nist recommendations for ics amp iiot security securing
play

NIST Recommendations for ICS & IIoT Security Securing - PowerPoint PPT Presentation

Nov 14, 2022 •450 likes •616 views

NIST Recommendations for ICS & IIoT Security Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection Mike Powell, Project Cybersecurity Engineer, NIST /NCCoE Jim McCarthy, Energy Sector Federal Lead NIST / NCCoE

  1. NIST Recommendations for ICS & IIoT Security Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection Mike Powell, Project Cybersecurity Engineer, NIST /NCCoE Jim McCarthy, Energy Sector Federal Lead NIST / NCCoE Timothy Zimmerman, Computer Engineer, NIST EL

  2. Agenda • NIST / NCCoE Overview • Cyber Risks to Manufacturing Organizations • Why Stronger ICS Cybersecurity is Needed • Benefits of Behavioral Anomaly Detection (BAD) • NIST Testbeds: Process Control & Robotics • NIST Cybersecurity Framework (CSF) Mapping National Cybersecurity Center of Excellence nccoe.nist.gov 2

  3. Foundations & Mission Collaborative Hub The NCCoE assembles experts from businesses, academia, and other government agencies to work on critical national problems in cybersecurity. This collaboration is essential to exploring the widest range of concepts. As a part of the NIST cybersecurity portfolio, the NCCoE has access to a wealth of prodigious expertise, resources, relationships, and experience. Mission Accelerate adoption of secure technologies: collaborate with innovators to provide real-world, standards-based cybersecurity capabilities that address business needs National Cybersecurity Center of Excellence nccoe.nist.gov 3

  4. Engagement & Business Model DEFINE ASSEMBLE BUILD ADVOCATE OUTCOME: OUTCOME: OUTCOME: OUTCOME: Define a scope of Assemble teams of Build a practical, Advocate adoption work with industry to industry orgs, govt usable, repeatable of the example solve a pressing agencies, and academic implementation implementation cybersecurity institutions to address all to address the using the practice challenge aspects of the cybersecurity guide cybersecurity challenge challenge National Cybersecurity Center of Excellence nccoe.nist.gov 4

  5. Manufacturing Sector Projects • NISTIR 8219 Behavioral Anomaly Detection • Protecting Information System Integrity in Manufacturing Environments Project Description Join our Community of Interest Email us at manufacturing_nccoe@nist.gov National Cybersecurity Center of Excellence nccoe.nist.gov 5

  6. NISTIR 8219 Behavioral Anomaly Detection Securing Manufacturing Industrial Control Systems – Behavioral Anomaly Detection Overview • A cyber attack directed at manufacturing DEFINE ASSEMBLE BUILD ADVOCATE DEFINE ASSEMBLE BUILD ADVOCATE infrastructure could result in detrimental consequences to both human life and property Project Status • The goal is to provide a cybersecurity example solution that businesses can implement or use Final NISTIR 8219 expected release date March 2019 to strengthen cybersecurity in their manufacturing processes Collaborate with Us • The NISTIR demonstrated how manufacturing companies can implement behavioral anomaly • Download draft NISTIR 8219: detection tools without negatively impacting the https://www.nccoe.nist.gov/sites/default/files/library/mf- performance of their operational environments ics-nistir-8219.pdf • Email manufacturing_nccoe@nist.gov to join the Community of Interest for this project National Cybersecurity Center of Excellence nccoe.nist.gov 6

  7. Manufacturing Behavioral Anomaly Detection Use Case NISTIR 8219: Securing Manufacturing Industrial Control Systems – Behavioral Anomaly Detection • The NCCoE deployed commercially-available behavioral anomaly detection systems in two distinct but related manufacturing demo environments : • Collaborative robotics system • Simulated chemical process system • Security characteristics were mapped to the NIST Cybersecurity Framework (CSF) National Cybersecurity Center of Excellence nccoe.nist.gov 7

