OPC & Security Agenda
|
|
- Annis Boyd
- 8 years ago
- Views:
Transcription
1 OPC & Security Agenda Cyber Security Today Cyber Security for SCADA/IS OPC Security Overview OPC Security Products Questions & Answers 1
2 Introduction CYBER SECURITY TODAY The Need for Reliable Information Flow Reliable data communications is critical for modern ICS and SCADA: Production management systems Manufacturing execution systems Asset management systems Enterprise data historians Just in time manufacturing Regulatory compliance Remote maintenance support Ethernet, TCPIP and Windows are core technologies 2
3 The Stuxnet Worm July, 2010: Stuxnet worm was discovered attacking Siemens PCS7, S7 PLC and WIN CC systems around the world Infected 100,000 computers Infected at least 22 manufacturing sites Appears to have impacted its possible target, Iran s nuclear enrichment program Here Come the SCADA Vulnerabilities March 15: Gleg Ltd. (Russia) releases Agora SCADA+ exploit pack for Canvas. Used 11 0 day exploits ( grew to 54) March 21: security researcher (Italy) releases 34 vulnerabilities on 4 different platforms to public March 22 23: Vulnerabilities disclosed for 2 more ICS platforms April: Vulnerabilities disclosed for 5 additional ICS platforms 3
4 What Stuxnet Means to the ICS World Stuxnet has become a SCADA for Dummies training manual for the hacking community Security Researchers are focusing on SCADA/ICS because it is easy money/fame (little malicious intent) Actors with bad intent have access to the weapons: Download exploits for free (Italian list) Purchase tool kits (Gleg) Directed where to look for more vulnerabilities Some Lessons Learned SCADA and ICS are now targets of interest Most systems have many exploit opportunities The Son of Stuxnet is only a matter of time What system will it strike? 4
5 Concepts & Technologies UNDERSTANDING CYBER SECURITY FOR SCADA AND ICS The Bastion Model of Security A popular industrial security policy is to install single firewall between business and the control system. Known as the Bastion Model since it depends on a single point of security. Other examples of the bastion model: The Great Wall of China The Maginot Line 5
6 Layering Your Defenses #1 Manage risk with diverse and layered defensive strategies If one defence is compromised, another layer presents additional obstacles to the attacker Layering Your Defenses #2 Remember that attacks come in different flavors Each defensive layer can be optimized to deal with a specific range of threats. Technology Layer Example Solution Defense Against Network Security Firewall Scanning Malformed Packets Denial of Service Attacks Platform Security Anti virus software Known worms Application Security Account and Role Access Control Disgruntled Employees Inappropriate Access 6
7 Too Many Protocols ICS network can be an alphabet soup of network protocols and technologies Each protocol brings new hacker opportunities Reducing the Attack Surface Picking one or two universal protocols and sticking with them Reduces the Attack Surface Limits hacker opportunities Allows security focus 7
8 IT Security is not SCADA/ICS Security There are important differences between information technology (IT) networks and industrial automation and control systems networks. Problems occur because assumptions that are valid in the IT world may not be on the plant floor Some examples: Valid types of outbound traffic Importance of web customers What are the Critical protocols Desired state on failure An Example Assumption IT Assumption: Outbound traffic is safe, inbound traffic is unsafe Result: By default, all ports are blocked on the outside interface, and all ports are open on the inside interface of the security appliance. Cisco ASA 5500 Adaptive Security Appliances Document ID:
9 Its Impact on a Chemical Plant Plant Floor Reality: Cisco ASA firewall is installed between DCS and PLCs with DCS as SCADA master (thus inbound traffic to PLC must be allowed) Event: Firewall installed with default rule sets Impact: All traffic to PLCs is blocked, plant down for three hours SCADA/ICS Appropriate Technologies Deploy ICS appropriate security technologies to secure ICS/SCADA systems Look beyond traditional network layer firewalls, towards firewalls that are capable of deep packet inspection of key SCADA and ICS protocols 9
