SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

Size: px
Start display at page:

Download "SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005"

Transcription

1 SCADA System Security ECE 478 Network Security Oregon State University March 7, 2005 David Goeke Hai Nguyen

2 Abstract Modern public infrastructure systems use Supervisory Control and Data Acquisition (SCADA) systems for daily operation. This includes water treatment systems; electric power transmission, distribution, and generation; petroleum storage and refineries; and other public infrastructure systems. The SCADA system provides monitoring, data analysis, and control of the equipment used to manage most public infrastructure systems. The SCADA network is comprised of various communication devices. Routers, switches, wireless equipment, serial connections, proprietary hardware monitors, and various computers are used. This project will examine common SCADA control network implementations to determine possible weaknesses and solutions.

3 Table of Contents 1. SCADA Overview Security Overview RTU Security Server Security Network Security Network Access Network Segmentation External Access RF Security The MODBUS Protocol Securing MODBUS Conclusion Glossary of Terms Bibliography

4 1. SCADA Overview SCADA systems are used in industrial and civil engineering applications to control and monitor distributed systems from a central location. SCADA solutions are implemented in a wide variety of industries including Electric power generation, transmission, and distribution, Environmental Control Systems, Traffic Signals, Water management systems, and Manufacturing systems. Hardware solutions utilize switches, pumps, and other devices that are controlled by Remote Telemetry Units (RTU). Sever units then monitor the hardware and collect values, as well as provide control features that allow the operator remotely manage the physical equipment. The server unit runs a management package that typically runs on top of a Unix variant, although many vendors are beginning to provide Microsoft Windows support. A Human-machine interface allows the operator to view the state of the plant equipment. Dumb terminals or PC s usually host this interface. Alarms are used to alert the operator that intervention is required to keep things running smoothly. A wide variety of networking equipment is then used to connect all of these components together. Wireless technology is popular for its ability to span long distances with minimal equipment. Fiber gives greater reliability but incurs far more expense. Serial technologies utilize dedicated copper wiring or Telco POTS lines. Common protocols include Modbus and DNP3. Although originally designed to run on low-bandwidth proprietary networks, many protocols have included extensions to operate over TCP/IP. Figure 1 shows a simple SCADA network implementation. The system involves a Server unit that controls a serial based traffic signal system, as well as a water treatment plant and several stream flow monitors connected using wireless technology in the 2.4 GHz range. Two monitoring stations provide user control of the system.

5 2. Security overview Due to the nature of what they control, SCADA networks are part of our nation s critical infrastructure and require protection from a variety of threats. When initially designed, SCADA equipment was designed for maximal functionality. As a result many security risks were exposed to maximize the communication efficiency. This makes many SCADA networks potentially vulnerable to attack. These attacks could result in disruption of service, manipulation of data, or unauthorized control of the connected equipment. The United States Department of Energy states that: Action is required by all organizations, government or commercial, to secure their SCADA networks as part of the effort to adequately protect the nation s critical infrastructure. (U.S. Dept. of Energy, 2002) This paper will address several potential vulnerabilities of SCADA systems and possible solutions. The report will be broken down into 5 parts: RTU s, Server security, Protocol Analysis, Network infrastructure security, as well as miscellaneous topics.

6 2.1 RTU Security The RTU, or Remote Telemetry Unit is a device which interfaces objects in the physical world to a SCADA system. An example of this is attaching an RTU to a water pump to allow monitoring and control of the pump. Serial and Ethernet interfaces are common on these units, as well as null-modem management interfaces. Physical security must first be evaluated. Secure facilities must be acquired which limits access to authorized personnel only. Secondly, the RTU configuration must be analyzed. Management interfaces should be disabled or utilize the strongest authentication. Firmware should be upgraded to the latest stable release. All unused features should be disabled. 2.2 Server Security The Server unit is vulnerable to several types of attack. Unauthorized access may be obtained using a network or modem based attack, or by visiting the physical location. Another risk is an attack that damages the server and makes it inoperable. Security must first be obtained through restricting access to authorized users only. Physically locate the server in a safe location that restricts access to authorized users only. Proper access controls should be implemented to verify the identity of the user. If passwords are used they should be changed frequently. Biometric devices are also helpful. The operating system must also be hardened. Any unnecessary software and services should be removed. Apply all stable patches to the system. Communication protocols must be configured for maximal security. Protocol security is covered in greater depth in the section labeled Protocol Security. 2.3 Network Security The network infrastructure is the most visible piece of the SCADA system, which makes it an obvious location for attack. As security provider Riptech points out, there is a common misconception that SCADA networks use strong access controls. In reality most SCADA systems utilize hardware from many different manufactures which require the integration of different communication standards. (Riptech

