cyber security in mining automation
play

Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber - PowerPoint PPT Presentation

Oct 16, 2022 •667 likes •1.07k views

ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division Agenda Why worry about cyber security? ABBs approach to cyber security Cyber security

  1. ABB MINING USER CONFERENCE, MAY 02-05, 2017 Cyber Security in Mining Automation Ragnar Schierholz, Head of Cyber Security, Industrial Automation Division

  2. Agenda Why worry about cyber security? ABB’s approach to cyber security Cyber security roadmap – reaching maturity with ABB Cyber Security Services Slide 2 May 8, 2017

  3. Cyber security in power and automation Why is cyber security an issue? Power and automation today Cyber security issues Modern automation, protection, and control systems are highly specialized IT systems – Leverage commercial off the shelf IT components Increased attack surface as compared to legacy, isolated systems – Use standardized, IP-based communication protocols – Are distributed and highly interconnected Communication with external (non-OT) systems – Use mobile devices and storage media – Based on software (> 50% of the ABB offering is software- Attacks from/over the IT world related) Attacks are real and have an actual safety, health, environmental, and financial impact Slide 3 May 8, 2017

  4. Cyber security in power and automation Why is cyber security an issue? Attacks are real and have an actual safety, health, environmental, and financial impact Slide 4 May 8, 2017

  5. A few common myths Subtitle Myth #1 – We are not interesting enough to be a target Myth #2 – Security doesn’t pay off “Small companies and industries outside of media attention are “Strong security is a waste of time and money” not a relevant target”  False  False – If it’s worth having , it’s worth stealing – Compromised control systems are NOT reliable and trustworthy and can prevent the customer from achieving its – Attackers’ business models are often built on economies of mission. scale – Misoperations due to cyber events can become a safety issue . – Critical infrastructure is often a network of smaller entities – Business continuity insurance can become more expensive or even unavailable . Anyone can become a target, defenses should be risk-driven Slide 5 May 8, 2017

  6. A few common myths Subtitle Myth #3 – We are air- gapped so we’re immune Myth #4 – We’re not on the Internet so we’re immune “Our system is air - gapped so attackers have no way in” “Our system does not have a direct connection to the Internet so attackers have no way in”  False  False – Staff needs to get data into and out of the system – Majority of incidents are staged attacks • Production schedules, engineering updates, … • (Spear)phishing to compromise legitimate user accounts • Production reports, emission reports, … • Compromise of perimeter networks first, e.g. DMZ, enterprise network – Entirely isolated systems are extremely cumbersome and expensive to operate • Lateral movement to reach more interesting targets • If no communication is built-in, convenient workarounds are improvised, e.g. unapproved networks, temporary connections, portable media Anyone can become a target, defenses should be risk-driven Slide 6 May 8, 2017

  7. The Biggest Challenges Addressing a unique set of requirements “Traditional” information technology Power and automation technology Object under protection Information Physical process Risk impact Information disclosure, financial loss Safety, health, environmental, financial Main security objective Confidentiality, Privacy Availability, Integrity Central Servers Distributed System Security focus (fast CPU, lots of memory, …) (possibly limited resources) 95 – 99% 99.9 – 99.999% Availability requirements (accept. downtime/year: 18.25 - 3.65 days) (accept. downtime/year: 8.76 hrs – 5.25 minutes) System lifetime 3 – 10 Years 5 – 25 Years Slide 7 May 8, 2017

  8. Agenda Why worry about cyber security? ABB’s approach to cyber security Cyber security roadmap – reaching maturity with ABB Cyber Security Services Slide 8 May 8, 2017

  9. Cyber Security @ ABB Three guiding principles Reality There is no such thing as 100% or absolute security Process Cyber security is not destination but an evolving target – it is not a product but a process Balance Cyber security is about finding the right balance – it impacts usability and increases cost Cyber security is all about risk management Slide 9 May 8, 2017

  10. ABB Cyber Security A word from ABB’s CEO Ulrich Spiesshofer, CEO ABB ”ABB recognizes the importance of cyber security in control-based systems and solutions for infrastructure and industry, and is working closely withour customers to address the new challenges.” Slide 10 May 8, 2017

  11. ABB Cyber Security Approach Full lifecycle coverage Project Design Product Engineering FAT Design Commissioning Implementation SAT Verification Release Support Plant Operation Maintenance Review Upgrade ABB addresses cyber security throughout the entire lifecycle and expects the same from our suppliers Slide 11 May 8, 2017

