SlideShare a Scribd company logo

Security Considerations in Process Control and SCADA Environments

Download as PPT, PDF
A
amiable_indian

The document discusses security considerations for process control and SCADA environments. It outlines that security risks increase with technological advances and connectivity. The Department of Homeland Security believes critical infrastructure could be targeted. The document provides guidance on establishing security programs, including risk assessment, policies and procedures, secure network architectures, and recommendations for encryption and secure communications.

1 of 82
Downloaded 467 times
Security Considerations in Process Control and SCADA Environments Rich Clark Industry Security Guidance Wonderware and ArchestrA Business Units Invensys Wonderware
Introduction Security risks come with rapidly evolving technological advances Threat vectors (security holes or technology exploits) appear in rapidly changing technology New security features are built into Wonderware Products and newer Microsoft OS's and toolkits, and are being added to every day. Close coordination with industry organizations ISA and other Guidance Organizations Government Labs and Entities 3rd Party Vendors Microsoft, Security Vendors, Tool Manufacturers, etc.
Context for Discussing PCN/SCADA Security The DHS (Department of Homeland Security) believes that the next major war most likely will be an infrastructure war or will involve disabling our infrastructure There is no such thing as an Enterprise that is 100% secure even though some people want it 80/20 rule for Security The first 80% of threat vectors are relatively inexpensive to secure against The costs and maintenance climb exponentially when attempting to secure the remaining 20%
Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time”
Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time” Remember that: “A properly designed and fully operational Process Control Network (PCN) or SCADA System is greater than the sum of the parts”
Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time” Remember that: “ A properly designed and fully operational Process Control Network (PCN) or SCADA System is greater than the sum of the parts” A central issue to implementation and security Most IT personnel view individual PCN machines as end devices, instead of the whole PCN as the end device This is the fundamental disconnect between Process Control Engineers and IT Personnel
Control Enterprise Definitions What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much!
Control Enterprise Definitions What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much! Industry groups are having trouble categorizing each Enterprise Type because there are too many similarities between them SCADA (Supervisory Control and Data Acquisition) Systems usually have remote, sometimes independent nodes running single tasks PCNs usually perform more complex or a wider variety of tasks than SCADA Systems
Typical Industry Process Control Network (PCN)
Typical Industry SCADA System
Evolution of the Plant The need for protecting and securing PCN/SCADA Systems is mostly due to growth in Proliferation of open platforms and OS’s Wireless technologies Increase in joint ventures/mergers Outsourcing Regulatory mandates Complex plant environments/intelligent equipment Increased connectivity Increased network intrusion
Solution Delivery  Project Completion Complete Enterprise Integration will include the Process Design Solution incorporating the following Industry regulations and regulatory agencies Standards organizations Security risk identification and assessment with appropriate countermeasures Compliance to legacy systems Architectural changes and latest guidance External and internal influences affecting the Enterprise Multiple vendors Company policies and industry best practices
Standards and Regulations To make your job easier, Wonderware is working with these organizations and helping to establish standards MSMUG OPC Standards Committee FDA ISO 900x NERC 1300 Electrical Industry ENISA 460 Euro Control Systems Standards ISA S-99 GAO DHS
Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Awareness and Assessment Review Establish Security Team Define Security Objectives Identify Current Vulnerabilities Establish Security Plan Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Risk Analysis and Assessment Risk is broadly defined as IF a Threat Agent uses a tool, technique, or method to exploit a Vulnerability, THEN a loss of (confidentiality, integrity, or availability) to an Asset may result in an impact Risk Assessment is a methodical process to determine threats, vulnerabilities, and risks to determine what solutions should be put in place A Formal Risk Assessment will produce a probability number from 0-1 of the event occurring Generally speaking, low probability (of occurring) risks are harder to protect against and cost more to do so
Cost of Protection vs Breach Event Probability More Vulnerable to Attack Safer Against Breach Events Cost curve for increasing the protection level Breach events having a high probability of never occurring
Risk Analysis and Assessment (cont.) Sources of threats External Internal Accidental Vulnerabilities
Some Sources of These Threats… General attacker threats Common criminals Organized crime Nation states/ Governments Non state-sponsored terrorism Anti world trade/ Anti globalization activists Regional political activism Animal rights activists Environmental groups Malicious code attack specifically directed against a Customer General malicious code threat Illegal information brokers and freelance agents Competitors, contractors, corporations Disaffected staff (including contractors) Corporate intelligence/ Investigation companies “ Insider” threats including social engineering, espionage, and spoofing people with high access levels Unintentional exposure of vulnerabilities by untrained personnel
Risk Analysis and Assessment (cont.) Sources of threats External Internal Accidental Vulnerabilities As attack software and network tools become more sophisticated, the attacker’s need for technical knowledge of what they are doing is being greatly reduced
Attack Sophistication vs. Intruder Technical Knowledge Sources: Carnegie Mellon University, 2002 and Idaho National Laboratory, 2005 1980 1985 1990 1995 2000 2005 2010 Automated Probes/Scans Password Guessing Self-Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Hijacking Sessions Sweepers Sniffers Distributed Attack Tools Denial of Service GUI Network Management Diagnostics WWW Attacks “ Stealth”/Advanced Scanning Techniques High Low Intruders Back Doors Zombies BOTS Morphing Malicious Code Attack Sophistication Intruder Knowledge Packet Spoofing
Final Note: Vulnerabilities Risk Mitigation The largest vulnerability that existed was open source Operating Systems Microsoft put $10M into tightening up security of Windows XP and 2003 Server last year None of the other open platform Operating Systems manufacturers have committed those kinds of resources to tighten up similar vulnerabilities in their OS’s Microsoft OS Security has become a matter of user identification of risks (risk analysis) and applying specific countermeasures at appropriate levels of OS interaction
Policy and Procedures Established Standards Regulatory Drivers Local and Company Requirements ISO 17799, ISA-SP99, META, CERT, etc. FDA, FERC, NERC, SEC, DEA, etc. Site Policy, Information, Authorizations, etc. Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Establishing Policies and Procedures Create a committee of Subject Matter Experts SMEs should include Process Engineers and IT personnel who are being cross-trained Get Executive buy-in No one is exempt from company security policy including Executive Level…
The Case of the CFO’s Sleeping Notebook Historian – InSQL Application Object Server Application Object Server Application Object Server Instead of shutting down the machine properly, he made the machine sleep keeping the virus in resident memory. Company policy required that all machines connected to the Corp Net be rebooted and virus scanned. They did not enforce this policy at the Executive Level. When it connected to the Corp Net and woke up, the virus spread immediately to all machines that were not properly patched for the particular virus (a lot of them). The Enterprise was down for 2 days. His daughter used the machine to surf the web and it contracted a virus. CFO Notebook Operator Station Operator Station Operator Station Operator Station Development Station Development Station
Establishing Policies and Procedures Create a committee of Subject Matter Experts SMEs should include Process Engineers and IT personnel who are being cross-trained Get Executive buy-in No one is exempt from company security policy including Executive level A security officer is a good idea This position is the single point of contact between outside connections and the PCN This position enforces the policy created by the security committee
Policies and Procedures Establishing Policies and Procedures is the foundation of a solid security strategy Some considerations for user accounts Only validated users Users IDs have unique names with medium to strong passwords Individuals are accountable Restrict access Lockout duration well defined Groups are defined by user access needs and roles Reset any Guest and Default accounts Operator accounts defined/limited by operational area Service accounts on local domain machines are not used to logon to network domains
Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum
Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum Enforce password complexity Some strong password requirements can result in less security because people tend to write these down Do not use strong passwords unless you can enforce social engineering
Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum Enforce password complexity Some strong password requirements can result in less security because people tend to write these down Do not use strong passwords unless you can enforce social engineering Do not store using reversible encryption
Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts
Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts Physical Access Keep locked Have specific personnel directly responsible
Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts Physical Access Keep locked Have specific personnel directly responsible Final Note: You as the engineer or integrator should have a keen awareness of all these issues before the project even starts!
