Industrial Control Systems Vulnerabilities and Security Issues and Future Enhancements
|
|
- Roderick Phelps
- 8 years ago
- Views:
Transcription
1 , pp Industrial Control Systems Vulnerabilities and Security Issues and Future Enhancements Hongseok Chae 1, AAmir Shahzad 1, Muhammad Irfan 2, HyangRan Lee 1, Malrey Lee 1* 1, 1* ,Center for Advanced Image and Information Technology, School of Electronics & Information Engineering, Chon Buk National University, , 1Ga, Deokjin-Dong, Jeonju, Chon Buk, Korea 2 Infrastructure University Kuala Lumpur (IUKL), Malaysia Kuala Lumpur,Malaysia {Irfanview2}@@gmail.com Abstract. Massive numbers of applications have been developed to fulfill the requirements of end-users; the world is considered as a cell of communication in which applications are centralized and distributed, and accessed by internet. Like traditional networks, real time networks such as supervisory control and data acquisition (SCADA) systems, distributed controller systems (DCSs) and others have been employing the internet technology to connect their various stations, and with central controller(s). Internet technology brought several benefits in terms of real time delivery of information to, and between geographical located stations; but at the other side, numerous of security issues have also been accounted and considered to be dangerous for information delivery. In survey, numbers of vulnerabilities and security issues are identified by reviewing of existing researches in real time networks, existing security developments are also reviewed and analyzed, and future directions are highlighted that will enhance the security in real time transmission(s). Keywords: Real time systems; Supervisory control and data acquisition systems; Distributed controller systems 1 Introduction The industrial control systems (ICSs) have been developed in various infrastructure sectors such as electrical sectors, water and water distribution systems, oil miles, gas stations, automobile and transportations sectors and others, and gaining popularity day-day in industrial processing and automation due to revolution of modern information technology (IT). Typical industrial control systems (ICSs) are divided into three main categories including supervisory control and data acquisition ISSN: ASTL Copyright 2015 SERSC
2 (SCADA) systems, distributed controller systems (DCSs) and programmable logical controllers (PLCs). Fig. 1. ICS Network and Operations ICS performs several operations as part of industries and basic there components such as control loop, human-machine interface (HMI) and diagnostics and maintenance applications, which mange the ICS operations [1], [2]. Fig 1 shows the basic network structure of ICS. 2 Existing work and security analysis The cloud computing is a new technology for industrial control systems (ICSs) and it s provide most efficient and scalable communication with minimal cost. Usually, ICS hardware s and software s are very expensive and difficult to understand and operates, or required deep knowledge during configuration and setup [4], [6]. However, cloud computing infrastructure provides easy and cheap access to ICS apparatus, while employing the cloud models [4]. Several remote units are geographically distributed and can access the services of main controller via cloud over internet. ICS have been employing proprietary protocols such as DNP3, Modbus, Field bus, Profibus and other IEC standards, and open protocols such as TCP/IP and UDP, are required to transmit information over internet [4], [5]. As consequence, number of vulnerabilities and security issues are accounted due to large interconnectivity between proprietary protocols and non- proprietary protocols (or networks); few common vulnerabilities and security attacks are considered and are depicted in table 1[1 12]. Table 1. Security Attacks and Vulnerabilities Attacks Integrity Attacks, Authentication Attacks, confidentiality Attacks, Non-Repudiation Attacks, Unauthorized Access Control, Bot-network operators, Criminal groups, Phishers, Spammers and Spyware/malware, etc. Copyright 2015 SERSC 145