7 Inc, 2001) The result is often usually a very functional system, but due to the increased complexity security concerns are often ignored. A second misconception is the belief that the SCADA system resides on a separate standalone network. Most SCADA systems were originally built on separate standalone networks, but were eventually bridged as a result of changes in information management practices. The need for real-time data became desirable on the corporate network. Corporate decision makers wanted the critical data from their operations systems. Many of these connections are implemented without a full understanding of the security risks. In addition to these misconceptions certain network mediums present their own set of security risks. Sniffing, Denial of Service (DOS) and spoofing attacks are all serious threats. There are several steps that can be taken to minimize the threat and impact of such vulnerabilities and attacks Network Access All network connection points must be identified. This includes Ethernet ports, Wireless Links, and Serial connections. All unused and unnecessary ports need to be disabled. The network architecture should be segmented in such a way to provide access control between different segments. Data warehousing and server network segments should be especially well secured Network Segmentation In spite of the best security practices there still exists a possibility that an attacker may gain unauthorized access. Network IDS systems provide an additional layer of monitoring to alert you to the presence of unauthorized access. An IDS system is basically a network vacuum that contains advanced data analysis tools to examine network traffic and identify likely attacks. Network IDS systems should be established on both the internal network, as well as the connecting external networks to monitor for incidents.

8 2.3.3 External Access In certain instances external access to the SCADA network may be necessary. Vendors may need access, or connections to the corporate network may be necessary. Every one of these connections presents a serious threat. It is extremely important that all external access points be identified. Determine what specific access is needed. Identify the methods used to connect. All access points should implement proper security measures. Firewalls and IDS monitors should be used. Firewall rules should be as specific as possible, allowing only the bare minimum access to the SCADA network. Make sure to implement outbound filtering as well to prevent internal SCADA hosts from accessing hosts on the external networks. Any communication that is happening between the SCADA network and other networks should utilize secure protocols. Plaintext protocols present the greatest threat and should be secured. One technique of securing plaintext communication is to wrap the communication inside a VPN tunnel. A VPN creates a virtual route between two networks where all data that is transmitted is encrypted. Desirable VPN products utilize IPSEC and SSL encryption. Avoid products using PPTP as it has been shown defective. Access controls should also be implemented to restrict access to specific IP address ranges to minimize the likelihood that a potential attacker would even discover the service as is shown in figure 2.

9 2.3.4 RF Security Wireless communications devices are popular for SCADA networks due to the long distances between monitoring stations. A typical architecture involves point-to-point links operating at either 900 MHz or 2.4 GHz. Newer systems are adopting the standards while legacy utilize proprietary data link level protocols. The security of is an entire subject to itself and this paper will not attempt to cover it. The focus of this section is to identify the common wireless threats to the RF transmission. Wireless communication presents a huge security and stability problem. The broadcast nature of the data allows it to be recorded and analyzed at a later date. At this point 128 bit encryption provides adequate protection from this attack. The control features of SCADA networks require that adequate bandwidth be available to transmit data to the RTU. This is hard to guarantee when using wireless technologies. Each frequency has a limited amount of bandwidth so competing devices may take bandwidth. A hostile attack is also possible using an RF generation device. By transmitting random RF noise it is possible to flood the available frequency space and block the SCADA control traffic. This attack is easily tracked with the proper directional antennas, but the temporary loss of control could prevent corrective action at the RTU and cause an accident. Several actions can be taken to reduce the risk of this attack, but it is physically impossible to prevent it when using the public airspace for transmission. Highly directional antennas will reduce the amount of interfering RF signal. Acquiring licenses for limited use commercial frequencies will reduce interference, but the potential for signal jamming still exists. Wireless does not provide the service guarantee needed for mission critical control systems. It is however a good method for monitoring and control of non-essential RTU s where the loss of communication is unlikely to cause an incident.