Security Solution Solution Design Solution Recommendations Solution Implementation Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Security Ecosystem Security perspective of a manufacturing and/or industrial ecosystem System Architecture External and Internal Influence Vendors Policies and Procedures Platform Vendor Automation Software Vendor Standards
Security Ecosystem
Requirements for a Secure Network Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer Bury any vulnerabilities inside of secure layers!
Requirements for a Secure Network Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer. Bury any vulnerabilities inside of secure layers! Do not put Corporate and Plant networks on the same domain No secure and insecure protocols on same network Continually monitor, create alerting and diagnostics of plant network control systems, and look for any “backdoor” integration to the corporate network
Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Switches Routers Firewalls Connectivity
Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Protocols and Communications Host Software Operating Systems Virus Protection Intrusion Protection Switches Routers Firewalls Connectivity
Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Protocols and Communications Host Software Operating Systems Virus Protection Intrusion Protection Recommendation: Define the Enterprise into Secure Areas (Layers or Rings) Switches Routers Firewalls Connectivity
Current Designs of Secure Architectures: SCADA Legacy HMI OPC or SuiteLink Enabled Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm History Viewer Other WW DB Viewers PLCs Sub-station Network Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server AOS Platform DI Network Object AOS Platform DI Network Object SCADA Com Manager PLCs Proprietary Distributed SCADA Communications Infrastructure Firewall Firewall Firewall Supervisory Control Network TCP/IP Distributed SCADA Communications Infrastructure InTouch Platform Active Factory Alarm History Viewer Other WW DB Viewers PLCs Sub-station Network
Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network
Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network This is a Serious Data Bottleneck
Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network This is all the same logon/admin domain. The PCN is susceptible to Corp Net failure and attacks.
Current Wonderware Architecture Guidance Secure Area (Effective DMZ) The whole domain is an “ End Device”
Current Wonderware Architecture Guidance Only one single point of ingress/ egress
Current Wonderware Architecture Guidance ActiveDirectory Manages Users and PCN Domain Security
Current Wonderware Architecture Guidance Only minimal traffic passes here
Current Wonderware Architecture Guidance This network only carries PCN traffic. No corporate spending projections. No emails to Aunt Hildebrandt. No web surfing to see how my stocks are doing.
Data Communications and Protocols Getting data securely from one place to another requires some forethought and understanding Data is usually binary, hexadecimal, or text (ASCII) Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual Private Network (VPN) which uses IPSec as a tunneling protocol
Data Communications and Protocols IPSec co-processor and firewall cards installed here.
Data Communications and Protocols IPSec Appliance (small router) installed here
Data Communications and Protocols Edge Device (represents a single router or router pair)
Data Communications and Protocols Getting data securely from one place to another requires some forethought and understanding Data is usually binary, hexadecimal, or text (ASCII) Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual Private Network (VPN) which uses IPSec as a tunneling protocol Limiting it through specific ports with DCOM Config Certain ports are used by every software manufacturer that has to have access to security or domain services, including Kerberos, Terminal Services, HTTP; anything whether TCP or UDP DCOM is also used to request or start services or programs (using RPC), which makes it viewed by some IT departments as something that cannot be used
OSI Model and the Security Schemes DCOM and port selection occurs in this layer above the TDI. (Transport Driver Interface) It is difficult to secure the processes. IPSec Occurs in this layer mostly below the TDI and at the kernel level and the data is secure before it gets into the machine.
Final Solution Requirements May Include: Retention of forensic information to support investigation/legal litigation Secure connectivity to wireless devices Doing these exercises will ensure that major elements are considered and incorporated into the final design and include People Process Policies Products
Security Considerations Site Networks and Control System Security Approach View from management and technical perspective Address solutions from the IT and Process Control System perspectives Design/develop multiple layers of network, system, and application security Ensure compliance with industry, regulatory, and international standards
Total Security Design Considerations Following these steps will prevent Process Control Networks (PCNs) from being implemented in pieces that will result in inconsistent or unsafe security designs Develop security policy Define requirements to implement a secure process environment Develop plan to implement security Implement the PCN without tightening down the machines Only after the above steps are complete… Apply the security policies and plan once the PCN is operating correctly!
Final Solution Thoughts: Creating Infrastructure Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc.
Final Solution Thoughts: Creating Infrastructure Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc. Final Review: Compliance with your company’s established Security Policy Make sure the devices that you select for the solution will do what they are supposed to in relation to your established security policies and requirements Firewalls, Routers, Switches Domain Controllers Physical Networks Remote Access Devices Wireless Access
Security Program Performance Management Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Security Program Performance Management Continual Monitoring and Alerting Yearly Review and Auditing Periodic Testing and Validation Continual Updating of Security System Requirements Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
Security Lifecycle Project Management Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures
Security Lifecycle Project Management Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Define Component Test Plans
Security Lifecycle Project Management Finalize Operational Security Measures Perform Pre-Installation Integration Test Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Perform Validation Test on Installed System Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Test Countermeasures Define Component Test Plans
Security Lifecycle Project Management Reevaluate Security Countermeasures (Break-in or Major Plant Change) Periodic Audit and Compliance Measures Routine Security Reporting and Analysis Finalize Operational Security Measures Perform Pre-Installation Integration Test System Goes Operational Here Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Perform Validation Test on Installed System Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Test Countermeasures Define Component Test Plans
Security Program Performance Management Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets Excessive numbers of Logon attempts is a good indicator Do your own packet monitoring and set up alarms for out of parameter or unusual activity Educate your personnel—all users of the systems —to look for and report anything unusual or out-of-the-ordinary
Security Program Performance Management Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets Excessive numbers of Logon attempts is a good indicator Do your own packet monitoring and set up alarms for out of parameter or unusual activity Educate your personnel—all users of the systems —to look for and report anything unusual or out-of-the-ordinary Monitoring and Alerts also give metrics on the health of the PCN and security systems If unusual activity is noted, fix it before it brings the system down
Security Program Performance Management The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not make sense in a PCN/SCADA environment
Security Program Performance Management The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not make sense in a PCN/SCADA environment Audit your metrics to be sure they make sense Some attacks can be long-term and can be disguised within expected data Some regulatory agencies may require audits of your PCN/SCADA security in the future Start doing this on your own before it is required so you can understand your processes when the time comes!
In Summary… You must understand the corporate security policies They should be formal policies and they should be written out—if not, it could be a slippery slope
In Summary… You must understand the corporate security policies They should be formal policies and they should be written out—if not, it could be a slippery slope The application integration must be constructed with the corporate security policies in mind In some cases it will not be possible to adhere to corporate IT policies because of cumulative poor IT security definition practices or deficient network design Mitigation strategies should be addressed up front for any perceived security breaches Common mitigation strategies include asking why a specific security policy is in place and doing a risk analysis of this perceived threat Additional mitigation strategies include burying the perceived breach inside of a secure layer or DMZ
Additional Resources Best Practices Guidelines V1.0 document from the Microsoft Manufacturing Users Group, available at http://www.omac.org/wgs/MfgInfsrct/MSMUG/msmug_default.htm Microsoft Security Guidance http://www.microsoft.com/security/guidance ArchestrA Community http://www.ArchestrA.biz GAO Documents (GAO-04-354 and GAO-04-321) Department of Homeland Security http://www.dhs.gov/dhspublic/ ISA http://www.isa.org/
Additional Resources Antivirus Technical Article http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002098.htm Wonderware Security White Paper http://dominoext.wonderware.com/PublicWWR5/PromoCol.nsf/wwwhite/0E58BBBF3F73885388257003005A5641/$file/SecurityWP_May16_color_Final.pdf Wonderware Security Resource Center http://www.wonderware.com/support/security/
Your Presenter has been… Please drop me an email if you have any security related questions. Customer Security Guidance
Thank You Very Much! The complete Basic Security Class is available online. Look for the schedule of all the Online Seminars at: www.wonderware.com/Training
Thank You Very Much! QUESTIONS? Customer Security Guidance
Ad

