industrial control system ics security an overview of
play

Industrial Control System (ICS) Security: An Overview of Emerging - PowerPoint PPT Presentation

Nov 18, 2023 •345 likes •764 views

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant KEMA, Inc. (408) 253-7934 joe.weiss@kema.com Stuart Katzke, Ph.D. Senior

  1. Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant KEMA, Inc. (408) 253-7934 joe.weiss@kema.com Stuart Katzke, Ph.D. Senior Research Scientist National Institute of Standards and Technology (301) 975-4768 skatzke@nist.gov National Institute of Standards and Technology 1

  2. Session Presentations • Private sector industrial control system security standards, guidelines, and countermeasure implementation activities; Joe Weiss • Applying NIST SP 800-53, Revision 1 to industrial control systems; Stu Katzke National Institute of Standards and Technology 2

  3. Private sector industrial control system security standards, guidelines, and countermeasure implementation activities Joe Weiss, PE, CISM Executive Consultant KEMA, Inc. (408) 253-7934 joe.weiss@kema.com National Institute of Standards and Technology 3

  4. Industrial Control Systems - ICS • What are ICS – SCADA, DCS, PLCs, Intelligent Field devices • Used in all process control and manufacturing processes including electric, water, oil/gas, chemicals, auto manufacturing, etc National Institute of Standards and Technology 4

  5. SCADA CONTROL •Generator Set Points •Transmission Lines •Substation Equipment DATA Control Center •Critical Operational Data Provides network status, •Performance Metering SCADA is used extensively in the enables remote control, •Events and Alarms electricity sector. Other SCADA optimizes system Communication applications include gas and oil performance, facilitates Methods pipelines, water utilities, transportation emergency operations, •Directly wired networks, and applications requiring dispatching repair crews and •Power line carrier remote monitoring and control. Similar coordination with other •Microwave to real-time process controls found in utilities. •Radio (spread spectrum) buildings and factory automation. •Fiber optic National Institute of Standards and Technology 5

  6. What Makes ICS Different than IT • Deterministic systems with VERY high reliability constraints – Follow AIC rather than CIA • Generally utilize a combination of COTS (Windows, etc) and proprietary RTOS • Often are resource and bandwidth constrained – Block encryption generally does not work National Institute of Standards and Technology 6

  7. Why Are There So Few Experts IT Control Cyber Systems Security Control System Cyber Security National Institute of Standards and Technology 7

  8. ICS Security Myths • Firewalls make you secure • VPNs make you secure • Encryption makes you secure • IDSs can identify possible control system attacks • Messaging can be one-way • Field devices can’t be hacked • You can keep hackers out • You are secure if hackers can’t get in • More and better widgets can solve security problems • … National Institute of Standards and Technology 8

  9. Common ICS Vulnerabilities • Ports and services open to outside • Operating systems not “patched” with current releases • Dial-up modems • Improperly configured equipment (firewall does not guarantee protection) • Improperly installed/configured software (e.g., default passwords) • Inadequate physical protection • Vulnerabilities related to “systems of systems” (component integration) National Institute of Standards and Technology 9

  10. Need for Private Sector ICS Standards • IT security standards are not fully adequate – Need unique standards for field devices with proprietary RTOS – Need to be coordinated with IT • Private industry ICS security requirements are different than for IT and DOD – Performance more important than security • Lack of metrics and design requirements for industrial ICS National Institute of Standards and Technology 10

  11. Example Differences Between IT and ICS • Passwords • Passwords – Unique, complex, – Role-based, alpha, changed frequently unchanged • Patching • Patching – Timely with automated – May not be timely, no tools automation • Administrator • Administrator – Central administrator – Control system engineer National Institute of Standards and Technology 11

  12. ICS Impacts • More than 80 known cases (intentional and unintentional) • All industries – Electric (T&D, fossil, hydro, and nuclear) – Oil/gas – Water – Chemicals – Manufacturing – Railroads • Damage ranging from trivial to equipment damage and death National Institute of Standards and Technology 12

  13. Bench-Scale Vulnerability Demonstrations SCADA Protocol (DNP 3.0) Operator Interface Field Device Scenarios •Remote Terminal Unit (RTU) •Denial of service •Intelligent Electronic Device (IED) Protocol Analyzer •Operator spoofing •Programmable Logic Controller (PLC) (Intruder) •Direct manipulation of field devices Vulnerability implications vary significantly •Combinations of above depending on the scenario and application National Institute of Standards and Technology 13