3 Vulnerabi lities[1] Inadequate security policy, No formal ICS security Inadequate security architecture, Lack of security administrative, no security audits, Lack of configuration, No proper OS and application security, Lack of adequate password policy Inadequate access controls applied, Inadequate testing of security changes, Insecure remote access on ICS components, Use of insecure industry-wide ICS protocols, Incidents are not detected, Malware protection software not installed, Weak network security architecture, Poorly configured security equipment, Passwords are not encrypted in transit, Inadequate access controls applied, No security perimeter defined, Inadequate firewall and router logs, No security monitoring on the ICS network, Lack of integrity checking for communications, Authentication of users, Inadequate authentication between clients and access points, Inadequate data protection between clients and access points and others. In paper [4], [5], [13], security mechanism using cryptograph algorithms has deployed to enhance the security of SCADA system and also gives directions for further developments. Key encryption is a time minimized security solution, while comparing with other encryption standards. Time is a very important factor, which has been counted for SCADA system [13]. Therefore, key encryption solution is proposed to secure the SCADA communication with time acquirements in mind. In this solution, message is not encrypted, only key or secret key is appended with desired message [4], [13]. Subsequently, key hash digest has been calculated and encrypted with private key. Then appended secret key and encrypted key hash digest is encrypted again with public key [4], [5], [12], [13]. This security solution significantly secured the SCADA communication against potential attacks including authentication attacks, integrity attacks, confidentiality attacks and non-repudiation attacks and required less time during encryption/decryption process [12], [13]. Cryptography dynamic buffer (CDB) has been proposed [14] after analyzing the detail existing security issues of SCADA system. The CDB is employed during whole security designed and implementation within SCADA protocol or DNP3 protocol. CBD has number of variable size fields that are utilized for security development within SCADA/DNP3 protocol [12 14]. During SCADA communication, the CBD kept the tracks of whole security implementation and its related detail such as sender/receiver port number and IP address, the sender/receiver security solution selection process according to communication needs, flow of bytes from lower to upper layer within stack and vice versa, indication of critical/non critical bytes that help to identify the authorized/ nonauthorized entity in SCADA communication and others [4], [5], [14]. The security solutions are implemented and validated successfully according to the SCADA/DNP3 communications needs and measured results are also compared with end-to-end performances [5], [12 14]. 3 Conclusion and future work This is a short report that reviews the industrial control system (ICS) and its major parts such as SCADA system, DCS and others (i.e., PLCs). The massive connectivity of real time systems with open networks over internet, made the communication of these system more vulnerable from various types of potential attacks (i.e., as discussed in literature). Real time access(or transmission) is more critical due to 146 Copyright 2015 SERSC
4 time limitations and more error, and attack prone, while comparing with traditional networks access, e.g., client/server applications or/and information exchanging between recipients in local area network(lan) and wide area network(wan). The current study made a review on potential vulnerabilities and on attacks that are residing in transmission of real time systems and also provides future directions (or analyzes the existing security mechanisms) that would be significant in enhancement of existing security References 1. Stouffer, J. Falco, K.Kent, 2006, Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security, Recommendations of the National Institute of Standards and Technology 2. Clarke, D. Reynders, E. Wright, 2004, Practical Modern SCADA Protocols: DNP3, and Related Systems. 