Recommended

Wonderware Intelligence Software Scenario
Wonderware Intelligence Software ScenarioWonderware Intelligence Software Scenario
Wonderware Intelligence Software Scenario
Greg Dubiel
 
Ivanti New Pricing Model
Ivanti New Pricing ModelIvanti New Pricing Model
Ivanti New Pricing Model
Ivanti
 
From Disaster to Recovery: Preparing Your IT for the Unexpected
From Disaster to Recovery: Preparing Your IT for the UnexpectedFrom Disaster to Recovery: Preparing Your IT for the Unexpected
From Disaster to Recovery: Preparing Your IT for the Unexpected
DataCore Software
 
Afl rim capabilities
Afl rim capabilitiesAfl rim capabilities
Afl rim capabilities
shaun_raghavan
 
What You Didn't Know About Data Centre Audit Certification?
What You Didn't Know About Data Centre Audit Certification?What You Didn't Know About Data Centre Audit Certification?
What You Didn't Know About Data Centre Audit Certification?
jing ing
 
Implementing security and controls in people soft best practices - may 2017
Implementing security and controls in people soft best practices - may 2017Implementing security and controls in people soft best practices - may 2017
Implementing security and controls in people soft best practices - may 2017
Smart ERP Solutions, Inc.
 
Smart DataCenters
Smart DataCentersSmart DataCenters
Smart DataCenters
Subbaram Gowra
 
Haloteq Presentation
Haloteq PresentationHaloteq Presentation
Haloteq Presentation
mhaynes2010
 
Remote Infrastructure Management Services
Remote Infrastructure Management ServicesRemote Infrastructure Management Services
Remote Infrastructure Management Services
Kryptos Technologies
 
Executive DCIM
Executive DCIMExecutive DCIM
Executive DCIM
Viridity Software
 
Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)
KNOWARTH - Software Development Company
 
9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance
Sunbird DCIM
 
ANS Solution Portfolio
ANS Solution PortfolioANS Solution Portfolio
ANS Solution Portfolio
jclauer
 
Infrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And DesignInfrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And Design
Alan McSweeney
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)
SP Home Run Inc.
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product Development
Alexey Pyshkin
 
Introduction to Event Driven Architecture
Introduction to Event Driven ArchitectureIntroduction to Event Driven Architecture
Introduction to Event Driven Architecture
CitiusTech
 
The Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds HackThe Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds Hack
Nicole Fucile-Borsian
 
Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)
MD. IFTEKARUL ALAM
 
Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1
SimonJShort
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Schneider Electric
 
Better Data Center Infrastructure Management
Better Data Center Infrastructure ManagementBetter Data Center Infrastructure Management
Better Data Center Infrastructure Management
Viridity Software
 
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
Jürgen Ambrosi
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Kenneth de Brucq
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
CTI Group
 
"How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko "How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko
Fwdays
 