  8. NISTIR 8219 Securing Manufacturing Industrial Control Systems: Behavioral Anomaly Detection • Project goal: • demonstrate behavioral anomaly detection techniques that businesses can implement and use to strengthen the cybersecurity of their manufacturing processes. • Three detection methods: • network-based • agent-based • operational historian/sensor-based National Cybersecurity Center of Excellence nccoe.nist.gov 8

  9. Cyber risks to manufacturing organizations • Cybersecurity attacks directed at manufacturing infrastructure can be detrimental to both human life and property. • BAD mechanisms support a multifaceted approach to detecting cybersecurity attacks against ICS devices on which manufacturing processes depend, in order to permit the mitigation of those attacks. • Introducing anomalous data into a manufacturing process can disrupt operations, whether deliberately or inadvertently. • More sophisticated hacking tools and techniques are readily available for downloading from the internet. • Growing cyber-dependency makes critical infrastructure attacks harder to stop. National Cybersecurity Center of Excellence nccoe.nist.gov 9

  10. Benefits of Behavioral Anomaly Detection (BAD) This NISTIR is intended to help organizations accomplish their goals by using anomaly detection tools for the following purposes: • detect cyber incidents in time to permit effective response and recovery • expand visibility and monitoring capabilities within manufacturing control systems, networks, and devices • reduce opportunities for disruptive cyber incidents by providing real-time monitoring and anomaly-detection alerts • support the oversight of resources (e.g., IT, personnel, data) • enable faster incident-response times, fewer incidents, and shorter downtimes National Cybersecurity Center of Excellence nccoe.nist.gov 10

  11. Process Control System National Cybersecurity Center of Excellence nccoe.nist.gov 11

  12. Collaborative Robotics System • Discrete process • Four machining stations • Two machine-tending robots • Supervisory PLC • Modbus TCP National Cybersecurity Center of Excellence nccoe.nist.gov 12

  13. Mapping the security characteristics of BAD to the NIST CSF National Cybersecurity Center of Excellence nccoe.nist.gov 13

  14. Protecting Information System Integrity in Manufacturing Environments Cybersecurity for the Manufacturing Sector Overview • Threats to organizational environments such as DEFINE ASSEMBLE BUILD ADVOCATE destructive malware, malicious insider activity, advanced persistent threats, and even honest mistakes create the imperative for organizations Project Status to be able to protect their assets from data integrity attacks Project Description expected release date for public comments March 2019 • This project explores methods one could deploy to help prevent/mitigate the threats identified Collaborate with Us above as it pertains to deploying cybersecurity capabilities in an ICS manufacturing • Email manufacturing_nccoe@nist.gov to join the environment Community of Interest for this project National Cybersecurity Center of Excellence nccoe.nist.gov 14

  15. Questions? Michael Powell, Security Engineer Michael.Powell@nist.gov 301-975-0310 Jim McCarthy, Senior Security Engineer James.McCarthy@nist.gov 301-975-0228 Timothy Zimmerman, Computer Engineer Timothy.zimmerman@nist.gov 301-975-2435 http://nccoe.nist.gov 301-975-0200 nccoe@nist.gov National Cybersecurity Center of Excellence nccoe.nist.gov 15

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Continuous Asset Discovery, Risk Management & Threat Monitoring for IIoT & ICS Networks

Continuous Asset Discovery, Risk Management & Threat Monitoring for IIoT & ICS Networks

Continuous Asset Discovery, Risk Management & Threat Monitoring for IIoT & ICS Networks SANS Webinar on NIST Recommendations for IIoT & ICS Security With Behavioral Anomaly Detection (BAD) February 28, 2019 Phil Neray, VP of

714 views • 42 slides
True Cost and Real Benefits of @bsidesvienna 07e1 IIoT Security Verein zur Frderung der

True Cost and Real Benefits of @bsidesvienna 07e1 IIoT Security Verein zur Frderung der

Herbert Dirnberger True Cost and Real Benefits of @bsidesvienna 07e1 IIoT Security Verein zur Frderung der Sicherheit in sterreichs strategischer Infrastruktur Agenda Digital Darwinism Risks Scenario based IIoT Security Use Case