3. S. Musa, A. Shahzad, A.Aborujilah, Secure security model implementation for security services and related attacks base on end- To-end, application layer and data link layer security, Proceeding ICUIMC '2013 Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, 2013, DOI: / Musa; Shahzad. A ; Aborujilah, Secure security model implementation for security services and related attacks base on end-to-end, application layer and data link layer security, Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication, doi: / Jeffrey Hieb; James Graham; Sandip Patel, Security Enhancements for Distributed Control Systems, Critical Infrastructure Protection, IFIP International Federation for Information Processing Volume 253, 2008, pp doi: / _10 6. Shahzad, S., A. Aborujilah, M. Irfan, A Performance Approach: SCADA System Implementation within Cloud Computing Environment, ACSAT 2013, IEEE, doi: /ACSAT Hyung Jun Kim, Security and Vulnerability of SCADA Systems over IP-Based Wireless Sensor Networks, International Journal of Distributed Sensor Networks, vol. 2012, , 10 pages, doi: /2012/ Sugwon Hong; Myongho Lee, Challenges and Direction toward Secure Communication in the SCADA System, Communication Networks and Services Research Conference (CNSR), 2010 doi: /CNSR Zio, E.; Sansavini, G., "Vulnerability of Smart Grids With Variable Generation and Consumption: A System of Systems Perspective," Systems, Man, and Cybernetics: Systems, IEEE Transactions on, vol.43, no.3, pp.477,487, HyungJun Kim, Security and Vulnerability of SCADA Systems over IP-Based Wireless Sensor Networks, International Journal of Distributed Sensor Networks, vol. 2012, Article ID , pp.10. doi: /2012/ Hong; S. Lee, Challenges and perspectives in security measures for the SCADA system, In Proc. 5th Myongji-Tsinghua University Joint Seminar on Protection & Automation, A. Shahzad, S. Musa, M. Irfan, N-Secure Cryptography Solution for SCADA Security Enhancement, Trends in Applied Sciences Research, 2014, 9: doi: /tasr Shahzad, S., M. Irfan, Key Encryption Method for SCADA Security Enhancement, Journal of Applied Sciences,2014, DOI: /jas Copyright 2015 SERSC 147
5 14. A. Shahzad, S. Musa, M. Irfan, S. Asadullah, Deployment of New Dynamic Cryptography Buffer for SCADA Security Enhancement, Journal of Applied Sciences, 2014, 14: doi: /jas Copyright 2015 SERSC
THE SCADA REVIEW: SYSTEM COMPONENTS, ARCHITECTURE, PROTOCOLS AND FUTURE SECURITY TRENDS
American Journal of Applied Sciences 11 (8): 1418-1425, 2014 ISSN: 1546-9239 2014 A. Shahzad et al., This open access article is distributed under a Creative Commons Attribution (CC-BY) 3.0 license doi:10.3844/ajassp.2014.1418.1425
More informationWireless Communications for SCADA Systems Utilizing Mobile Nodes
, pp. 1-8 http://dx.doi.org/10.14257/ijsh.2013.7.5.01 Wireless Communications for SCADA Systems Utilizing Mobile Nodes Minkyu Choi Security Engineering Research Support Center, Daejon, Republic of Korea
More informationA Concise Model to Evaluate Security of SCADA Systems based on Security Standards
A Concise Model to Evaluate Security of SCADA Systems based on Security Standards Nasser Aghajanzadeh School of Electrical and Computer Engineering, Shiraz University, Shiraz, Iran Alireza Keshavarz-Haddad
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationISACA rudens konference
ISACA rudens konference 8 Novembris 2012 Procesa kontroles sistēmu drošība Andris Lauciņš Ievads Kāpēc tēma par procesa kontroles sistēmām? Statistics on incidents Reality of the environment of industrial
More informationSCADA System Security, Complexity, and Security Proof
SCADA System Security, Complexity, and Security Proof Reda Shbib, Shikun Zhou, Khalil Alkadhimi School of Engineering, University of Portsmouth, Portsmouth, UK {reda.shbib,shikun.zhou,khalil.alkadhimi}@port.ac.uk
More informationScheme to Secure Communication of SCADA Master Station and Remote HMI s through Smart Phones
보안공학연구논문지 (Journal of Security Engineering), 제 8권 제 3호 2011년 6월 Scheme to Secure Communication of SCADA Master Station and Remote HMI s through Smart Phones Rosslin John Robles 1) and Tai-hoon Kim 2) Abstract
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationSCADA Security: Challenges and Solutions
SCADA Security: Challenges and Solutions June 2011 / White paper by Metin Ozturk, Philip Aubin Make the most of your energy Summary Executive Summary... p 2 Protecting Critical Infrastructure Includes
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationThis is a preview - click here to buy the full publication
TECHNICAL REPORT IEC/TR 62443-3-1 Edition 1.0 2009-07 colour inside Industrial communication networks Network and system security Part 3 1: Security technologies for industrial automation and control systems
More informationSecuring Distribution Automation
Securing Distribution Automation Jacques Benoit, Cooper Power Systems Serge Gagnon, Hydro-Québec Luc Tétreault, Hydro-Québec Western Power Delivery Automation Conference Spokane, Washington April 2010
More informationNetwork Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶
Network Security 網 路 安 全 Lecture 1 February 20, 2012 洪 國 寶 1 Outline Course information Motivation Introduction to security Basic network concepts Network security models Outline of the course 2 Course
More informationAdvancement in Virtualization Based Intrusion Detection System in Cloud Environment
Advancement in Virtualization Based Intrusion Detection System in Cloud Environment Jaimin K. Khatri IT Systems and Network Security GTU PG School, Ahmedabad, Gujarat, India Mr. Girish Khilari Senior Consultant,
More informationA Proposed Integration of Hierarchical Mobile IP based Networks in SCADA Systems
, pp. 49-56 http://dx.doi.org/10.14257/ijsh.2013.7.5.05 A Proposed Integration of Hierarchical Mobile IP based Networks in SCADA Systems Minkyu Choi 1 and Ronnie D. Caytiles 2 1 Security Engineering Research
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationSecurity Threats on National Defense ICT based on IoT
, pp.94-98 http://dx.doi.org/10.14257/astl.205.97.16 Security Threats on National Defense ICT based on IoT Jin-Seok Yang 1, Ho-Jae Lee 1, Min-Woo Park 1 and Jung-ho Eom 2 1 Department of Computer Engineering,
More informationSCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005
SCADA System Security ECE 478 Network Security Oregon State University March 7, 2005 David Goeke Hai Nguyen Abstract Modern public infrastructure systems
More informationCAISO Information Security Requirements for the Energy Communication Network (ECN)
Page 1 of 11 REVISION HISTORY VERSION DATE DESCRIPTION DRAFT 0.1 11/27/2002 Initial Draft 1.0 10/13/2003 Initially Released Version 1.1 11/15/2005 Minor clean-up. 1.2 05/30/2006 New logo and appendix change
More informationa) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)
MIS5206 Week 12 Your Name Date 1. Which significant risk is introduced by running the file transfer protocol (FTP) service on a server in a demilitarized zone (DMZ)? a) User from within could send a file
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationHolistic View of Industrial Control Cyber Security
Holistic View of Industrial Control Cyber Security A Deep Dive into Fundamentals of Industrial Control Cyber Security Learning Goals o Understanding security implications involving industrial control systems
More informationHMS Industrial Networks. Putting industrial applications on the cloud
HMS Industrial Networks Putting industrial applications on the cloud Whitepaper Best practices for managing and controlling industrial equipment remotely. HMS Industrial Networks Inc 35 E Wacker Drive,
More informationThe Advantages of an Integrated Factory Acceptance Test in an ICS Environment
The Advantages of an Integrated Factory Acceptance Test in an ICS Environment By Jerome Farquharson, Critical Infrastructure and Compliance Practice Manager, and Alexandra Wiesehan, Cyber Security Analyst,
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationCloud-based Distribute Processing of User-Customized Mobile Interface in U-Sensor Network Environment
, pp.18-22 http://dx.doi.org/10.14257/astl.2013.42.05 Cloud-based Distribute Processing of User-Customized Mobile Interface in U-Sensor Network Environment Changhee Cho 1, Sanghyun Park 2, Jadhav Yogiraj
More informationIndustrial Security Solutions
Industrial Security Solutions Building More Secure Environments From Enterprise to End Devices You have assets to protect. Control systems, networks and software can all help defend against security threats
More informationIT Networking and Security
elearning Course Outlines IT Networking and Security powered by Calibrate elearning Course Outline CompTIA A+ 801: Fundamentals of Computer Hardware/Software www.medallionlearning.com Fundamentals of Computer
More informationOn the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks
CIBSI 2013 Panama City, Panama, October 30 th, 2013 On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks Paulo Simões, Tiago Cruz, Jorge Gomes, Edmundo Monteiro psimoes@dei.uc.pt
More informationTesting Intelligent Device Communications in a Distributed System
Testing Intelligent Device Communications in a Distributed System David Goughnour (Triangle MicroWorks), Joe Stevens (Triangle MicroWorks) dgoughnour@trianglemicroworks.com United States Smart Grid systems
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationSecure SCADA Network Technology and Methods
Secure SCADA Network Technology and Methods FARKHOD ALSIHEROV, TAIHOON KIM Dept. Multimedia Engineering Hannam University Daejeon, South Korea sntdvl@yahoo.com, taihoonn@paran.com Abstract: The overall
More informationNetwork Security Administrator