  12. Agenda Why worry about cyber security? ABB’s approach to cyber security Cyber security roadmap – reaching maturity with ABB Cyber Security Services Slide 12 May 8, 2017

  13. Three phases in a journey Subtitle Diagnose Implement Sustain Collect information for defined cyber KPIs Implement countermeasures to address ABB Customer Care service agreements the identified risks / gaps with defense- Identify risk and compliance status with – tailored to fit customer needs for in-depth regular maintenance – international standards – ensure desired level of security is – relevant regulations maintained over time by – ABB best practices • maintaining and continuously – customer policy and requirements improving implemented countermeasures • Data • adapting the security management • Collect system and defense-in-depth • Store concept to changed threat landscape • View • Analyze • Interpret • Report Slide 13 May 8, 2017

  14. Security service offering Slide 14 May 8, 2017

  15. How to introduce a security management system? Inspiration Note: IEC 62443-2-1 Ed 2.0 is still a work in progress and only available as draft from ISA here Slide 16 May 8, 2017

  16. Two core concepts Capability Maturity Indicator Levels Cyber Security Capability Domains MIL 0 : Generally, no practices are performed ISO/IEC 62443-2-1 C2M2 (ONG & ES) 1. Risk Management 1. Risk Management MIL 1 : Initial practices are performed but may be ad hoc 2. Information security policies 2. Asset, Change, and Configuration MIL 2 : Practices are established Management 3. Organization of information security 3. Identity and Access Management 4. Human resource security – Documented practices 4. Threat and Vulnerability Management 5. Asset management – Stakeholder involvement 5. Situational Awareness 6. Access control 6. Information Sharing and Communications 7. Cryptography – Appropriate resources 7. Event and Incident Response, Continuity 8. Physical and environmental security of Operations – Relevant standards used 9. Operations security 8. Supply Chain and External Dependencies 10.Communication Security Management MIL 3 : Practices are continuously managed 11. System acquisition, development and 9. Workforce Management maintenance – Policies guide the practices, incl. compliance 10. Cybersecurity Program Management 12. Supplier relationships – Continuous improvement 13. Information security incident management 14.Information security aspects of business – Assigned responsibility and authority continuity management 15. Compliance – Role-specific training Approach progression vs. Institutionalization progression Slide 17 May 8, 2017

  17. Specific guidance from C2M2 Example: Reaching MIL-1 First step: Determine risk and define target maturity level for each domain 2 2 11 6 9 6 6 12 4 3 Moving from MIL 0 to MIL 1 is a fairly big step Slide 18 May 8, 2017

  18. Lean approach Stage 0 – Getting started Objectives ABB Cyber Security Services Raise awareness in management and other relevant levels of the Awareness training organization – Often more effective if done by external entities Identify areas of biggest risk generically Security assessment / fingerprint – Doesn‘t have to be a very detailed audit – Leverage general experience with regards to common causes of incidents – Leverage general experience with regards to simple security countermeasures Slide 19 May 8, 2017

  19. Lean approach Stage 1 – Introduce basic protection Objectives ABB Cyber Security Services Establish a foundation for cyber security in operations Awareness training (continued) Security Patch Management Mitigate the most common risks with countermeasures which Malware Protection Management the organization is capable of operating System Hardening Backup & Recovery Management Demonstrate risk reduction effectiveness by selected examples Network Security Management (at least perimeter) Basic security monitoring (of the above practices) Establish a context-specific, detailed understanding of risk Cyber Security Assessment Cyber Security Risk Assessment Slide 20 May 8, 2017

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ON THE SEQUENTIAL PATTERN AND RULE MINING IN THE ANALYSIS OF CYBER SECURITY ALERTS Thursday 31 st

ON THE SEQUENTIAL PATTERN AND RULE MINING IN THE ANALYSIS OF CYBER SECURITY ALERTS Thursday 31 st

ON THE SEQUENTIAL PATTERN AND RULE MINING IN THE ANALYSIS OF CYBER SECURITY ALERTS Thursday 31 st August, 2017 Martin Husk Jaroslav Kapar Elias Bou-Harb Pavel eleda Motivation Cyber Security Alerts Timely information about current