10 2.4 The MODBUS Protocol The MODBUS protocol is currently one of the most popular protocols for use with SCADA systems. It is an application layer messaging protocol that provides client/server '()*+,-$# communication between devices connected through different types of busses or networks. It has been an industry standard for device automation using serial communication since Today the protocol has been adapted to function over TCP/IP, where it uses TCP port 502. Figure 3 shows the basic protocol structure for both serial and TCP/IP communication. MODBUS is a request/reply protocol. The packet is broken down into an application data unit (ADU) which contains a simple protocol data unit (PDU). The PDU contains a one byte function code and the data field. The data field contains additional information that the server uses to take the defined action Securing MODBUS!" #$#%&% When MODBUS was developed in the 70 s it provided adequate security for the current threats being faced. Most communication was taking place on isolated serial networks using private lines. Attacks required a very specific knowledge of which lines were being use, and generally required physical access. With the TCP implementation the security rules have changed. Interconnected networks span the globe allowing creative attackers to potentially exploit the system from anywhere around the globe. The clear-text nature of the protocol makes it especially vulnerable. Monitoring data can be gathered with ease, and passwords may be gleaned from the transmission. In order to protect this protocol we must wrap it inside an encryption medium. An IPSEC VPN connection should be used to encapsulate the traffic whenever it is traveling across a vulnerable medium. Some examples of vulnerable mediums include non-scada and wireless networks.

11 Conclusion SCADA networks are diverse systems. The integration of legacy hardware with new technologies leads to a vast array of technologies and protocols being used. The integration of these technologies is typically oriented towards functionality with little thought for security. On the other hand SCADA networks are used to monitor and control many mission-critical systems used for power generation, water management, transportation system control, and other industrial applications. A security breach of these mission-critical services could have devastating effects. In some instances lives could be lost and financial losses could be immense. The security of these systems is critical for the operation of our society. Security of these services should have high priority. The security of the system is dependent on the individual security of each component. Breaches can happen on all levels. RTU units most be properly configured to limit exposure and physical plant security must be implemented to limit access. Server security consists of hardening the underlying operating system and eliminating all unnecessary services. Network security is a diverse topic. Disconnect all unnecessary connections. Segment the network into logical groupings and use Access Controls to restrict unwanted traffic. Monitor your network and be aware of what is enter and leaving. Intrusion Detection packages should be used to automate this monitoring. Eliminate all plain-text communication traversing the corporate network but wrapping it inside an encryption layer with VPN technology. To summarize, implement proper physically security, properly configure all devices to permit only necessary communication, and use monitoring tools to verify security policy is being followed and warn of attacks.

12 2.4 Glossary of Terms IDS: An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system. IPSEC: Short for IP Security, a set of protocols developed by the IETF to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPN). SSL: Short for Secure Sockets Layer, a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. PPTP: Short for Point-to-Point Tunneling Protocol, a new technology for creating Virtual Private Networks (VPN), developed jointly by Microsoft Corporation, U.S. Robotics, and several remote access vendor companies, known collectively as the PPTP Forum. VPN: Short for Virtual Private Network, a network that is constructed by using public wires to connect nodes. DOS: Short for Denial-Of-Service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Modbus: An open, serial communications protocol based on the master/slave architecture. Modbus is a protocol that provides the internal standard that Modicon controllers use for parsing messages. Commonly used for SCADA communication. DNP3: A protocol for transmission of data from point A to point B using serial communications. SCADA: Acronym for Supervisory Control and Data Acquisition, a computer system for gathering and analyzing real time data. RTU: Short for remote Telemetry Unit. In SCADA systems, an RTU is a device installed at a remote location that

13 collects data, codes the data into a format that is transmittable and transmits the data back to a central station, or master. POTS: Short for Plain Old Telephone Service, which refers to the standard telephone service that most homes use.