Understanding WhatData Center Security Is
Understanding WhatData Center Security IsUnderstanding WhatData Center Security Is
Understanding WhatData Center Security Is
manoharparakh
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmware
Anton An
 
TSE SCADA Design presentation new
TSE SCADA Design presentation newTSE SCADA Design presentation new
TSE SCADA Design presentation new
Mohamed ElSirsy
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
ericv83
 
Ad

More Related Content

What's hot (20)

Remote Infrastructure Management Services
Remote Infrastructure Management ServicesRemote Infrastructure Management Services
Remote Infrastructure Management Services
Kryptos Technologies
 
Executive DCIM
Executive DCIMExecutive DCIM
Executive DCIM
Viridity Software
 
Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)
KNOWARTH - Software Development Company
 
9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance
Sunbird DCIM
 
ANS Solution Portfolio
ANS Solution PortfolioANS Solution Portfolio
ANS Solution Portfolio
jclauer
 
Infrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And DesignInfrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And Design
Alan McSweeney
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)
SP Home Run Inc.
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product Development
Alexey Pyshkin
 
Introduction to Event Driven Architecture
Introduction to Event Driven ArchitectureIntroduction to Event Driven Architecture
Introduction to Event Driven Architecture
CitiusTech
 
The Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds HackThe Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds Hack
Nicole Fucile-Borsian
 
Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)
MD. IFTEKARUL ALAM
 
Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1
SimonJShort
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Schneider Electric
 
Better Data Center Infrastructure Management
Better Data Center Infrastructure ManagementBetter Data Center Infrastructure Management
Better Data Center Infrastructure Management
Viridity Software
 
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
Jürgen Ambrosi
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Kenneth de Brucq
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
CTI Group
 
"How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko "How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko
Fwdays
 
Understanding WhatData Center Security Is
Understanding WhatData Center Security IsUnderstanding WhatData Center Security Is
Understanding WhatData Center Security Is
manoharparakh
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmware
Anton An
 
Remote Infrastructure Management Services
Remote Infrastructure Management ServicesRemote Infrastructure Management Services
Remote Infrastructure Management Services
Kryptos Technologies
 
Executive DCIM
Executive DCIMExecutive DCIM
Executive DCIM
Viridity Software
 
Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)Remote Infrastructure Management Services (RIMS)
Remote Infrastructure Management Services (RIMS)
KNOWARTH - Software Development Company
 
9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance9 Best Practices for Data Center Maintenance
9 Best Practices for Data Center Maintenance
Sunbird DCIM
 
ANS Solution Portfolio
ANS Solution PortfolioANS Solution Portfolio
ANS Solution Portfolio
jclauer
 
Infrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And DesignInfrastructure And Application Consolidation Analysis And Design
Infrastructure And Application Consolidation Analysis And Design
Alan McSweeney
 
Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)Data Center Checklist for Infrastructure Best Practices (SlideShare)
Data Center Checklist for Infrastructure Best Practices (SlideShare)
SP Home Run Inc.
 
Decision Matrix for IoT Product Development
Decision Matrix for IoT Product DevelopmentDecision Matrix for IoT Product Development
Decision Matrix for IoT Product Development
Alexey Pyshkin
 
Introduction to Event Driven Architecture
Introduction to Event Driven ArchitectureIntroduction to Event Driven Architecture
Introduction to Event Driven Architecture
CitiusTech
 
The Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds HackThe Seismic Impact of the SolarWinds Hack
The Seismic Impact of the SolarWinds Hack
Nicole Fucile-Borsian
 
Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)Data Center Infrastructure Management(DCIM)
Data Center Infrastructure Management(DCIM)
MD. IFTEKARUL ALAM
 
Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1Iesiqs General Presentation Sj Srev1
Iesiqs General Presentation Sj Srev1
SimonJShort
 
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Cybersecurity for Industrial Plants: Threats and Defense Approach - Dave Hreha
Schneider Electric
 
Better Data Center Infrastructure Management
Better Data Center Infrastructure ManagementBetter Data Center Infrastructure Management
Better Data Center Infrastructure Management
Viridity Software
 
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
4° Sessione VMware Horizon: la piattaforma per l’erogazione e la gestione di ...
Jürgen Ambrosi
 
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Dell Solutions Tour 2015 - Chromebook - Dell og Google viser vei, Ross Mahon ...
Kenneth de Brucq
 
Dell Endpoint Systems Management Solutions
Dell Endpoint Systems Management SolutionsDell Endpoint Systems Management Solutions
Dell Endpoint Systems Management Solutions
CTI Group
 
"How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko "How to document your decisions", Dmytro Ovcharenko
"How to document your decisions", Dmytro Ovcharenko
Fwdays
 
Understanding WhatData Center Security Is
Understanding WhatData Center Security IsUnderstanding WhatData Center Security Is
Understanding WhatData Center Security Is
manoharparakh
 
Private cloud with vmware
Private cloud with vmwarePrivate cloud with vmware
Private cloud with vmware
Anton An
 

Viewers also liked (7)

TSE SCADA Design presentation new
TSE SCADA Design presentation newTSE SCADA Design presentation new
TSE SCADA Design presentation new
Mohamed ElSirsy
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
ericv83
 
What's New in Wonderware InTouch Access Anywhere v.122015
What's New in Wonderware InTouch Access Anywhere v.122015What's New in Wonderware InTouch Access Anywhere v.122015
What's New in Wonderware InTouch Access Anywhere v.122015
Katie Schauer
 
Wonderware tutorial
Wonderware tutorialWonderware tutorial
Wonderware tutorial
Dian Herpadiana, S.T.
 
InTouch HMI SCADA
InTouch HMI SCADA InTouch HMI SCADA
InTouch HMI SCADA
Wonderware United Kingdom
 
Scada architecture
Scada architectureScada architecture
Scada architecture
invincibleneo
 
Scada System
Scada SystemScada System
Scada System
Arifbhatti
 
TSE SCADA Design presentation new
TSE SCADA Design presentation newTSE SCADA Design presentation new
TSE SCADA Design presentation new
Mohamed ElSirsy
 
Guide to industrial control systems (ics) security
Guide to industrial control systems (ics) securityGuide to industrial control systems (ics) security
Guide to industrial control systems (ics) security
ericv83
 
What's New in Wonderware InTouch Access Anywhere v.122015
What's New in Wonderware InTouch Access Anywhere v.122015What's New in Wonderware InTouch Access Anywhere v.122015
What's New in Wonderware InTouch Access Anywhere v.122015
Katie Schauer
 
Wonderware tutorial
Wonderware tutorialWonderware tutorial
Wonderware tutorial
Dian Herpadiana, S.T.
 