  14. Very Few Publicly Identified Cases of Control System Cyber Events (Two attached are not public) • Event : Unintentional substation communication failure caused by intentional • More than 80 cases Welchia worm traffic from unpatched system • Impact : Shutdown of 30-40% of all across multiple industries communication traffic from the distribution • Impacts range from trivial SCADA to the Control Center to equipment damage to • Lessons learned: Use up-to-date patches and software & implement effective cyber death security program/ protocols • Anecdotal evidence suggests other cases go unreported, for fear of vulnerability exposure, • Event : Unsecured GIS mapping system (no business liability firewall) enabled Internet-based targeted attack, resulting in loss of SCADA system • Impact : SCADA servers and mapping system unavailable for two weeks • Lessons learned : Isolate SCADA system from corporate LAN, install firewall between the DSL router and corporate LAN, install firewalls between frame relay and neighbors to isolate all non business-related ports National Institute of Standards and Technology 14

  15. Private Sector ICS Standards Activities • Standards efforts ongoing internationally and by industry • More than 40 standards and industry organizations world-wide – Need effective coordination – NIST 800-53 can help provide a common basis National Institute of Standards and Technology 15

  16. Typical ICS Standards • By Industry – NERC (electric) , NRC (nuclear), IEC TC57 (electric), AGA (gas), AWWA (water), etc. • Generic – ISA SP99, IEC TC65, ISO-17799 National Institute of Standards and Technology 16

  17. ISA SP99 • Developing an Standard for Industrial Control System Security – Part 1 – Terminology, Concepts and Models – Part 2 – Establishing an Industrial Automation and Control Systems Program Part 3 – Operating an Industrial Automation and Control Systems Program – Part 4 – Security Requirements for Industrial Automation and Control Systems http://www.isa.org/MSTemplate.cfm?MicrosoftID=988& CommitteeID=6821 National Institute of Standards and Technology 17

  18. Why the Need to Extend NIST SP 800-53 • NIST SP 800-53 was developed for the traditional IT environment • It assumes ICSs are information systems • When organizations attempted to utilize SP 800-53 to protect ICSs, it led to difficulties in implementing SP 800-53 countermeasures because of ICS-unique needs National Institute of Standards and Technology 18

  19. Applying NIST Special Publication (SP) 800-53 to Industrial Control Systems Stuart Katzke, Ph.D. Senior Research Scientist National Institute of Standards and Technology (301) 975-4768 skatzke@nist.gov National Institute of Standards and Technology 19

  20. FISMA Legislation Overview “Each federal agency shall develop, document, and implement an agency-wide information security program to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source…” -- Federal Information Security Management Act of 2002 National Institute of Standards and Technology 20

  21. NIST Publications • Federal Information Processing Standards (FIPS) • Special Publication (SP) 800 Series documents National Institute of Standards and Technology 21

  22. Federal Information Processing Standards (FIPS) • Approved by the Secretary of Commerce • Compulsory and binding standards for federal agencies non-national security information systems • Voluntary adoption by federal national security community and private sector • Since FISMA requires that federal agencies comply with these standards, agencies may not waive their use for non-national security information systems National Institute of Standards and Technology 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Industrial Control System Security Overview Peter Maynard, PhD Researcher # ?? @CSIT_QUB What

Industrial Control System Security Overview Peter Maynard, PhD Researcher # ?? @CSIT_QUB What

Industrial Control System Security Overview Peter Maynard, PhD Researcher # ?? @CSIT_QUB What is ICS and SCADA Industrial Control Systems (ICS): Chemical, water, gas processing. Transportation, electricity, nuclear systems.

331 views • 7 slides
Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and

Industrial Control System (ICS) Security: An Overview of Emerging Standards, Guidelines, and Implementation Activities . Joe Weiss, PE, CISM Executive Consultant Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Stuart

947 views • 49 slides
NISTs Industrial Control System (ICS) Security Project Presented at the: Secure Manufacturing

NISTs Industrial Control System (ICS) Security Project Presented at the: Secure Manufacturing

NISTs Industrial Control System (ICS) Security Project Presented at the: Secure Manufacturing in the Age of Globalization Workshop November 28, 2007 Stuart Katzke and Keith Stouffer National Institute of Standards and Technology

767 views • 40 slides
Security Controls for Industrial Control Systems EEI/AGA Security Committee Fall Meetings

