. Part 1 will relate control system security to existing physical and personnel security programs. Part 2 will provide a step-by-step method to segment control and communication networks by risk level and to apply countermeasures. We would invite any that would like to participate in this project to contact either Jon McDonald or me. I will now turn the floor back to the Moderator.The Control System Security Working Group has made some preliminary headway in this effort in the preparation of an outline and preliminary draft. This draft was presented to the working group for review yesterday. The document will be titled �Recommended Practice for a Communication and Control System Security Program for a Transit Agency� and will consist of two parts. Part 1 will relate control system security to existing physical and personnel security programs. Part 2 will provide a step-by-step method to segment control and communication networks by risk level and to apply countermeasures. We would invite any that would like to participate in this project to contact either Jon McDonald or me. I will now turn the floor back to the Moderator.