Network Security Administrator Course ID ECC600 Course Description This course looks at the network security in defensive view. The ENSA program is designed to provide fundamental skills needed to analyze
More informationCloud Computing for SCADA
Cloud Computing for SCADA Moving all or part of SCADA applications to the cloud can cut costs significantly while dramatically increasing reliability and scalability. A White Paper from InduSoft Larry
More informationEasily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC
Easily Connect, Control, Manage, and Monitor All of Your Devices with Nivis Cloud NOC As wireless standards develop and IPv6 gains widespread adoption, more and more developers are creating smart devices
More informationSecurity Issues in SCADA Networks
Security Issues in SCADA Networks by V. M. Igure, S. A. Laughter, and R. D. Williams Computers & Security, 25(7): 498-506, 2006 presented by Ruilong Deng Postdoctoral Research Fellow School of Electrical
More informationMANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But
More informationFieldbus Protocol For Secured Wireless Sensor Network Communication in Process Automation
Fieldbus Protocol For Secured Wireless Sensor Network Communication in Process Automation 92 Dr.S.Udayakumar* and S.Ananthi** *National Institute of Technical Teacher s Training and Research (NITTT&R),
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationPCI DSS Requirements - Security Controls and Processes
1. Build and maintain a secure network 1.1 Establish firewall and router configuration standards that formalize testing whenever configurations change; that identify all connections to cardholder data
More informationBlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationDATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0
DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS
More informationSEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID
SEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID ZBIGNIEW KALBARCZYK EMAIL: KALBARCZ@ILLINOIS.EDU UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN JANUARY 2014
More informationNetwork Security Infrastructure Testing
Network Security Infrastructure Testing Version 1.2 October 12, 2005 Prepared by: Sandia National Laboratories Center for SCADA Security Project Lead Ray Parks Technical Lead Jason Hills Technical Support
More informationCyber Security of the Power Grid
Cyber Security of the Power Grid Chen-Ching Ching Liu Professor of Power Systems University College Dublin Research for Ireland s Future Ireland -Country of natural beauty -Quality of life ranked among
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationA Study of Key management Protocol for Secure Communication in Personal Cloud Environment
, pp.51-58 http://dx.doi.org/10.14257/ijsia.2014.8.4.05 A Study of Key management Protocol for Secure Communication in Personal Cloud Environment ByungWook Jin 1 and Keun-Wang Lee 2,* 1 Dept. of Computer
More informationSCADA Protocols and Security
WHITE PAPER ON SCADA Protocols and Security Prepared by Mohammed Samiuddin www.itmr.ac.in Contents INTRODUCTION... 2 SCADA PROTOCOL AND SECURITY... 3 SCADA PROTOCAL... 3 DISTRIBUTED NETWORK PROTOCAL (DNP)...
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationAN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS
http://dx.doi.org/10.5516/net.04.2012.091 AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS JAE-GU SONG *, JUNG-WOON LEE, GEE-YONG PARK, KEE-CHOON KWON,
More informationPCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst. 2010. Page 1 of 7 www.ecfirst.com
Policy/Procedure Description PCI DSS Policies Install and Maintain a Firewall Configuration to Protect Cardholder Data Establish Firewall and Router Configuration Standards Build a Firewall Configuration
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationCurrent and Future Research into Network Security Prof. Madjid Merabti
Current and Future Research into Network Security Prof. Madjid Merabti School of Computing & Mathematical Sciences Liverpool John Moores University UK Overview Introduction Secure component composition
More informationSecurity for. Industrial. Automation. Considering the PROFINET Security Guideline
Security for Industrial Considering the PROFINET Security Guideline Automation Industrial IT Security 2 Plant Security Physical Security Physical access to facilities and equipment Policies & Procedures
More informationDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...