Security Controls for Industrial Control Systems EEI/AGA Security Committee Fall Meetings

Security Controls for Industrial Control Systems EEI/AGA Security Committee Fall Meetings September 13, 2006 Boston, MA Stuart Katzke and Keith Stouffer, National Institute of Standards & Technology, Gaithersburg, MD Marshall Abrams, The

460 views • 23 slides
Mode Estimation using Synchrophasors Arezoo Rajabi and Rakesh B. Bobba 2 nd Industrial Control

Mode Estimation using Synchrophasors Arezoo Rajabi and Rakesh B. Bobba 2 nd Industrial Control

A Resilient Algorithm for Power System Mode Estimation using Synchrophasors Arezoo Rajabi and Rakesh B. Bobba 2 nd Industrial Control System Security (ICSS) Workshop, December 6 th 2016 Outline Introduction Background and Problem

425 views • 30 slides
Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor

Security Challenges and Requirements for Industrial Control Systems in the Semiconductor Manufacturing Sector Malek Ben Salem Accenture Technology Labs NIST Workshop on Cyber-Security for Cyber-physical Devices April 23 rd , 2012 Outline

837 views • 37 slides
Industrial Robots Industrial Robots Control Control Part 2 Control Control Part 2 Part 2

Industrial Robots Industrial Robots Control Control Part 2 Control Control Part 2 Part 2

Industrial Robots Industrial Robots Control Control Part 2 Control Control Part 2 Part 2 Part 2 Introduction to centralized control Independent joint decentralized control may prove inadequate when the user requires high task

673 views • 36 slides
yxwvutsrponmlkihgfedcbaUTSONCA Control systems are computer based facilities, systems, and

yxwvutsrponmlkihgfedcbaUTSONCA Control systems are computer based facilities, systems, and

7/11/2011 Why this presentation? This is an emerging and important area of information assurance that of cyber physical systems. CPS instantiated in the industrial world can be view as control system security or sometimes called

130 views • 10 slides
Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The

Cyber Security Research on Industrial Control Systems SM Yiu Department of Computer Science The University of Hong Kong Cyber-security for industry 4.0 conference 23 June, 2017 1 Will the followings only be seen in movies? Movies: Cyber

510 views • 28 slides
Xpanda security gates Security solutions Retail security gate solutions Industrial

Xpanda security gates Security solutions Retail security gate solutions Industrial

STOREFRONT PROTECTION Xpanda security gates Security solutions Retail security gate solutions Industrial security gate solutions Institutional security gate solutions Access control security gate solutions Office building

406 views • 13 slides
Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control

Network Anomaly Detection in Modbus TCP Industrial Control Systems RP1 #52: Industrial Control Systems Research Philipp Mieden & Rutger Beltman, 2020 Supervisor: Bartosz Czaszynski, Deloitte Industrial Network VS Corporate Network 2

379 views • 35 slides
NIST Recommendations for ICS & IIoT Security Securing Manufacturing Industrial Control

NIST Recommendations for ICS & IIoT Security Securing Manufacturing Industrial Control

NIST Recommendations for ICS & IIoT Security Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection Mike Powell, Project Cybersecurity Engineer, NIST /NCCoE Jim McCarthy, Energy Sector Federal Lead NIST / NCCoE

616 views • 15 slides
Take Control Automated Control Industrial Engineering Industrial I.T. C/ Halcn n 20, 6H

Take Control Automated Control Industrial Engineering Industrial I.T. C/ Halcn n 20, 6H

Programming and Automation Ltd. www.proconingenieros.com Take Control Automated Control Industrial Engineering Industrial I.T. C/ Halcn n 20, 6H Granada. info@proconingenieros.com Automation and control Industrial I.T. - Industrial

304 views • 19 slides
Industrial Control Systems The Other Network And Cyber Security Dated: March 7, 2019

Industrial Control Systems The Other Network And Cyber Security Dated: March 7, 2019

3/8/2019 Industrial Control Systems The Other Network And Cyber Security Dated: March 7, 2019 Davenport GICSP 1848 What are ICS Networks? 1 3/8/2019 What are ICS Networks? ICS, or Industrial Controls Systems, is a generic