691 views • 27 slides
Securing 5G Infrastructure NIST NCCoE 5G Cybersecurity Workshop Oct 10 th , 2019 Kapil Sood

Securing 5G Infrastructure NIST NCCoE 5G Cybersecurity Workshop Oct 10 th , 2019 Kapil Sood

DARPA ONLY Securing 5G Infrastructure NIST NCCoE 5G Cybersecurity Workshop Oct 10 th , 2019 Kapil Sood Security Architect, Intel Corp. Kapil.Sood@intel.com 1 Transparent 5G delivers on the promise of cloud Open standards and x86 based

287 views • 5 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in

Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in

www.securing.pl Pawel Rzepa Serverless security: attack & defense www.securing.pl #whoami Senior Security Consultant in - Pentesting - Cloud security assessment Blog: https://medium.com/@rzepsky @Rzepsky

1.1k views • 63 slides
Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity

Designing, Building and Managing a Cyber Security Program Based on the NIST Cybersecurity Framework (NIST CSF) A Business Case Agenda and Objectives The Digital Innovation Economy The Cyber Security Problem The Cyber Security Solution

260 views • 22 slides
Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST

Federal Computer Security Managers Forum Meeting September 10, 2018 NIST Gaithersburg NIST Heritage Room NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 NIST Building 101 Ground Floor Map Stairs to Outside and

664 views • 11 slides
Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape

Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape

Demystifying The Edge for the IIoT Deployment: Supporting the new Industrial Landscape Department/Name/Date 1 Demystifying The Edge for IIoT I. Review the applications and services driving IIoT Edge deployments II. Discuss proper planning

689 views • 41 slides
The Next Growth Engine in AI & 5G Linda Tsai, IIoT President, Advantech Dec 6th, 2019 AI

The Next Growth Engine in AI & 5G Linda Tsai, IIoT President, Advantech Dec 6th, 2019 AI

The Next Growth Engine in AI & 5G Linda Tsai, IIoT President, Advantech Dec 6th, 2019 AI and 5G is the Cornerstone rstone of IIoT IIoT AI 5G 5G Use Cases Autonomous Industry Smart Transport & Smart Home Augmented/VR Vehicles

331 views • 12 slides
Securing PHP Applications By: Ilia Alshanetsky What is Security? Security is a measurement, not

Securing PHP Applications By: Ilia Alshanetsky What is Security? Security is a measurement, not

Securing PHP Applications By: Ilia Alshanetsky What is Security? Security is a measurement, not a characteristic. It s is also an growing problem that requires an continually evolving solution. A good measure of secure application is it

782 views • 74 slides
FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST

FEDERAL COMPUTER SECURITY MANAGERS FORUM MEETING FEBRUARY 6, 2020 NIST WEST SQUARE NIST GAITHERSBURG NIST Building 101 Ground Floor Map FCSM Quarterly Meeting Overview| 2 FCSM Quarterly Meeting Overview| 2 NIST-Guest Wireless Network

612 views • 14 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

412 views • 38 slides
NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security

NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security

NIST Role-based Training Guideline: SP 800-16, Rev. 1 Mark Wilson, CISSP Computer Security Division National Institute of Standards and Technology - March 23, 2010 - mark.wilson@nist.gov (301) 975-3870 (voice) http://csrc.nist.gov/

92 views • 8 slides
Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network The operating system The web server ( Apache for instance) The administration server ( SSH for instance) The database ( Oracle for instance)

1.37k views • 61 slides
Combinatorial Testing Rick Kuhn NIST Computer Security Division NIST Combinatorial Testing

Combinatorial Testing Rick Kuhn NIST Computer Security Division NIST Combinatorial Testing

Combinatorial Testing Rick Kuhn NIST Computer Security Division NIST Combinatorial Testing Applying empirical results to reduce the cost of testing. Example: 2.5 year study ~ 20% lower test development cost and 20% - 50% better

479 views • 13 slides
Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof.

Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof.