826 views • 23 slides
Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework

Cyber Security Risk Using the Cyber Security Measurement Framework Cyber Security Framework Reporting Objectives Executive Summary Information Assess Current Cyber Security Posture Measure Progress Toward Improvement Assess

634 views • 5 slides
NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Security Automation

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Security Automation

NIST Information Technology Laboratory (ITL) The Cyber Maryland Showcase Security Automation Guidance Tower of Babel Documents Too much Alerts & Web Sites proprietary, Advisories incompatible information Costly

93 views • 8 slides
Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web

Web Security Cyber Security Lab Spring '10 04/15/10 Cyber Security Lab 1 Outline Web application weaknesses XSS AJAX weaknesses SQL Injection Attacks (Slides from Lars Olson)

588 views • 41 slides
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three

Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD students and employees)

359 views • 23 slides
YOUR SPEAKER 2016 CHIEF SECURITY OFFICER PRAETORIAN CONSULTING INTERNATIONAL (CYBER

YOUR SPEAKER 2016 CHIEF SECURITY OFFICER PRAETORIAN CONSULTING INTERNATIONAL (CYBER

YOUR SPEAKER 2016 CHIEF SECURITY OFFICER PRAETORIAN CONSULTING INTERNATIONAL (CYBER SECURITY AUTOMATION) 2014 HEAD OF INFORMATION SECURITY WORLDLINE (ATOS GROUP) (LEVEL ONE SERVICE PROVIDER) 2014 CISO LEVEL SECURITY, RISK

266 views • 24 slides
CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY

CYBER SECURITY PROTECTING AGAINST CYBER FRAUD IN SCALEUP COMPANIES AND WHAT TO DO SHOULD THEY HAPPEN London June 2019 INTRODUCTION Cyber Security The activity or process, ability or capability, or state whereby information and

735 views • 24 slides
ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* *

ICSS2015: International Cyber Security Strategy Congress: Cyber Security and Forensic Readiness* * Preliminary programme, subject to revision/update status 16 December 2014 4 February 2015 Day 1: Cyber Security Readiness Registration KU

306 views • 4 slides
Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford

16 Oct 2012 Homeland Security Perspectives: Cyber Security Partnerships and Measurement Activities Bradford Willke Cyber Security Advisor, MidAtlantic Region National Cyber Security Division (NCSD) Office of Cybersecurity and Communications

443 views • 20 slides
Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs !

Cyber security Current challenges Ludovic M, septembre 2019 Cyber security ? Three triptychs ! 3 properties ... Confidentiality (including personal data) Integrity Availability 2 -Sminaire LIRIMA: Cyber security: current

876 views • 64 slides
2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor,

2018 Legislative Ag Chairs Summit Cyber Security Geoff Jenista, CISSP Cyber Security Advisor, Region VII Office of Cybersecurity and Communications (CS&C) National Protection and Programs Directorate (NPPD) FOUO / UNCLASS Cyber Security

333 views • 12 slides
CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September

Eric Weston Wally Magda, CISSP, PSP, CISA Compliance Auditor, Cyber Compliance Auditor, Cyber Security Security CIP 101 Training CIP-007-3a Cyber Security System Security Management Overview September 24-25, 2013 Salt Lake City, UT No

2.02k views • 198 slides
Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific

Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific

Graph Based Role Mining Techniques for Cyber Security KIRI OLER, SUTANAY CHOUDHURY Pacific Northwest National Laboratory Flocon 2015, Portland, OR, USA January 15, 2015 1 Motivation Analyzing a machines past behavior in the face of an

625 views • 23 slides
CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview

CYBER SECURITY Nick Kervin Partner, IT Advisory August 2017 Page 1 CYBER SECURITY Overview 1. What is at risk? 2. Global industry trends 3. BDO/AusCERT survey 4. Recent cyber case studies 5. Cyber risk mitigation strategies Page

481 views • 35 slides
Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to

1 Healthy Approach to Cyber Security : For data-intensive healthcare, cyber security is integral to innovation Sallie Sweeney KPMG The healthcare industrys evolution toward a true value based system, assuming responsibility for complex

797 views • 10 slides
Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence

Centre for Cyber Security Thomas Kristmar Centre for Cyber Security Danish Defence Intelligence Service 05-10-2015 05-10-2015 Who are we? Centre for Cyber Security In respect of the Rule of Law and Privacy Cyber is a priority (Gov.