360 views • 20 slides
DEVELOPING INDUSTRIAL ROBOT USING POLYMERIC MATERIALS & ADAPTIVE SYSTEM CONTROL GENERAL

DEVELOPING INDUSTRIAL ROBOT USING POLYMERIC MATERIALS & ADAPTIVE SYSTEM CONTROL GENERAL

DEVELOPING INDUSTRIAL ROBOT USING POLYMERIC MATERIALS & ADAPTIVE SYSTEM CONTROL GENERAL INFORMATION: Studying and developing of an industrial robot-manipulator using polymeric materials and adaptive system control. Cybernation and

194 views • 15 slides
Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong

Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong

Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong (Kevin) Jin 1 Who am I? CS faculty, Ph.D., University of Illinois at Urbana- Champaign (UIUC), http://cs.iit.edu/~djin/ Research:

851 views • 52 slides
Ward 5 ResiStat Mayor Joe Curtatone Alderman Mark Niedergang Where Can I Learn More?

Ward 5 ResiStat Mayor Joe Curtatone Alderman Mark Niedergang Where Can I Learn More?

Ward 5 ResiStat Mayor Joe Curtatone Alderman Mark Niedergang Where Can I Learn More? somervillema.gov somervillema.gov/newsletter somervillema.gov/events Cedar Street Sign up for alerts at somervillema.gov/cedarstreet Work coming

798 views • 55 slides
Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is

Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is

Cybersecurity What you need to know Agenda Introduction Kevin Bobroske What is cybersecurity? Why should I care? What can I do about it? High level cyber framework overview Summary + QA Fun stuff BIO Kevin

546 views • 32 slides
Can the engagement of the smart ci0zen and the division of our ci0es into quan0fied communi0es

Can the engagement of the smart ci0zen and the division of our ci0es into quan0fied communi0es

Can the engagement of the smart ci0zen and the division of our ci0es into quan0fied communi0es creates a more effec0ve smart city? Smart Ci0es: General Efficiency, security, economic improvement, management of natural resources, and an

336 views • 8 slides
Cyber Threat Brief March 2020 Ilene Klein, CISSP, CISM, CIPP/US Arizona Cybersecurity Program

Cyber Threat Brief March 2020 Ilene Klein, CISSP, CISM, CIPP/US Arizona Cybersecurity Program

Cyber Threat Brief March 2020 Ilene Klein, CISSP, CISM, CIPP/US Arizona Cybersecurity Program Coordinator UNCLASSIFIED / TLP:WHITE Why Cybersecurity Matters in the Time of Pandemic A heightened dependency on digital infrastructure raises

760 views • 61 slides
Client Alert United Technologies Fined $75 Million for Export Control Violations Contact Attorney

Client Alert United Technologies Fined $75 Million for Export Control Violations Contact Attorney

Client Alert United Technologies Fined $75 Million for Export Control Violations Contact Attorney Regarding This Matter: On June 28, United Technologies, Inc. (UTC) and two of its affjliates pled guilty Michael E. Burke to illegal sales of

297 views • 3 slides
Monthly Meeting April 22, 2020 Central Maryland Chapter Sponsors: Clearswift, LogRhythm, Tenable

Monthly Meeting April 22, 2020 Central Maryland Chapter Sponsors: Clearswift, LogRhythm, Tenable

Monthly Meeting April 22, 2020 Central Maryland Chapter Sponsors: Clearswift, LogRhythm, Tenable Network Security, Parsons, UMBC Training Centers Please respect the speakers and other members, Silence or turn off cell phones and electronic

275 views • 13 slides
The next telecom frontier: a net neutrality primer Robert Lipstein and Jeffrey Blumenfeld

The next telecom frontier: a net neutrality primer Robert Lipstein and Jeffrey Blumenfeld

US : TELECOMMUNICATIONS The next telecom frontier: a net neutrality primer Robert Lipstein and Jeffrey Blumenfeld Crowell & Moring LLP 1 There is no consensus on precisely what Network Neutrality Putting the intelligence in

168 views • 5 slides
and improve climate prediction F. COUNILLON , N. KEENLYSIDE, M. DEVILLIERS, S. KOSEKI, M.-L. SHEN ,

and improve climate prediction F. COUNILLON , N. KEENLYSIDE, M. DEVILLIERS, S. KOSEKI, M.-L. SHEN ,

Approaches to reduce model bias and improve climate prediction F. COUNILLON , N. KEENLYSIDE, M. DEVILLIERS, S. KOSEKI, M.-L. SHEN , G. DUANE, I. BETHKE, T. TONIAZZO EnKF Workshop 3/06/2019 Norwegian Climate Prediction Model (NorCPM) Norwegian

476 views • 23 slides

More recommend