10 High Level Overview UNDERSTANDING OPC SECURITY OPC Classic World s leading technology for integrating different automation products. Defines the communication interface that exposes Automation data. Includes all OPC standards that are based on Microsoft's DCOM Technology. Security concerns due to DCOM. 10
11 OPC Security Considerations Cyber Security Network Security Network Security Who has Access? Secure OPC Architectures OPC Security What might they Do? Behavioral Security Process Security What can they Do? Common OPC Security Issues Unauthorized OPC Clients Authorized OPC Clients with too much power No layering of security OPC Servers implemented with no security restrictions Data privacy: Confidentiality 11
12 Issue: Unauthorized Access Keep out malicious users Keep out unauthorized clients Microsoft Windows Security ACL based User control: Windows Security Application Control: DCOM What DCOM Security Provides OPC Servers employ no security OPC Clients control OPC Servers Prevent unauthorized access DCOM ACLs used to limit who may: Launch (start) the server Access (communicate) with OPC server User 1 OPC Client OPC Server Access Control List User/Group Launch Access User 1 Yes Yes User 2 No Yes User 3 No (or not listed) No (or not listed) User 2 OPC Client OPC Server User 3 OPC Client 12
13 What Can Users Do? User Connects User Token Passed Full Access Granted Administrator Engineer Contractor DCOM Security User Connects User Token Passed Same Access granted to all Users (Authorization) Read Write Browse 13
14 OPC Security Specification Developed by OPC Foundation NT Security performs authentication OPC Server performs access authorization Access authorization based on either : 1. NT Access Token (preferred) Uses the Windows login name/password 2. Private Credential (IOPCSecurityPrivate) Special interface Both OPC Server and client support required OPC Security Specification User first passes DCOM security (Authentication) Access Certificate passed to OPC Server OPC Server grants access (Authorizes) Read Write Browse 14
15 Layering security Goals Give the least rights possible to authorized clients Eliminate ability to arbitrarily add client nodes One big firewall is not good enough DCOM and regular IT firewalls don t mix Employing OPC Security SECURE OPC COMPONENTS 15
16 Nested Security Perspectives Cyber Security Network Security Secure OPC Architectures Nested Security Perspectives Cyber Security Network Security Secure OPC Architectures 16
17 Leveraging OPC Security Specification is vendor neutral Vendor implementations vary: Most: Do not implement Some : Perform user authentication only OPC Security Gateway: Per User Per Tag Security Not all OPC products are made equal OPC Security In Action Tag level security User based ACL Read Write Browse ACL 17
18 OPC Security in Action Limited Tag Visibility Custom Read/Write Permission Read Write Browse ACL OPC Security in Action Tag level security Custom Read/Write Permissions Read Write Browse ACL 18
19 Example Company A Company B Read Write Browse Server Example Company A Company B Read Write Browse Server 19
20 Easy Permission Settings Per User Per Group Per Tag Example Company A Company B Read Write Browse Read Write Browse Server 20
21 Bringing it all together SECURING OPC ARCHITECTURES Securing Existing OPC Architectures Most OPC Servers: Do not support OPC Security Specification DCOM level authorization only Multi vendor OPC Architectures Typical Firewalls not used 21
22 Secure Data Access Corporate IT Server 1 Server 2 App Engineering Secure Data Access Corporate Tunneller IT Server 1 Server 2 App Engineering 22
23 Secure Data Access Corporate Tunneller IT Server 1 Server 2 App Engineering Secure OPC Components Minimize Accidental damage Control OPC Server Visibility Indirect access to multiple OPC Servers 23
24 MatrikonOPC Security Gateway Secures OPC architectures Hides OPC Servers from unauthorized users OPC Security Specification compliant Supports OPC DA and HDA Easy to use point and click security Your Turn QUESTIONS? 24
a Post-Stuxnet World The Future of Critical Infrastructure Security Eric Byres, P.Eng.