14 2.5 Bibliography Office of Energy Assurance, U.S. Department of Energy. (2002). 21 Steps to Improve Cyber Security of SCADA Networks. Retrieved March 1, 2005 from the World Wide Web: Riptech Inc. (Jan, 2001). Understanding SCADA System Security Vulnerabilities. Retrieved March 1, 2005 from the World Wide Web:

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...

More information

Windows Remote Access

Windows Remote Access Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

Understanding SCADA System Security Vulnerabilities

Understanding SCADA System Security Vulnerabilities Understanding SCADA System Security Vulnerabilities Talking Points Executive Summary Common Misconceptions about SCADA System Security Common Vulnerabilities Affecting SCADA Networks Tactics to Strengthen

More information

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 http://technet.microsoft.com/en-us/library/cc757501(ws.10).aspx Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003 Updated: October 7, 2005 Applies To: Windows Server 2003 with

More information

Designing a security policy to protect your automation solution

Designing a security policy to protect your automation solution Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Executive Summary and Purpose

Executive Summary and Purpose ver,1.0 Hardening and Securing Opengear Devices Copyright Opengear Inc. 2013. All Rights Reserved. Information in this document is subject to change without notice and does not represent a commitment on

More information

SCADA SYSTEMS AND SECURITY WHITEPAPER

SCADA SYSTEMS AND SECURITY WHITEPAPER SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of

More information

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/ 287-1808

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/ 287-1808 cover_comp_01 9/9/02 5:01 PM Page 1 For further information, please contact: The President s Critical Infrastructure Protection Board Office of Energy Assurance U.S. Department of Energy 202/ 287-1808

More information

Using a VPN with Niagara Systems. v0.3 6, July 2013

Using a VPN with Niagara Systems. v0.3 6, July 2013 v0.3 6, July 2013 What is a VPN? Virtual Private Network or VPN is a mechanism to extend a private network across a public network such as the Internet. A VPN creates a point to point connection or tunnel

More information

Introduction of Intrusion Detection Systems

Introduction of Intrusion Detection Systems Introduction of Intrusion Detection Systems Why IDS? Inspects all inbound and outbound network activity and identifies a network or system attack from someone attempting to compromise a system. Detection:

More information

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES

PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute

More information

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc. Securing Modern Substations With an Open Standard Network Security Solution Kevin Leech Schweitzer Engineering Laboratories, Inc. Copyright SEL 2009 What Makes a Cyberattack Unique? While the resources

More information

Process Control and Automation using Modbus Protocol

Process Control and Automation using Modbus Protocol Process Control and Automation using Modbus Protocol Modbus is the fundamental network protocol used in most industrial applications today. It is universal, open and an easy to use protocol. Modbus has

More information

Network Management System (NMS) FAQ

Network Management System (NMS) FAQ Network Management System (NMS) FAQ Q: How does the NMS work? A: The Cooper NMS is a powerful, flexible and highly scalable wireless and fixed network management solution for thousands of network nodes

More information

Working at a Small-to-Medium Business or ISP Chapter 8

Working at a Small-to-Medium Business or ISP Chapter 8 ISP Responsibilities Working at a Small-to-Medium Business or ISP Chapter 8 Copyleft 2012 Vincenzo Bruno (www.vincenzobruno.it) Released under Creative Commons License 3.0 By-Sa Cisco name, logo and materials

More information

7.1. Remote Access Connection

7.1. Remote Access Connection 7.1. Remote Access Connection When a client uses a dial up connection, it connects to the remote access server across the telephone system. Windows client and server operating systems use the Point to

More information

Basics of Internet Security

Basics of Internet Security Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational

More information

CMS Operational Policy for Firewall Administration

CMS Operational Policy for Firewall Administration Chief Information Officer Office of Information Services Centers for Medicare & Medicaid Services CMS Operational Policy for Firewall Administration July 16, 2008 Document Number: CMS-CIO-POL-INF11-01