InTouch HMI SCADA
InTouch HMI SCADA InTouch HMI SCADA
InTouch HMI SCADA
Wonderware United Kingdom
 
Scada architecture
Scada architectureScada architecture
Scada architecture
invincibleneo
 
Scada System
Scada SystemScada System
Scada System
Arifbhatti
 
Ad

Similar to Security Considerations in Process Control and SCADA Environments (20)

It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
Lumension
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
StevenTharp2
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
AMI Security 101 - Smart Grid Security East 2011
AMI Security 101 - Smart Grid Security East 2011AMI Security 101 - Smart Grid Security East 2011
AMI Security 101 - Smart Grid Security East 2011
dma1965
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
Ivanti
 
Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection Solution
Info-Tech Research Group
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
YoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
VictoriaChavesta
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
Ben Rothke
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Risk Management
Risk ManagementRisk Management
Risk Management
ijtsrd
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Risk Assessment Methodologies
Risk Assessment MethodologiesRisk Assessment Methodologies
Risk Assessment Methodologies
Philippe A. R. Schaeffer
 
Phi 235 social media security users guide presentation
Phi 235 social media security users guide presentationPhi 235 social media security users guide presentation
Phi 235 social media security users guide presentation
Alan Holyoke
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
Lumension
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
Core Security Technologies
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
jeanettehully
 
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docxRunning Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
Running Head RISK, THREAT AND VULNERABILITY MANAGEMENT .docx
todd521
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
StevenTharp2
 
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local GovernmentTIG / Infocyte: Proactive Cybersecurity for State and Local Government
TIG / Infocyte: Proactive Cybersecurity for State and Local Government
Infocyte
 
Risk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs ProvidedRisk Mitigation Plan Based On Inputs Provided
Risk Mitigation Plan Based On Inputs Provided
Tiffany Graham
 
Managing security threats in today’s enterprise
Managing security threats in today’s enterpriseManaging security threats in today’s enterprise
Managing security threats in today’s enterprise
Quick Heal Technologies Ltd.
 
AMI Security 101 - Smart Grid Security East 2011
AMI Security 101 - Smart Grid Security East 2011AMI Security 101 - Smart Grid Security East 2011
AMI Security 101 - Smart Grid Security East 2011
dma1965
 
OSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the UnionOSB50: Operational Security: State of the Union
OSB50: Operational Security: State of the Union
Ivanti
 
Select and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection SolutionSelect and Implement a Next Generation Endpoint Protection Solution
Select and Implement a Next Generation Endpoint Protection Solution
Info-Tech Research Group
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
YoisRoberthTapiadeLa
 
Fortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptxFortify-Application_Security_Foundation_Training.pptx
Fortify-Application_Security_Foundation_Training.pptx
VictoriaChavesta
 
Info Sec2007 End Point Final
Info Sec2007 End Point FinalInfo Sec2007 End Point Final
Info Sec2007 End Point Final
Ben Rothke
 
Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.Cyber Security protection by MultiPoint Ltd.
Cyber Security protection by MultiPoint Ltd.
Ricardo Resnik
 
Risk Management
Risk ManagementRisk Management
Risk Management
ijtsrd
 
Causes And Consequences Of Data Leakage
Causes And Consequences Of Data LeakageCauses And Consequences Of Data Leakage
Causes And Consequences Of Data Leakage
Patty Buckley
 
Risk Assessment Methodologies
Risk Assessment MethodologiesRisk Assessment Methodologies
Risk Assessment Methodologies
Philippe A. R. Schaeffer
 
Phi 235 social media security users guide presentation
Phi 235 social media security users guide presentationPhi 235 social media security users guide presentation
Phi 235 social media security users guide presentation
Alan Holyoke
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
centralohioissa
 
Ad

More from amiable_indian (20)

Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
amiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
amiable_indian
 
Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
amiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
amiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
amiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
amiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
amiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
amiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
amiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
amiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
amiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
amiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
amiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
amiable_indian
 

Recently uploaded (20)

Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 
Heap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and DeletionHeap, Types of Heap, Insertion and Deletion
Heap, Types of Heap, Insertion and Deletion
Jaydeep Kale
 
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
AI EngineHost Review: Revolutionary USA Datacenter-Based Hosting with NVIDIA ...
SOFTTECHHUB
 
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In FranceManifest Pre-Seed Update | A Humanoid OEM Deeptech In France
Manifest Pre-Seed Update | A Humanoid OEM Deeptech In France
chb3
 
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-UmgebungenHCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
HCL Nomad Web – Best Practices und Verwaltung von Multiuser-Umgebungen
panagenda
 
Cyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of securityCyber Awareness overview for 2025 month of security
Cyber Awareness overview for 2025 month of security
riccardosl1
 
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes Partner Innovation Updates for May 2025
ThousandEyes
 
What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...What is Model Context Protocol(MCP) - The new technology for communication bw...
What is Model Context Protocol(MCP) - The new technology for communication bw...
Vishnu Singh Chundawat
 
Rusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond SparkRusty Waters: Elevating Lakehouses Beyond Spark
Rusty Waters: Elevating Lakehouses Beyond Spark
carlyakerly1
 
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul Shares 5 Steps to Implement AI Agents for Maximum Business Efficien...
Noah Loul
 
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
AI Changes Everything – Talk at Cardiff Metropolitan University, 29th April 2...
Alan Dix
 
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdfThe Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
The Evolution of Meme Coins A New Era for Digital Currency ppt.pdf
Abi john
 
Procurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptxProcurement Insights Cost To Value Guide.pptx
Procurement Insights Cost To Value Guide.pptx
Jon Hansen
 
AI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global TrendsAI and Data Privacy in 2025: Global Trends
AI and Data Privacy in 2025: Global Trends
InData Labs
 
Quantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur MorganQuantum Computing Quick Research Guide by Arthur Morgan
Quantum Computing Quick Research Guide by Arthur Morgan
Arthur Morgan
 