SCADA and CIP Security in a Post-Stuxnet World The Future of Critical Infrastructure Security Eric Byres, P.Eng. CTO, Byres Security Inc. What is Stuxnet? The Stuxnet Worm July, 2010: Stuxnet worm was
More informationEffective OPC Security for Control Systems - Solutions you can bank on
Effective Security for Control Systems - Solutions you can bank on Darek Kominek Manager, Marketing, Matrikon Eric Byres, P. Eng., ISA Fellow CTO, Byres Security Inc. Executive Summary There is a perception
More informationUsing Tofino to control the spread of Stuxnet Malware
technical datasheet Application Note Using Tofino to control the spread of Stuxnet Malware This application note describes how to use the Tofino Industrial Security Solution to prevent the spread of the
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationInnovative Defense Strategies for Securing SCADA & Control Systems
1201 Louisiana Street Suite 400 Houston, Texas 77002 Phone: 877.302.DATA Fax: 800.864.6249 Email: info@plantdata.com Innovative Defense Strategies for Securing SCADA & Control Systems By: Jonathan Pollet
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationN-Dimension Solutions Cyber Security for Utilities
AGENDA ITEM NO.: 3.A. MEETING DATE; 08/18/2014 N-Dimension Solutions Cyber Security for Utilities Cyber Security Protection for Critical Infrastructure Assets The cyber threat is escalating - Confidential
More informationIndustrial Firewalls Endpoint Security
Industrial Firewalls Endpoint Security Is there a need for a new type of industrial firewall? Industries have a huge park of different management and control systems to monitor their production. These
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 5 Firewall Planning and Design Learning Objectives Identify common misconceptions about firewalls Explain why a firewall
More informationUsing ISA/IEC 62443 Standards to Improve Control System Security
Tofino Security White Paper Version 1.2 Published May 2014 Using ISA/IEC 62443 Standards to Improve Control System Security Contents 1. Executive Summary... 1 2. What s New in this Version... 1 3. Why
More informationIndustrial Network Security and Connectivity. Tunneling Process Data Securely Through Firewalls. A Solution To OPC - DCOM Connectivity
Industrial Network Security and Connectivity Tunneling Process Data Securely Through Firewalls A Solution To OPC - DCOM Connectivity Manufacturing companies have invested billions of dollars in industrial
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationSecurity Testing in Critical Systems
Security Testing in Critical Systems An Ethical Hacker s View Peter Wood Chief Executive Officer First Base Technologies Who is Peter Wood? Worked in computers & electronics since 1969 Founded First Base
More informationSecuring EtherNet/IP Using DPI Firewall Technology
Securing EtherNet/IP Using DPI Firewall Technology www.odva.org Technical Track About Us Erik Schweigert Leads device firmware development at Tofino Security BSc in Computer Science from VIU Michael Thomas
More informationCYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric Challenges What challenges are there for Cyber Security in Industrial
More informationNetwork/Cyber Security
Network/Cyber Security SCAMPS Annual Meeting 2015 Joe Howland,VC3 Source: http://www.information-age.com/technology/security/123458891/how-7-year-old-girl-hacked-public-wi-fi-network-10-minutes Security
More informationIntro to Firewalls. Summary
Topic 3: Lesson 2 Intro to Firewalls Summary Basic questions What is a firewall? What can a firewall do? What is packet filtering? What is proxying? What is stateful packet filtering? Compare network layer
More informationIntegrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems. Enzo M. Tieghi etieghi@visionautomation.
Integrating Electronic Security into the Control Systems Environment: differences IT vs. Control Systems Enzo M. Tieghi etieghi@visionautomation.it Security IT & Control System Security: where are we?
More informationFundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals
Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals Learning Objective Explain the concepts of information systems security (ISS) as applied to an IT infrastructure.