More information

Maruleng Local Municipality

Maruleng Local Municipality Maruleng Local Municipality. 22 November 2011 1 Version Control Version Date Author(s) Details 1.1 23/03/2012 Masilo Modiba New Policy 2 Contents ICT Firewall Policy 1 Version Control.2 1. Introduction.....4

More information

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more

More information

Security Issues with Distributed Web Applications

Security Issues with Distributed Web Applications Security Issues with Distributed Web Applications Device Connectivity We are entering the era of Device Connectivity, which is the fourth wave of evolution for Internet-enabled applications. The first

More information

Voice Over IP (VoIP) Denial of Service (DoS)

Voice Over IP (VoIP) Denial of Service (DoS) Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based

More information

Network Security in Power Systems. Maja Knezev and Zarko Djekic

Network Security in Power Systems. Maja Knezev and Zarko Djekic Network Security in Power Systems Maja Knezev and Zarko Djekic Introduction Protection control Outline EMS, SCADA, RTU, PLC Attacks using power system Vulnerabilities Solution Conclusion Introduction Generator

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

Firewalls and VPNs. Principles of Information Security, 5th Edition 1

Firewalls and VPNs. Principles of Information Security, 5th Edition 1 Firewalls and VPNs Principles of Information Security, 5th Edition 1 Learning Objectives Upon completion of this material, you should be able to: Understand firewall technology and the various approaches

More information

Topics in Network Security

Topics in Network Security Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure

More information

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc. Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim

More information

Out of Control: SCADA Device Exploitation

Out of Control: SCADA Device Exploitation Out of Control: SCADA Device Exploitation Contents SCADA vs. DCS... 1 Network Architecture... 2 Components... 3 Historian... 4 Human Machine Interface... 4... 4 EWS Engineering Workstation... 4 PLC Programmable

More information

Reclamation Manual Directives and Standards

Reclamation Manual Directives and Standards Electronic Security Perimeter (ESP) Identification and Access Control Process 1. Introduction. A. This document outlines a multi-step process for identifying and protecting ESPs pursuant to the North American

More information

Virtual Private Networks Solutions for Secure Remote Access. White Paper

Virtual Private Networks Solutions for Secure Remote Access. White Paper Virtual Private Networks Solutions for Secure Remote Access White Paper Copyright Decipher Information Systems, 2005. All rights reserved. The information in this publication is furnished for information

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323

More information

Best practices on cellular M2M deployment. Paul Bunnell November 2014

Best practices on cellular M2M deployment. Paul Bunnell November 2014 Best practices on cellular M2M deployment Paul Bunnell November 2014 Overview Installation Security Product Trends Wrap up 2 Installation Considerations for installing cellular automation equipment: Cellular

More information

CIT 480: Securing Computer Systems. Network Security Concepts

CIT 480: Securing Computer Systems. Network Security Concepts CIT 480: Securing Computer Systems Network Security Concepts Topics 1. Policies and Assurance 2. Protocols and Layers 3. Layer 2 Network Concepts 4. MAC Spoofing 5. ARP 6. ARP Spoofing 7. Network Sniffing

More information

Network Security Infrastructure Testing

Network Security Infrastructure Testing Network Security Infrastructure Testing Version 1.2 October 12, 2005 Prepared by: Sandia National Laboratories Center for SCADA Security Project Lead Ray Parks Technical Lead Jason Hills Technical Support

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

8. Firewall Design & Implementation

8. Firewall Design & Implementation DMZ Networks The most common firewall environment implementation is known as a DMZ, or DeMilitarized Zone network. A DMZ network is created out of a network connecting two firewalls; i.e., when two or

More information

Benefits of Network Level Security at the RTU Level. By: Kevin Finnan and Philippe Willems

Benefits of Network Level Security at the RTU Level. By: Kevin Finnan and Philippe Willems By: Kevin Finnan and Philippe Willems Introduction New security capabilities at the remote terminal unit (RTU) level are substantially easing implementation of cyber security measures in SCADA systems.