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager APIUiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPath Community Berlin: Orchestrator API, Swagger, and Test Manager API
UiPathCommunity
 
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
IEDM 2024 Tutorial2_Advances in CMOS Technologies and Future Directions for C...
organizerofv
 
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc Webinar: Consumer Expectations vs Corporate Realities on Data Broker...
TrustArc
 
tecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdftecnologias de las primeras civilizaciones.pdf
tecnologias de las primeras civilizaciones.pdf
fjgm517
 
Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)Into The Box Conference Keynote Day 1 (ITB2025)
Into The Box Conference Keynote Day 1 (ITB2025)
Ortus Solutions, Corp
 
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptxIncreasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Increasing Retail Store Efficiency How can Planograms Save Time and Money.pptx
Anoop Ashok
 

Security Considerations in Process Control and SCADA Environments

  • 1. Security Considerations in Process Control and SCADA Environments Rich Clark Industry Security Guidance Wonderware and ArchestrA Business Units Invensys Wonderware
  • 2. Introduction Security risks come with rapidly evolving technological advances Threat vectors (security holes or technology exploits) appear in rapidly changing technology New security features are built into Wonderware Products and newer Microsoft OS's and toolkits, and are being added to every day. Close coordination with industry organizations ISA and other Guidance Organizations Government Labs and Entities 3rd Party Vendors Microsoft, Security Vendors, Tool Manufacturers, etc.
  • 3. Context for Discussing PCN/SCADA Security The DHS (Department of Homeland Security) believes that the next major war most likely will be an infrastructure war or will involve disabling our infrastructure There is no such thing as an Enterprise that is 100% secure even though some people want it 80/20 rule for Security The first 80% of threat vectors are relatively inexpensive to secure against The costs and maintenance climb exponentially when attempting to secure the remaining 20%
  • 4. Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time”
  • 5. Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time” Remember that: “A properly designed and fully operational Process Control Network (PCN) or SCADA System is greater than the sum of the parts”
  • 6. Context for Discussing PCN/SCADA Security (cont.) Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions in Real Time” Remember that: “ A properly designed and fully operational Process Control Network (PCN) or SCADA System is greater than the sum of the parts” A central issue to implementation and security Most IT personnel view individual PCN machines as end devices, instead of the whole PCN as the end device This is the fundamental disconnect between Process Control Engineers and IT Personnel
  • 7. Control Enterprise Definitions What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much!
  • 8. Control Enterprise Definitions What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much! Industry groups are having trouble categorizing each Enterprise Type because there are too many similarities between them SCADA (Supervisory Control and Data Acquisition) Systems usually have remote, sometimes independent nodes running single tasks PCNs usually perform more complex or a wider variety of tasks than SCADA Systems
  • 9. Typical Industry Process Control Network (PCN)
  • 11. Evolution of the Plant The need for protecting and securing PCN/SCADA Systems is mostly due to growth in Proliferation of open platforms and OS’s Wireless technologies Increase in joint ventures/mergers Outsourcing Regulatory mandates Complex plant environments/intelligent equipment Increased connectivity Increased network intrusion
  • 12. Solution Delivery  Project Completion Complete Enterprise Integration will include the Process Design Solution incorporating the following Industry regulations and regulatory agencies Standards organizations Security risk identification and assessment with appropriate countermeasures Compliance to legacy systems Architectural changes and latest guidance External and internal influences affecting the Enterprise Multiple vendors Company policies and industry best practices
  • 13. Standards and Regulations To make your job easier, Wonderware is working with these organizations and helping to establish standards MSMUG OPC Standards Committee FDA ISO 900x NERC 1300 Electrical Industry ENISA 460 Euro Control Systems Standards ISA S-99 GAO DHS
  • 14. Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 15. Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 16. Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 17. Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 18. Establishing a Security Program for the PCN Create a formal project and address the following topics Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 19. Awareness and Assessment Review Establish Security Team Define Security Objectives Identify Current Vulnerabilities Establish Security Plan Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 20. Risk Analysis and Assessment Risk is broadly defined as IF a Threat Agent uses a tool, technique, or method to exploit a Vulnerability, THEN a loss of (confidentiality, integrity, or availability) to an Asset may result in an impact Risk Assessment is a methodical process to determine threats, vulnerabilities, and risks to determine what solutions should be put in place A Formal Risk Assessment will produce a probability number from 0-1 of the event occurring Generally speaking, low probability (of occurring) risks are harder to protect against and cost more to do so
  • 21. Cost of Protection vs Breach Event Probability More Vulnerable to Attack Safer Against Breach Events Cost curve for increasing the protection level Breach events having a high probability of never occurring
  • 22. Risk Analysis and Assessment (cont.) Sources of threats External Internal Accidental Vulnerabilities
  • 23. Some Sources of These Threats… General attacker threats Common criminals Organized crime Nation states/ Governments Non state-sponsored terrorism Anti world trade/ Anti globalization activists Regional political activism Animal rights activists Environmental groups Malicious code attack specifically directed against a Customer General malicious code threat Illegal information brokers and freelance agents Competitors, contractors, corporations Disaffected staff (including contractors) Corporate intelligence/ Investigation companies “ Insider” threats including social engineering, espionage, and spoofing people with high access levels Unintentional exposure of vulnerabilities by untrained personnel
  • 24. Risk Analysis and Assessment (cont.) Sources of threats External Internal Accidental Vulnerabilities As attack software and network tools become more sophisticated, the attacker’s need for technical knowledge of what they are doing is being greatly reduced
  • 25. Attack Sophistication vs. Intruder Technical Knowledge Sources: Carnegie Mellon University, 2002 and Idaho National Laboratory, 2005 1980 1985 1990 1995 2000 2005 2010 Automated Probes/Scans Password Guessing Self-Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Hijacking Sessions Sweepers Sniffers Distributed Attack Tools Denial of Service GUI Network Management Diagnostics WWW Attacks “ Stealth”/Advanced Scanning Techniques High Low Intruders Back Doors Zombies BOTS Morphing Malicious Code Attack Sophistication Intruder Knowledge Packet Spoofing
  • 26. Final Note: Vulnerabilities Risk Mitigation The largest vulnerability that existed was open source Operating Systems Microsoft put $10M into tightening up security of Windows XP and 2003 Server last year None of the other open platform Operating Systems manufacturers have committed those kinds of resources to tighten up similar vulnerabilities in their OS’s Microsoft OS Security has become a matter of user identification of risks (risk analysis) and applying specific countermeasures at appropriate levels of OS interaction