More informationDesigning a security policy to protect your automation solution
Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...
More informationBuilding A Secure Microsoft Exchange Continuity Appliance
Building A Secure Microsoft Exchange Continuity Appliance Teneros, Inc. 215 Castro Street, 3rd Floor Mountain View, California 94041-1203 USA p 650.641.7400 f 650.641.7401 ON AVAILABLE ACCESSIBLE Building
More informationEnterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006
Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,
More informationKeeping the Lights On
Keeping the Lights On Fundamentals of Industrial Control Risks, Vulnerabilities, Mitigating Controls, and Regulatory Compliance Learning Goals o Understanding definition of industrial controls o Understanding
More informationAre you prepared to be next? Invensys Cyber Security
Defense In Depth Are you prepared to be next? Invensys Cyber Security Sven Grone Critical Controls Solutions Consultant Presenting on behalf of Glen Bounds Global Modernization Consultant Agenda Cyber
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationBasics of Internet Security
Basics of Internet Security Premraj Jeyaprakash About Technowave, Inc. Technowave is a strategic and technical consulting group focused on bringing processes and technology into line with organizational
More informationOPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering
OPC and DCOM: 5 things you need to know Author: Randy Kondor, B.Sc. in Computer Engineering OPC technology relies on Microsoft's COM and DCOM to exchange data between automation hardware and software;
More informationSecure Networking for Critical Infrastructure Using Service-aware switches for Defense-in-Depth deployment
Secure Networking for Critical Infrastructure Using Service-aware switches for Defense-in-Depth deployment Introduction 1 Distributed SCADA security 2 Radiflow Defense-in-Depth tool-set 4 Network Access
More informationSygate Secure Enterprise and Alcatel
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
More informationOPCNet Broker TM for Industrial Network Security and Connectivity
OPCNet Broker TM for Industrial Network Security and Connectivity Tunneling Process Data Securely Through Firewalls A Solution To OPC - DCOM Connectivity from Integration Objects Compatible for DA, HDA
More informationSecure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco
Secure Access into Industrial Automation and Systems Industry Best Practice and Trends Serhii Konovalov Venkat Pothamsetty Cisco Vendor offers a remote firmware update and PLC programming. Contractor asks
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationInspection of Encrypted HTTPS Traffic
Technical Note Inspection of Encrypted HTTPS Traffic StoneGate version 5.0 SSL/TLS Inspection T e c h n i c a l N o t e I n s p e c t i o n o f E n c r y p t e d H T T P S T r a f f i c 1 Table of Contents
More informationCyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services
Cyber Risk Mitigation via Security Monitoring Enhanced by Managed Services Focus: Up to But Not Including Corporate and 3 rd Party Networks Level 4 Corporate and 3 rd Party/Vendor/Contractor/Maintenance
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationMany network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes.
RimApp RoadBLOCK goes beyond simple filtering! Many network and firewall administrators consider the network firewall at the network edge as their primary defense against all network woes. However, traditional
More informationSECURING SAP NETWEAVER DEPLOYMENTS WITH SAFE-T RSACCESS
SECURING NETWEAVER DEPLOYMENTS A RSACCESS WHITE PAPER SECURING NETWEAVER DEPLOYMENTS 1 Introduction 2 NetWeaver Deployments 3 Safe-T RSAccess Overview 4 Securing NetWeaver Deployments with Safe-T RSAccess
More informationCyber Security in a Modern Process Network. Philip Nunn Product Manager - Industrial Networks
Cyber Security in a Modern Process Network Philip Nunn Product Manager - Industrial Networks 2 Philip Nunn Philip started work in the wider electrical industry with Crabtree Electrical, now a part of the
More informationCYBER SECURITY. Is your Industrial Control System prepared?
CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect Operation & Optimization Software Activity Schneider-Electric Challenges What challenges are there
More informationIndustrial Security for Process Automation
Industrial Security for Process Automation SPACe 2012 Siemens Process Automation Conference Why is Industrial Security so important? Industrial security is all about protecting automation systems and critical
More informationDeltaV System Cyber-Security
January 2013 Page 1 This paper describes the system philosophy and guidelines for keeping your DeltaV System secure from Cyber attacks. www.deltav.com January 2013 Page 2 Table of Contents Introduction...
More informationYou Don t Know What You Can t See: Network Security Monitoring in ICS Rob Caldwell
You Don t Know What You Can t See: Network Security Monitoring in ICS Rob Caldwell Mandiant, a FireEye company [2014 SANS European ICS Summit] About me Currently: Principal Consultant on Mandiant s Industrial
More informationKepware Technologies Remote OPC DA Quick Start Guide (DCOM)
Kepware Technologies Remote OPC DA Quick Start Guide (DCOM) March, 2013 Ref. 03.10 Kepware Technologies Table of Contents 1. Overview... 1 1.1 What is DCOM?... 1 1.2 What is OPCEnum?... 1 2. Users and
More informationTrends in Malware DRAFT OUTLINE. Wednesday, October 10, 12
Trends in Malware DRAFT OUTLINE Presentation Synopsis Security is often a game of cat and mouse as security professionals and attackers each vie to stay one step ahead of the other. In this race for dominance,
More informationEffective Defense in Depth Strategies
Honeywell.com 2014 Honeywell Users Group Asia Pacific Effective Defense in Depth Strategies for Industrial Systems 1 Document control number Honeywell Proprietary Honeywell.com Chee Ban, Ngai About the
More informationThe Benefits of SSL Content Inspection ABSTRACT
The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic
More informationHoneywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014
Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Process Solutions (HPS) June 4, Industrial Cyber Security Industrial Cyber Security is the leading provider of cyber security
More informationCYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.
21, rue d Artois, F-75008 PARIS D2-102 CIGRE 2012 http : //www.cigre.org CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS Massimo Petrini (*), Emiliano Casale
More informationTop five strategies for combating modern threats Is anti-virus dead?
Top five strategies for combating modern threats Is anti-virus dead? Today s fast, targeted, silent threats take advantage of the open network and new technologies that support an increasingly mobile workforce.
More informationCloud Services Prevent Zero-day and Targeted Attacks
Cloud Services Prevent Zero-day and Targeted Attacks WOULD YOU OPEN THIS ATTACHMENT? 2 TARGETED ATTACKS BEGIN WITH ZERO-DAY EXPLOITS Duqu Worm Causing Collateral Damage in a Silent Cyber-War Worm exploiting
More informationHACKING RELOADED. Hacken IS simple! Christian H. Gresser cgresser@nesec.de
HACKING RELOADED Hacken IS simple! Christian H. Gresser cgresser@nesec.de Agenda About NESEC IT-Security and control Systems Hacking is easy A short example where we currently are Possible solutions IT-security
More informationWatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
More informationCloak and Secure Your Critical Infrastructure, ICS and SCADA Systems
Cloak and Secure Your Critical Infrastructure, ICS and SCADA Systems Building Security into Your Industrial Internet Phillip Allison Tempered Networks Discussion topics Threats to network security TCP/IP
More informationTechnical Note. ForeScout CounterACT: Virtual Firewall
ForeScout CounterACT: Contents Introduction... 3 What is the vfw?.... 3 Technically, How Does vfw Work?.... 4 How Does vfw Compare to a Real Firewall?.... 4 How Does vfw Compare to other Blocking Methods?...