More information

Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN)

Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN) Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN) Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 10-1 Virtual LANs Description: Group of devices

More information

Security Testing in Critical Systems

Security Testing in Critical Systems Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base

More information

Network Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering

Network Security. by David G. Messerschmitt. Secure and Insecure Authentication. Security Flaws in Public Servers. Firewalls and Packet Filtering Network Security by David G. Messerschmitt Supplementary section for Understanding Networked Applications: A First Course, Morgan Kaufmann, 1999. Copyright notice: Permission is granted to copy and distribute

More information

Secure Substation Automation for Operations & Maintenance

Secure Substation Automation for Operations & Maintenance Secure Substation Automation for Operations & Maintenance Byron Flynn GE Energy 1. Abstract Today s Cyber Security requirements have created a need to redesign the Station Automation Architectures to provide

More information

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness CISP BULLETIN Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness November 21, 2006 To support compliance with the Cardholder Information Security Program (CISP), Visa USA

More information

Secure Software Programming and Vulnerability Analysis

Secure Software Programming and Vulnerability Analysis Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview

More information

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What

More information

VOIP THE ULTIMATE GUIDE VERSION 1.0. 9/23/2014 onevoiceinc.com

VOIP THE ULTIMATE GUIDE VERSION 1.0. 9/23/2014 onevoiceinc.com VOIP THE ULTIMATE GUIDE VERSION 1.0 9/23/2014 onevoiceinc.com WHAT S IN THIS GUIDE? WHAT IS VOIP REQUIREMENTS OF A VOIP SYSTEM IMPLEMENTING A VOIP SYSTEM METHODS OF VOIP BENEFITS OF VOIP PROBLEMS OF VOIP

More information

Intelligent Infrastructure & Security

Intelligent Infrastructure & Security SYSTIMAX Solutions Intelligent Infrastructure & Security Using an Internet Protocol Architecture for Security Applications White Paper July 2009 www.commscope.com Contents I. Intelligent Building Infrastructure

More information

IDPS TECHNOLOGIES: AN OVERVIEW

IDPS TECHNOLOGIES: AN OVERVIEW IDPS TECHNOLOGIES: AN OVERVIEW Introduction 1. Intrusion detection is the process of monitoring the events occurring in a computer system or network and analyzing them for signs of possible incidents,

More information

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB

REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB REPORT ON AUDIT OF LOCAL AREA NETWORK OF C-STAR LAB Conducted: 29 th March 5 th April 2007 Prepared By: Pankaj Kohli (200607011) Chandan Kumar (200607003) Aamil Farooq (200505001) Network Audit Table of

More information

VPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu

VPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining

More information

Frequently Asked Questions (FAQ) About Modbus Conversion

Frequently Asked Questions (FAQ) About Modbus Conversion Frequently Asked Questions (FAQ) About Modbus Conversion Modbus Protocol Conversion between Serial and Ethernet Devices Modbus protocol is widely used in many automation applications and many devices support

More information

2. From a control perspective, the PRIMARY objective of classifying information assets is to:

2. From a control perspective, the PRIMARY objective of classifying information assets is to: MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

Security Issues with Integrated Smart Buildings

Security Issues with Integrated Smart Buildings Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern

More information

Using a VPN with CentraLine AX Systems

Using a VPN with CentraLine AX Systems Using a VPN with CentraLine AX Systems User Guide TABLE OF CONTENTS Introduction 2 What Is a VPN? 2 Why Use a VPN? 2 How Can I Set Up a VPN? 2 Important 2 Network Diagrams 2 Network Set-Up with a VPN 2

More information

ARP Poisoning An investigation into spoofing the Address Resolution Protocol

ARP Poisoning An investigation into spoofing the Address Resolution Protocol www.harmonysecurity.com info@harmonysecurity.com ARP Poisoning An investigation into spoofing the Address Resolution Protocol By Stephen Fewer Contents 1 Introduction... 2 2 Protocol Overview... 2 3 Protocol

More information

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks

More information

HMS Industrial Networks. Putting industrial applications on the cloud

HMS Industrial Networks. Putting industrial applications on the cloud HMS Industrial Networks Putting industrial applications on the cloud Whitepaper Best practices for managing and controlling industrial equipment remotely. HMS Industrial Networks Inc 35 E Wacker Drive,