  • 27. Policy and Procedures Established Standards Regulatory Drivers Local and Company Requirements ISO 17799, ISA-SP99, META, CERT, etc. FDA, FERC, NERC, SEC, DEA, etc. Site Policy, Information, Authorizations, etc. Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 28. Establishing Policies and Procedures Create a committee of Subject Matter Experts SMEs should include Process Engineers and IT personnel who are being cross-trained Get Executive buy-in No one is exempt from company security policy including Executive Level…
  • 29. The Case of the CFO’s Sleeping Notebook Historian – InSQL Application Object Server Application Object Server Application Object Server Instead of shutting down the machine properly, he made the machine sleep keeping the virus in resident memory. Company policy required that all machines connected to the Corp Net be rebooted and virus scanned. They did not enforce this policy at the Executive Level. When it connected to the Corp Net and woke up, the virus spread immediately to all machines that were not properly patched for the particular virus (a lot of them). The Enterprise was down for 2 days. His daughter used the machine to surf the web and it contracted a virus. CFO Notebook Operator Station Operator Station Operator Station Operator Station Development Station Development Station
  • 30. Establishing Policies and Procedures Create a committee of Subject Matter Experts SMEs should include Process Engineers and IT personnel who are being cross-trained Get Executive buy-in No one is exempt from company security policy including Executive level A security officer is a good idea This position is the single point of contact between outside connections and the PCN This position enforces the policy created by the security committee
  • 31. Policies and Procedures Establishing Policies and Procedures is the foundation of a solid security strategy Some considerations for user accounts Only validated users Users IDs have unique names with medium to strong passwords Individuals are accountable Restrict access Lockout duration well defined Groups are defined by user access needs and roles Reset any Guest and Default accounts Operator accounts defined/limited by operational area Service accounts on local domain machines are not used to logon to network domains
  • 32. Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum
  • 33. Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum Enforce password complexity Some strong password requirements can result in less security because people tend to write these down Do not use strong passwords unless you can enforce social engineering
  • 34. Policies and Procedures (continued) Passwords Enforce password history to limit reuse of old passwords Enforce password aging to force interval changing of passwords Enforce minimum password length Usually 7 or 8 characters minimum Enforce password complexity Some strong password requirements can result in less security because people tend to write these down Do not use strong passwords unless you can enforce social engineering Do not store using reversible encryption
  • 35. Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts
  • 36. Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts Physical Access Keep locked Have specific personnel directly responsible
  • 37. Policies and Procedures (continued) Remote Access Limit access by defining access based upon needs Check all equipment brought to the site Separate role based user groups for temporary accounts —review often Define/document all outside access routes and accounts Physical Access Keep locked Have specific personnel directly responsible Final Note: You as the engineer or integrator should have a keen awareness of all these issues before the project even starts!
  • 38. Security Solution Solution Design Solution Recommendations Solution Implementation Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 39. Security Ecosystem Security perspective of a manufacturing and/or industrial ecosystem System Architecture External and Internal Influence Vendors Policies and Procedures Platform Vendor Automation Software Vendor Standards
  • 41. Requirements for a Secure Network Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer Bury any vulnerabilities inside of secure layers!
  • 42. Requirements for a Secure Network Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer. Bury any vulnerabilities inside of secure layers! Do not put Corporate and Plant networks on the same domain No secure and insecure protocols on same network Continually monitor, create alerting and diagnostics of plant network control systems, and look for any “backdoor” integration to the corporate network
  • 43. Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Switches Routers Firewalls Connectivity
  • 44. Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Protocols and Communications Host Software Operating Systems Virus Protection Intrusion Protection Switches Routers Firewalls Connectivity
  • 45. Secure Architectures Secure systems are directly related to Infrastructure Servers Workstations Ethernet Cables Fiber Optics Protocols and Communications Host Software Operating Systems Virus Protection Intrusion Protection Recommendation: Define the Enterprise into Secure Areas (Layers or Rings) Switches Routers Firewalls Connectivity
  • 46. Current Designs of Secure Architectures: SCADA Legacy HMI OPC or SuiteLink Enabled Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm History Viewer Other WW DB Viewers PLCs Sub-station Network Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server AOS Platform DI Network Object AOS Platform DI Network Object SCADA Com Manager PLCs Proprietary Distributed SCADA Communications Infrastructure Firewall Firewall Firewall Supervisory Control Network TCP/IP Distributed SCADA Communications Infrastructure InTouch Platform Active Factory Alarm History Viewer Other WW DB Viewers PLCs Sub-station Network
  • 47. Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network
  • 48. Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network This is a Serious Data Bottleneck
  • 49. Current Designs of Secure Architectures: PCN Firewall Client PC with Active Factory SuiteVoyager Client Win Terminal Client HMI Win Terminal Client Dev Other Corporate IT Functions Corporate Network Infrastructure Firewall InSQL Server Platform / AlarmDB Other WW Databases SuiteVoyager Platform Win Terminal Server Platform InTouch TSE FS A 2 Dev TSE DMZ InTouch Platform ActiveFactory Alarm Clients QI Client Router PLCs Factory Floor Network (TCP/IP) Optional Firewall SCADAlarm With Modem and Monitored DO line Galaxy Repository InTouch file server TSE server IDE AOS Platform DI Network Object PLCs Non TCP/IP based PLC Network Process Control Network This is all the same logon/admin domain. The PCN is susceptible to Corp Net failure and attacks.
  • 50. Current Wonderware Architecture Guidance Secure Area (Effective DMZ) The whole domain is an “ End Device”
  • 51. Current Wonderware Architecture Guidance Only one single point of ingress/ egress
  • 52. Current Wonderware Architecture Guidance ActiveDirectory Manages Users and PCN Domain Security
  • 53. Current Wonderware Architecture Guidance Only minimal traffic passes here
  • 54. Current Wonderware Architecture Guidance This network only carries PCN traffic. No corporate spending projections. No emails to Aunt Hildebrandt. No web surfing to see how my stocks are doing.
  • 55. Data Communications and Protocols Getting data securely from one place to another requires some forethought and understanding Data is usually binary, hexadecimal, or text (ASCII) Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual Private Network (VPN) which uses IPSec as a tunneling protocol