More informationHow To Manage A Network With Kepware
Simple Network Management Protocol (SNMP) Products Kepware Product Offerings from Eternity Sales SNMP OPC Server: SNMP Manager used to poll SNMP Agents/Devices SNMP Agent: used to make KEPServerEX data
More informationIntrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks
Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks Dale Peterson Director, Network Security Practice Digital Bond, Inc. 1580 Sawgrass Corporate Parkway, Suite 130 Sunrise, FL 33323
More informationDefending Against Cyber Attacks with SessionLevel Network Security
Defending Against Cyber Attacks with SessionLevel Network Security May 2010 PAGE 1 PAGE 1 Executive Summary Threat actors are determinedly focused on the theft / exfiltration of protected or sensitive
More informationSecure Networks for Process Control
Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than
More informationNetwork Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion
Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationDr. György Kálmán gyorgy@mnemonic.no
COMMUNICATION AND SECURITY IN CURRENT INDUSTRIAL AUTOMATION Dr. György Kálmán gyorgy@mnemonic.no Agenda Connected systems historical overview Current trends, concepts, pre and post Stuxnet Risks and threats
More informationSecurity for. Industrial. Automation. Considering the PROFINET Security Guideline
Security for Industrial Considering the PROFINET Security Guideline Automation Industrial IT Security 2 Plant Security Physical Security Physical access to facilities and equipment Policies & Procedures
More informationDCOM settings for computer-to-computer communication between OPC servers and OPC clients
DCOM settings for computer-to-computer communication between OPC servers and OPC clients 1. Introduction Under OPC DA, the "dcomcnfg" service program is used for computer-to-computer communication between
More informationProtecting Organizations from Cyber Attack
Protecting Organizations from Cyber Attack Cliff Glantz and Guy Landine Pacific Northwest National Laboratory (PNNL) PO Box 999 Richland, WA 99352 cliff.glantz@pnnl.gov guy.landine@pnnl.gov 1 Key Topics
More informationHow To Secure Your System From Cyber Attacks
TM DeltaV Cyber Security Solutions A Guide to Securing Your Process A long history of cyber security In pioneering the use of commercial off-the-shelf technology in process control, the DeltaV digital
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationHow to Configure Windows Firewall on a Single Computer
Security How to Configure Windows Firewall on a Single Computer Introduction Windows Firewall is a new feature of Microsoft Windows XP Service Pack 2 (SP2) that is turned on by default. It monitors and
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationInternet security: Shutting the doors to keep hackers off your network
Internet security: Shutting the doors to keep hackers off your network A Paralogic Networks Guide www.scholarisintl.com Introduction Like all revolutionary steps in technological development the Internet
More informationVladimir Yordanov Director of Technology F5 Networks, Asia Pacific v.yordanov@f5.com. Developments in Web Application and Cloud Security
Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific v.yordanov@f5.com Developments in Web Application and Cloud Security Forces of Change Workforce and IT trends 2 Applications 3 Web Application
More informationSCADA SYSTEMS AND SECURITY WHITEPAPER
SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of
More informationApplying the 80/20 approach for Operational Excellence. How to combat new age threats, optimize investments and increase security.
Applying the 80/20 approach for Operational Excellence How to combat new age threats, optimize investments and increase security Vinod Vasudevan Agenda Current Threat Landscape The 80/20 Approach Achieving
More informationRecommended Practice Case Study: Cross-Site Scripting. February 2007
Recommended Practice Case Study: Cross-Site Scripting February 2007 iii ACKNOWLEDGEMENT This document was developed for the U.S. Department of Homeland Security to provide guidance for control system cyber
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationWhy Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation www.lumeta.