More information

NETWORK SECURITY (W/LAB) Course Syllabus

NETWORK SECURITY (W/LAB) Course Syllabus 6111 E. Skelly Drive P. O. Box 477200 Tulsa, OK 74147-7200 NETWORK SECURITY (W/LAB) Course Syllabus Course Number: NTWK-0008 OHLAP Credit: Yes OCAS Code: 8131 Course Length: 130 Hours Career Cluster: Information

More information

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008 INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee

More information

Security in the smart grid

Security in the smart grid Security in the smart grid Security in the smart grid It s hard to avoid news reports about the smart grid, and one of the media s favorite topics is security, cyber security in particular. It s understandable

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 7 Administering a Secure Network

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 7 Administering a Secure Network Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 7 Administering a Secure Network Objectives List and describe the functions of common network protocols Explain how network administration

More information

GE Measurement & Control. Cyber Security for NEI 08-09

GE Measurement & Control. Cyber Security for NEI 08-09 GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4

More information

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT

IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT IMPLEMENTATION OF INTELLIGENT FIREWALL TO CHECK INTERNET HACKERS THREAT Roopa K. Panduranga Rao MV Dept of CS and Engg., Dept of IS and Engg., J.N.N College of Engineering, J.N.N College of Engineering,

More information

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,

More information

Wireless VPN White Paper. WIALAN Technologies, Inc. http://www.wialan.com

Wireless VPN White Paper. WIALAN Technologies, Inc. http://www.wialan.com Wireless VPN White Paper WIALAN Technologies, Inc. http://www.wialan.com 2014 WIALAN Technologies, Inc. all rights reserved. All company and product names are registered trademarks of their owners. Abstract

More information

Overview. Firewall Security. Perimeter Security Devices. Routers

Overview. Firewall Security. Perimeter Security Devices. Routers Overview Firewall Security Chapter 8 Perimeter Security Devices H/W vs. S/W Packet Filtering vs. Stateful Inspection Firewall Topologies Firewall Rulebases Lecturer: Pei-yih Ting 1 2 Perimeter Security

More information

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 1. Obtain previous workpapers/audit reports. FIREWALL CHECKLIST Pre Audit Checklist 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review. 3. Obtain current network diagrams

More information

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge

More information

Building A Secure Microsoft Exchange Continuity Appliance

Building A Secure Microsoft Exchange Continuity Appliance Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building

More information

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014 Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security

More information

Virtual Private Networks

Virtual Private Networks Virtual Private Networks ECE 4886 Internetwork Security Dr. Henry Owen Definition Virtual Private Network VPN! Virtual separation in protocol provides a virtual network using no new hardware! Private communication

More information

FIREWALL POLICY November 2006 TNS POL - 008

FIREWALL POLICY November 2006 TNS POL - 008 FIREWALL POLICY November 2006 TNS POL - 008 Introduction Network Security Services (NSS), a department of Technology and Network Services, operates a firewall to enhance security between the Internet and

More information

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006 WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able

More information

Network Security Administrator

Network Security Administrator Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze

More information

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A. 21, rue d Artois, F-75008 PARIS D2-102 CIGRE 2012 http : //www.cigre.org CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS Massimo Petrini (*), Emiliano Casale

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.

More information

Abstract. SCADA Security: Why is it so hard? Amol Sarwate Version 1.0 (November 2011)

Abstract. SCADA Security: Why is it so hard? Amol Sarwate  Version 1.0 (November 2011) SCADA Security: Why is it so hard? Amol Sarwate asarwate@qualys.com amol_s@yahoo.com Version 1.0 (November 2011) Abstract Industrial control systems (ICS), distributed control systems (DCS), Supervisory

More information

TestOut Network Pro English 4.0.x

TestOut Network Pro English 4.0.x x TestOut Network Pro English 4.0.x Videos: 141 (18:44:06) Demonstrations: 81 (10:47:01) Simulations: 92 Fact Sheets: 142 Exams: 101 CONTENTS: 0.0 INTRODUCTION 0.1 Using the Simulator 0.1.1 Using the Simulator