  • 56. Data Communications and Protocols IPSec co-processor and firewall cards installed here.
  • 57. Data Communications and Protocols IPSec Appliance (small router) installed here
  • 58. Data Communications and Protocols Edge Device (represents a single router or router pair)
  • 59. Data Communications and Protocols Getting data securely from one place to another requires some forethought and understanding Data is usually binary, hexadecimal, or text (ASCII) Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual Private Network (VPN) which uses IPSec as a tunneling protocol Limiting it through specific ports with DCOM Config Certain ports are used by every software manufacturer that has to have access to security or domain services, including Kerberos, Terminal Services, HTTP; anything whether TCP or UDP DCOM is also used to request or start services or programs (using RPC), which makes it viewed by some IT departments as something that cannot be used
  • 60. OSI Model and the Security Schemes DCOM and port selection occurs in this layer above the TDI. (Transport Driver Interface) It is difficult to secure the processes. IPSec Occurs in this layer mostly below the TDI and at the kernel level and the data is secure before it gets into the machine.
  • 61. Final Solution Requirements May Include: Retention of forensic information to support investigation/legal litigation Secure connectivity to wireless devices Doing these exercises will ensure that major elements are considered and incorporated into the final design and include People Process Policies Products
  • 62. Security Considerations Site Networks and Control System Security Approach View from management and technical perspective Address solutions from the IT and Process Control System perspectives Design/develop multiple layers of network, system, and application security Ensure compliance with industry, regulatory, and international standards
  • 63. Total Security Design Considerations Following these steps will prevent Process Control Networks (PCNs) from being implemented in pieces that will result in inconsistent or unsafe security designs Develop security policy Define requirements to implement a secure process environment Develop plan to implement security Implement the PCN without tightening down the machines Only after the above steps are complete… Apply the security policies and plan once the PCN is operating correctly!
  • 64. Final Solution Thoughts: Creating Infrastructure Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc.
  • 65. Final Solution Thoughts: Creating Infrastructure Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc. Final Review: Compliance with your company’s established Security Policy Make sure the devices that you select for the solution will do what they are supposed to in relation to your established security policies and requirements Firewalls, Routers, Switches Domain Controllers Physical Networks Remote Access Devices Wireless Access
  • 66. Security Program Performance Management Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 67. Security Program Performance Management Continual Monitoring and Alerting Yearly Review and Auditing Periodic Testing and Validation Continual Updating of Security System Requirements Security Program Performance Management Awareness & Assessment Policy & Procedures Security Solution
  • 68. Security Lifecycle Project Management Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures
  • 69. Security Lifecycle Project Management Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Define Component Test Plans
  • 70. Security Lifecycle Project Management Finalize Operational Security Measures Perform Pre-Installation Integration Test Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Perform Validation Test on Installed System Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Test Countermeasures Define Component Test Plans
  • 71. Security Lifecycle Project Management Reevaluate Security Countermeasures (Break-in or Major Plant Change) Periodic Audit and Compliance Measures Routine Security Reporting and Analysis Finalize Operational Security Measures Perform Pre-Installation Integration Test System Goes Operational Here Define Risk Goals Assess & Define Existing System Design or Select Countermeasures Define Integration Test Plan Perform Validation Test on Installed System Define System Validation Test Plan Conduct Risk Assessment & Gap Analysis Procure or Build Security Countermeasures Test Countermeasures Define Component Test Plans
  • 72. Security Program Performance Management Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets Excessive numbers of Logon attempts is a good indicator Do your own packet monitoring and set up alarms for out of parameter or unusual activity Educate your personnel—all users of the systems —to look for and report anything unusual or out-of-the-ordinary
  • 73. Security Program Performance Management Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets Excessive numbers of Logon attempts is a good indicator Do your own packet monitoring and set up alarms for out of parameter or unusual activity Educate your personnel—all users of the systems —to look for and report anything unusual or out-of-the-ordinary Monitoring and Alerts also give metrics on the health of the PCN and security systems If unusual activity is noted, fix it before it brings the system down
  • 74. Security Program Performance Management The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not make sense in a PCN/SCADA environment
  • 75. Security Program Performance Management The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not make sense in a PCN/SCADA environment Audit your metrics to be sure they make sense Some attacks can be long-term and can be disguised within expected data Some regulatory agencies may require audits of your PCN/SCADA security in the future Start doing this on your own before it is required so you can understand your processes when the time comes!
  • 76. In Summary… You must understand the corporate security policies They should be formal policies and they should be written out—if not, it could be a slippery slope
  • 77. In Summary… You must understand the corporate security policies They should be formal policies and they should be written out—if not, it could be a slippery slope The application integration must be constructed with the corporate security policies in mind In some cases it will not be possible to adhere to corporate IT policies because of cumulative poor IT security definition practices or deficient network design Mitigation strategies should be addressed up front for any perceived security breaches Common mitigation strategies include asking why a specific security policy is in place and doing a risk analysis of this perceived threat Additional mitigation strategies include burying the perceived breach inside of a secure layer or DMZ
  • 78. Additional Resources Best Practices Guidelines V1.0 document from the Microsoft Manufacturing Users Group, available at http://www.omac.org/wgs/MfgInfsrct/MSMUG/msmug_default.htm Microsoft Security Guidance http://www.microsoft.com/security/guidance ArchestrA Community http://www.ArchestrA.biz GAO Documents (GAO-04-354 and GAO-04-321) Department of Homeland Security http://www.dhs.gov/dhspublic/ ISA http://www.isa.org/
  • 79. Additional Resources Antivirus Technical Article http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002098.htm Wonderware Security White Paper http://dominoext.wonderware.com/PublicWWR5/PromoCol.nsf/wwwhite/0E58BBBF3F73885388257003005A5641/$file/SecurityWP_May16_color_Final.pdf Wonderware Security Resource Center http://www.wonderware.com/support/security/
  • 80. Your Presenter has been… Please drop me an email if you have any security related questions. Customer Security Guidance
  • 81. Thank You Very Much! The complete Basic Security Class is available online. Look for the schedule of all the Online Seminars at: www.wonderware.com/Training
  • 82. Thank You Very Much! QUESTIONS? Customer Security Guidance