More informationA Research Using Private Cloud with IP Camera and Smartphone Video Retrieval
, pp.175-186 http://dx.doi.org/10.14257/ijsh.2014.8.1.19 A Research Using Private Cloud with IP Camera and Smartphone Video Retrieval Kil-sung Park and Sun-Hyung Kim Department of Information & Communication
More informationLAB FORWARD. WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS
LAB FORWARD WITH PROService RMS TECHNOLOGY, ARCHITECTURE AND SECURITY INFORMATION FOR IT PROFESSIONALS Medical diagnostics are a vital part of the modern healthcare system, and instrument uptime is critical
More informationHow to Choose the Right Industrial Firewall: The Top 7 Considerations. Li Peng Product Manager
How to Choose the Right Industrial Firewall: The Top 7 Considerations Li Peng Product Manager The right industrial firewall can strengthen the safety and reliability of control systems Central to industrial
More informationData Storage Security in Cloud Computing
Data Storage Security in Cloud Computing Prashant M. Patil Asst. Professor. ASM s, Institute of Management & Computer Studies (IMCOST), Thane (w), India E_mail: prashantpatil11@rediffmail.com ABSTRACT
More informationA Noble Integrated Management System based on Mobile and Cloud service for preventing various hazards
, pp.166-171 http://dx.doi.org/10.14257/astl.205.98.42 A Noble Integrated Management System based on Mobile and Cloud service for preventing various hazards Yeo ChangSub 1, Ryu HyunKi 1 and Lee HaengSuk
More informationModule 8. Network Security. Version 2 CSE IIT, Kharagpur
Module 8 Network Security Lesson 3 Firewalls Specific Instructional Objectives On completion of this lesson, the students will be able to answer: What a firewall is? What are the design goals of Firewalls
More informationApplication Note. Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder )
Application Note Providing Secure Remote Access to Industrial Control Systems Using McAfee Firewall Enterprise (Sidewinder ) This document describes how to configure McAfee Firewall Enterprise to provide
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationSCADA SYSTEMS AND SECURITY WHITEPAPER
SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of
More informationRoger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative
Roger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative November 2014 Disclaimer Current SCADA Vulnerability Factors Industrial Control Systems 101 Proposed Countermeasures
More informationICS, SCADA, and Non-Traditional Incident Response. Kyle Wilhoit Threat Researcher, Trend Micro
ICS, SCADA, and Non-Traditional Incident Response Kyle Wilhoit Threat Researcher, Trend Micro 1 $whoami Threat Researcher, FTR, Trend Micro Threat Researcher at Trend Micro- research and blogger on criminal
More informationA Resilient Device Monitoring System in Collaboration Environments
, pp.103-114 http://dx.doi.org/10.14257/ijsh.2014.8.5.10 A Resilient Device Monitoring System in Collaboration Environments KeeHyun Park 1 and JongHwi Lee 1 Department of Computer Engineering, Keimyung
More informationA Security Mechanism for Remote Monitoring System Security using Smartphone
A Security Mechanism for Remote Monitoring System Security using Smartphone Sungjae Yu Chau Ngoc Tu Souhwan Jung School of Electronic Engineering Soongsil University SEOUL, KOREA {ysj77777, chaungoctu,
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationBenefits of Network Level Security at the RTU Level. By: Kevin Finnan and Philippe Willems
By: Kevin Finnan and Philippe Willems Introduction New security capabilities at the remote terminal unit (RTU) level are substantially easing implementation of cyber security measures in SCADA systems.
More informationWhite Paper. BD Assurity Linc Software Security. Overview
Contents 1 Overview 2 System Architecture 3 Network Settings 4 Security Configurations 5 Data Privacy and Security Measures 6 Security Recommendations Overview This white paper provides information about
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationA Survey on Security Threats and Security Technology Analysis for Secured Cloud Services
, pp.21-30 http://dx.doi.org/10.14257/ijsia.2013.7.6.03 A Survey on Security Threats and Security Technology Analysis for Secured Cloud Services Changsoo Lee 1, Daewon Jung 2 and Keunwang Lee 3 1 Dept.
More informationMANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE
WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both. But it s
More informationTHE FUTURE OF SMART GRID COMMUNICATIONS
THE FUTURE OF SMART GRID COMMUNICATIONS KENNETH C. BUDKA CTO STRATEGIC INDUSTRIES MAY 2014 THE GRID OF THE FUTURE WIDE-SCALE DEPLOYMENT OF RENEWABLES INCREASED ENERGY EFFICIENCY PEAK POWER REDUCTION, DEMAND
More informationConsiderations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.
Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet
More informationSINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT
SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTING SECURITY ENVIRONMENT K.karthika 1, M. Daya kanimozhi Rani 2 1 K.karthika, Assistant professor, Department of IT, Adhiyamaan College of Engineering, Hosur
More informationChapter 8 Security. IC322 Fall 2014. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012
Chapter 8 Security IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross, All
More informationPrinciples of Information Assurance Syllabus
Course Number: Pre-requisite: Career Cluster/Pathway: Career Major: Locations: Length: 8130 (OHLAP Approved) Fundamentals of Technology or equivalent industry certifications and/or work experience. Information
More informationSection 1 CREDIT UNION Member Information Security Due Diligence Questionnaire
SAMPLE CREDIT UNION INFORMATION SECURITY DUE DILIGENCE QUESTIONNAIRE FOR POTENTIAL VENDORS Section 1 CREDIT UNION Member Information Security Due Diligence Questionnaire 1. Physical security o Where is
More informationA Strategic Approach to Protecting SCADA and Process Control Systems
IBM Internet Security Systems White Paper A Strategic Approach to Protecting SCADA and Process Control Systems A Strategic Approach to Protecting SCADA and Process Control Systems 1 Table of Contents ABSTRACT..................................................................2
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationInformation Security Basic Concepts
Information Security Basic Concepts 1 What is security in general Security is about protecting assets from damage or harm Focuses on all types of assets Example: your body, possessions, the environment,
More informationWISE-4000 Series. WISE IoT Wireless I/O Modules
WISE-4000 Series WISE IoT Wireless I/O Modules Bring Everything into World of the IoT WISE IoT Ethernet I/O Architecture Public Cloud App Big Data New WISE DNA Data Center Smart Configure File-based Cloud
More informationDirectory and File Transfer Services. Chapter 7
Directory and File Transfer Services Chapter 7 Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP over traditional authentication systems Identify major
More informationThe State-of-the-State of Control System Cyber Security
The State-of-the-State of Control System Cyber Security Prepared for HTCIA September 19, 2012 Joe Weiss PE, CISM, CRISC, ISA Fellow (408) 253-7934 joe.weiss@realtimeacs.com Summary Control systems are
More informationCyber Security Controls Assessment : A Critical Discipline of Systems Engineering
Cyber Controls : A Critical Discipline of Systems 14 th Annual NDIA Systems San Diego, CA October 24-28, 2011 Bharat Shah Lockheed Martin IS&GS bharat.shah@lmco.com Purpose Provide an overview on integrating
More informationSCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards
SCADA Compliance Tools For NERC-CIP The Right Tools for Bringing Your Organization in Line with the Latest Standards OVERVIEW Electrical utilities are responsible for defining critical cyber assets which
More informationDraft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications
Draft ITU-T Recommendation X.805 (Formerly X.css), architecture for systems providing end-to-end communications Summary This Recommendation defines the general security-related architectural elements that
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationnwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.
CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationDNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices
DNP SCADA to SCADA Over : Standards, Regulations Security and Best Practices Earl Emerson, Director Systems Engineering RAD Data Communications 2014 Utilities Telecom Council of Canada Motivations for
More informationNetwork Security: A Practical Approach. Jan L. Harrington
Network Security: A Practical Approach Jan L. Harrington ELSEVIER AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Morgan Kaufmann is an imprint of
More informationA Systems Approach to HVAC Contractor Security
LLNL-JRNL-653695 A Systems Approach to HVAC Contractor Security K. M. Masica April 24, 2014 A Systems Approach to HVAC Contractor Security Disclaimer This document was prepared as an account of work sponsored
More informationA Model Design of Network Security for Private and Public Data Transmission
2011, TextRoad Publication ISSN 2090-424X Journal of Basic and Applied Scientific Research www.textroad.com A Model Design of Network Security for Private and Public Data Transmission Farhan Pervez, Ali
More information