More information

Securing VoIP Networks using graded Protection Levels

Securing VoIP Networks using graded Protection Levels Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract

More information

Introduction to Network Systems Lesson Objectives

Introduction to Network Systems Lesson Objectives Unit 1: NETWORKING FUNDAMENTALS Networking Concepts Identify what every network needs. Explain what networks are and how they work. Differentiate between Peer-to-Peer and Client/Server architecture. Explain

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

The data can be transmitted through a variety of different communications platforms such as:

The data can be transmitted through a variety of different communications platforms such as: COMMUNICATION NETWORK General Overview of SCADA Communications Without a properly designed communication network system, a SCADA system cannot exist. All supervisory control and data acquisition aspects

More information

Architecture Overview

Architecture Overview Architecture Overview Design Fundamentals The networks discussed in this paper have some common design fundamentals, including segmentation into modules, which enables network traffic to be isolated and

More information

This chapter covers the following topics:

This chapter covers the following topics: This chapter covers the following topics: Components of SAFE Small Network Design Corporate Internet Module Campus Module Branch Versus Headend/Standalone Considerations for Small Networks C H A P T E

More information

United States Trustee Program s Wireless LAN Security Checklist

United States Trustee Program s Wireless LAN Security Checklist United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following

More information

Securing EtherNet/IP Using DPI Firewall Technology

Securing EtherNet/IP Using DPI Firewall Technology Securing EtherNet/IP Using DPI Firewall Technology www.odva.org Technical Track About Us Erik Schweigert Leads device firmware development at Tofino Security BSc in Computer Science from VIU Michael Thomas

More information

SIP Security Controllers. Product Overview

SIP Security Controllers. Product Overview SIP Security Controllers Product Overview Document Version: V1.1 Date: October 2008 1. Introduction UM Labs have developed a range of perimeter security gateways for VoIP and other applications running

More information

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD005.001. Effective Date: April 7, 2005 State of New Mexico Statewide Architectural Configuration Requirements Title: Network Security Standard S-STD005.001 Effective Date: April 7, 2005 1. Authority The Department of Information Technology

More information

Considerations for securing BAS networks

Considerations for securing BAS networks Considerations for securing BAS networks Updated 25-AUG-2003 Securing a computer system and keeping it secured is more than just a technical problem. Before getting bogged down in IT security issues, let

More information

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security

CTS2134 Introduction to Networking. Module 8.4 8.7 Network Security CTS2134 Introduction to Networking Module 8.4 8.7 Network Security Switch Security: VLANs A virtual LAN (VLAN) is a logical grouping of computers based on a switch port. VLAN membership is configured by

More information

Using VPNs over BGAN. Version BGAN solutions guide. 1/18 Using VPNs over BGAN

Using VPNs over BGAN. Version BGAN solutions guide.  1/18 Using VPNs over BGAN 1/18 Using VPNs over BGAN BGAN solutions guide Using VPNs over BGAN Version 01 15.05.06 www.inmarsat.com/bgan Whilst the information has been prepared by Inmarsat in good faith, and all reasonable efforts

More information

RuggedCom Solutions for

RuggedCom Solutions for RuggedCom Solutions for NERC CIP Compliance Rev 20080401 Copyright RuggedCom Inc. 1 RuggedCom Solutions Hardware Ethernet Switches Routers Serial Server Media Converters Wireless Embedded Software Application

More information

Industrial Communication. Securing Industrial Wireless

Industrial Communication. Securing Industrial Wireless Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...

More information

Document ID. Cyber security for substation automation products and systems

Document ID. Cyber security for substation automation products and systems Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has

More information

Network Address Translation, Remote Access and Virtual Private Networks

Network Address Translation, Remote Access and Virtual Private Networks Switch/Hub Router Translator 11/6/2014 Network Address Translation, Remote Access and Virtual Private Networks Outline Discussion of Network Address Translation How devices and home routers work Protocols

More information