455 views • 18 slides
Introduction The Shure DIS conferencing system operates on an isolated network of microphone

Introduction The Shure DIS conferencing system operates on an isolated network of microphone

Shure DIS Cabling Best Practices Introduction The Shure DIS conferencing system operates on an isolated network of microphone units, interpretation stations, and additional conference accessories. Referred to as DCS-LAN (DCS 6000 local area

463 views • 9 slides
Automated Test Design and Bug Fixing @ Facebook Nadia Alshahwan FACEBOOK SOFTWARE ENGINEER

Automated Test Design and Bug Fixing @ Facebook Nadia Alshahwan FACEBOOK SOFTWARE ENGINEER

Automated Test Design and Bug Fixing @ Facebook Nadia Alshahwan FACEBOOK SOFTWARE ENGINEER SAPIENZ TEAM; THIS TALK IS BASED ON WORK OF THE WHOLE TEAM Unfortunately, your app has stopped. Engineers Design Machines Execute System Level

461 views • 43 slides
DESIGN AND OPTIMIZATION OF COMPOSITE LAMINATES REPAIRED BY BONDING EXTERNAL PATCHES P. Cheng, X.J.

DESIGN AND OPTIMIZATION OF COMPOSITE LAMINATES REPAIRED BY BONDING EXTERNAL PATCHES P. Cheng, X.J.

18 TH INTERNATIONAL CONFERENCE ON COMPOSITE MATERIALS DESIGN AND OPTIMIZATION OF COMPOSITE LAMINATES REPAIRED BY BONDING EXTERNAL PATCHES P. Cheng, X.J. Gong*, S. Aivazzadeh Laboratory LRMA-DRIVE, ISAT, University of Burgundy, Nevers, France *

320 views • 6 slides
On modeling image patch distribution for image restoration Charles Deledalle Joint work with:

On modeling image patch distribution for image restoration Charles Deledalle Joint work with:

LIRMM, Universit e de Montpellier S eminaire du 18 janvier 2018 On modeling image patch distribution for image restoration Charles Deledalle Joint work with: Shibin Parameswaran (UCSD/SPAWAR) Lo c Denis (T el ecom Saint

1.27k views • 93 slides
THE SOUTH DAKOTA 24/7 SOBRIETY PROJECT AN OVERVIEW NEW MEXICO PRESENTATION STATE OF THE SOUTH

THE SOUTH DAKOTA 24/7 SOBRIETY PROJECT AN OVERVIEW NEW MEXICO PRESENTATION STATE OF THE SOUTH

THE SOUTH DAKOTA 24/7 SOBRIETY PROJECT AN OVERVIEW NEW MEXICO PRESENTATION STATE OF THE SOUTH DAKOTA CRIMINAL JUSTICE SYSTEM IN 2004 FOR DECADES ALCOHOL AND DRUGS HAVE BEEN FUELING THE CRIMINAL JUSTICE SYSTEMS ESCALATING JAIL AND

229 views • 19 slides
Testing for the Unexpected: An Automated T ti f th U t d A A t t d Method of Injecting

Testing for the Unexpected: An Automated T ti f th U t d A A t t d Method of Injecting

Testing for the Unexpected: An Automated T ti f th U t d A A t t d Method of Injecting Faults for Engine Management Development M t D l t Scott James Applied Dynamics International Sh Shaun Fuller Pickering Interfaces F ll

353 views • 18 slides
SR28 A55 Pavement Design Let 11/2/2017 Thomas S. Adams, PE District 11 Pavement Engineer

SR28 A55 Pavement Design Let 11/2/2017 Thomas S. Adams, PE District 11 Pavement Engineer

SR28 A55 Pavement Design Let 11/2/2017 Thomas S. Adams, PE District 11 Pavement Engineer SR28 A55 Pavement Design Solution 13.7 Miles of 1984 Reinforced Concrete Pavement 2009 CPR 2004 CPR SR28 A55 Pavement Design Solution

1.09k views • 35 slides
Development of a Remote External Repair Tool for Damaged or Defective PE Pipe National Energy

Development of a Remote External Repair Tool for Damaged or Defective PE Pipe National Energy

Development of a Remote External Repair Tool for Damaged or Defective PE Pipe National Energy Technology Laboratory U. S. Department of Energy Project Kickoff Presentation December 16, 2003 Ken H. Green Principal Investigator Executive

270 views • 22 slides

More recommend