Securing Internet Communication: TLS, contd Network security CS 161: Computer Security Prof. Raluca Ada Popa Feb 27, 2018 Some slides credit David Wagner Announcements Midterm grades released Regrades: Read the follow-ups on the

1.75k views • 156 slides
R 20 YEARS OF HISTORY www.qualitjvidade.pt Qualitjvidade Consultjng Group comprises two

R 20 YEARS OF HISTORY www.qualitjvidade.pt Qualitjvidade Consultjng Group comprises two

R 20 YEARS OF HISTORY www.qualitjvidade.pt Qualitjvidade Consultjng Group comprises two companies: TECNIN Training SA, and QUALITIVIDADE Consultoria, Lda. It has a team consistjng of around 40 in-house collaborators and over 500

468 views • 12 slides
Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13,

Nassau County BOCES BUILDING AN INFORMATION SECURITY PROGRAM WITH CIS 20 AND NIST CSF MARCH 13, 2020 Adaptive Security AGENDA Introductions Presidio Cyber Security Practice Overview Why are we here? Common District Cyber

814 views • 56 slides
2020 Finance Breakout Partner Agency Orientation December 13, 2019 1 2018 2019 Core Agency

2020 Finance Breakout Partner Agency Orientation December 13, 2019 1 2018 2019 Core Agency

2020 Finance Breakout Partner Agency Orientation December 13, 2019 1 2018 2019 Core Agency Billing Wrap Up 2020 Invoice Template Changes Policy Changes Impacting Invoice Process Invoice Template Data Field Reminders

461 views • 22 slides
Working Group 1 Meeting Brussels, 14-15 May 2019 Membership update EaP CSF Statute updated as

Working Group 1 Meeting Brussels, 14-15 May 2019 Membership update EaP CSF Statute updated as

Working Group 1 Meeting Brussels, 14-15 May 2019 Membership update EaP CSF Statute updated as a result of the adopted internal reform not finalized, to be voted at AA 2019 - defines membership permanent members, delegates, friends of

438 views • 19 slides
Pesticide Program Dialogue Pesticide Program Dialogue Committee (PPDC) Committee (PPDC) PRIA

Pesticide Program Dialogue Pesticide Program Dialogue Committee (PPDC) Committee (PPDC) PRIA

Pesticide Program Dialogue Pesticide Program Dialogue Committee (PPDC) Committee (PPDC) PRIA Process Improvement PRIA Process Improvement Workgroup Workgroup October 1, 2009 October 1, 2009 Slide 1 Introductions and Introductions and

986 views • 71 slides
Bioanalytics Core Leslie M Shaw PPMI Annual Investigators Meeting, NYC May 8, 2013 11/16/2011

Bioanalytics Core Leslie M Shaw PPMI Annual Investigators Meeting, NYC May 8, 2013 11/16/2011

Bioanalytics Core Leslie M Shaw PPMI Annual Investigators Meeting, NYC May 8, 2013 11/16/2011 1 Bioanalytics Core-2013 Pilot study manuscript accepted for publication in JAMA Neurology Preparations for analyses of CSF A 1-42 ,

770 views • 18 slides
Rethinking procurement Presented by Health Purchasing Victoria Director Procurement, Alba

Rethinking procurement Presented by Health Purchasing Victoria Director Procurement, Alba

Rethinking procurement Presented by Health Purchasing Victoria Director Procurement, Alba Chliakhtine INTRODUCING HPV 3 Health Purchasing Victoria | Achieving best-value supply chain outcomes for Victorias health sector HPV organisation

672 views • 46 slides
CDFA Texas Financing Roundtable Webcast: State Financing Programs for Economic Development in

CDFA Texas Financing Roundtable Webcast: State Financing Programs for Economic Development in

CDFA Texas Financing Roundtable Webcast: State Financing Programs for Economic Development in Texas The Broadcast will begin at 2:00pm CST (3:00pm EST). While youre waiting, check out some upcoming CDFA events State Financing Programs for

1.08k views • 50 slides

More recommend