Why Leaks Matter Leak Detection and Mitigation as a Critical Element of Network Assurance A publication of Lumeta Corporation www.lumeta.com Table of Contents Executive Summary Defining a Leak How Leaks
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More informationInformation Security. CS526 Topic 1
Information Security CS 526 Topic 1 Overview of the Course 1 Today s Security News Today: 220 million records stolen, 16 arrested in massive South Korean data breach A number of online gaming & movie ticket
More informationDIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014
DIVISION OF INFORMATION SECURITY (DIS) Information Security Policy Threat and Vulnerability Management V1.0 April 21, 2014 Revision History Update this table every time a new edition of the document is
More information74% 96 Action Items. Compliance
Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on July 02, 2013 11:12 AM 1 74% Compliance 96 Action Items Upcoming 0 items About PCI DSS 2.0 PCI-DSS is a legal obligation mandated
More informationUsing a VPN with CentraLine AX Systems
Using a VPN with CentraLine AX Systems User Guide TABLE OF CONTENTS Introduction 2 What Is a VPN? 2 Why Use a VPN? 2 How Can I Set Up a VPN? 2 Important 2 Network Diagrams 2 Network Set-Up with a VPN 2
More informationCybersecurity: An Innovative Approach to Advanced Persistent Threats
Cybersecurity: An Innovative Approach to Advanced Persistent Threats SESSION ID: AST1-R01 Brent Conran Chief Security Officer McAfee This is who I am 2 This is what I do 3 Student B The Hack Pack I used
More informationHolistic View of Industrial Control Cyber Security
Holistic View of Industrial Control Cyber Security A Deep Dive into Fundamentals of Industrial Control Cyber Security Learning Goals o Understanding security implications involving industrial control systems
More informationFirewalls, Tunnels, and Network Intrusion Detection
Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls
More informationIT Security and OT Security. Understanding the Challenges
IT Security and OT Security Understanding the Challenges Security Maturity Evolution in Industrial Control 1950s 5/4/2012 # 2 Technology Sophistication Security Maturity Evolution in Industrial Control
More informationUsing a VPN with Niagara Systems. v0.3 6, July 2013
v0.3 6, July 2013 What is a VPN? Virtual Private Network or VPN is a mechanism to extend a private network across a public network such as the Internet. A VPN creates a point to point connection or tunnel
More informationCyber Security Where Do I Begin?
ISPE Automation Forum Cyber Security Where Do I Begin? Don Dickinson Project Engineer Phoenix Contact ..50% more infected Web pages Click in the on one last and three you months won t of notice 2008 than
More informationSecurity Practices for Online Collaboration and Social Media
Cisco IT Best Practice Collaboration Security Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media January 2012 2013 Cisco and/or its affiliates. All rights reserved.
More informationUnderstanding and evaluating risk to information assets in your software projects
Understanding and evaluating risk to information assets in your software projects ugh.. what a mouthful Dana Epp Windows Security MVP Who am I? Microsoft Windows Security MVP Information Security Professional
More informationPAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ
PAVING THE PATH TO THE ELIMINATION A RSACCESS WHITE PAPER 1 The Traditional Role of DMZ 2 The Challenges of today s DMZ deployments 2.1 Ensuring the Security of Application and Data Located in the DMZ
More informationCS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013
CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access
More informationBlackRidge Technology Transport Access Control: Overview
2011 BlackRidge Technology Transport Access Control: Overview 1 Introduction Enterprises and government agencies are under repeated cyber attack. Attacks range in scope from distributed denial of service
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationSecurely Connect, Network, Access, and Visualize Your Data
Securely Connect, Network, Access, and Visualize Your Data 1 Who is Skkynet? Skkynet is the Parent company of; - Cogent Real-Time Systems Established in 1994 Focus on Industrial Automation software Cogent
More informationWhat is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?
What is a Firewall? Computer Security Firewalls fire wall 1 : a wall constructed to prevent the spread of fire 2 usually firewall : a computer or computer software that prevents unauthorized access to
More informationDecrease your HMI/SCADA risk
Decrease your HMI/SCADA risk Key steps to minimize unplanned downtime and protect your organization. Are you running your plant operations with serious risk? Most industrial applications lack recommended
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More informationIDS or IPS? Pocket E-Guide
Pocket E-Guide IDS or IPS? Differences and benefits of intrusion detection and prevention systems Deciding between intrusion detection systems (IDS) and intrusion prevention systems (IPS) is a particularly
More information