OPC & Security Agenda

Transcription

1 OPC & Security Agenda Cyber Security Today Cyber Security for SCADA/IS OPC Security Overview OPC Security Products Questions & Answers 1

2 Introduction CYBER SECURITY TODAY The Need for Reliable Information Flow Reliable data communications is critical for modern ICS and SCADA: Production management systems Manufacturing execution systems Asset management systems Enterprise data historians Just in time manufacturing Regulatory compliance Remote maintenance support Ethernet, TCPIP and Windows are core technologies 2

3 The Stuxnet Worm July, 2010: Stuxnet worm was discovered attacking Siemens PCS7, S7 PLC and WIN CC systems around the world Infected 100,000 computers Infected at least 22 manufacturing sites Appears to have impacted its possible target, Iran s nuclear enrichment program Here Come the SCADA Vulnerabilities March 15: Gleg Ltd. (Russia) releases Agora SCADA+ exploit pack for Canvas. Used 11 0 day exploits ( grew to 54) March 21: security researcher (Italy) releases 34 vulnerabilities on 4 different platforms to public March 22 23: Vulnerabilities disclosed for 2 more ICS platforms April: Vulnerabilities disclosed for 5 additional ICS platforms 3

4 What Stuxnet Means to the ICS World Stuxnet has become a SCADA for Dummies training manual for the hacking community Security Researchers are focusing on SCADA/ICS because it is easy money/fame (little malicious intent) Actors with bad intent have access to the weapons: Download exploits for free (Italian list) Purchase tool kits (Gleg) Directed where to look for more vulnerabilities Some Lessons Learned SCADA and ICS are now targets of interest Most systems have many exploit opportunities The Son of Stuxnet is only a matter of time What system will it strike? 4

5 Concepts & Technologies UNDERSTANDING CYBER SECURITY FOR SCADA AND ICS The Bastion Model of Security A popular industrial security policy is to install single firewall between business and the control system. Known as the Bastion Model since it depends on a single point of security. Other examples of the bastion model: The Great Wall of China The Maginot Line 5

6 Layering Your Defenses #1 Manage risk with diverse and layered defensive strategies If one defence is compromised, another layer presents additional obstacles to the attacker Layering Your Defenses #2 Remember that attacks come in different flavors Each defensive layer can be optimized to deal with a specific range of threats. Technology Layer Example Solution Defense Against Network Security Firewall Scanning Malformed Packets Denial of Service Attacks Platform Security Anti virus software Known worms Application Security Account and Role Access Control Disgruntled Employees Inappropriate Access 6

7 Too Many Protocols ICS network can be an alphabet soup of network protocols and technologies Each protocol brings new hacker opportunities Reducing the Attack Surface Picking one or two universal protocols and sticking with them Reduces the Attack Surface Limits hacker opportunities Allows security focus 7

8 IT Security is not SCADA/ICS Security There are important differences between information technology (IT) networks and industrial automation and control systems networks. Problems occur because assumptions that are valid in the IT world may not be on the plant floor Some examples: Valid types of outbound traffic Importance of web customers What are the Critical protocols Desired state on failure An Example Assumption IT Assumption: Outbound traffic is safe, inbound traffic is unsafe Result: By default, all ports are blocked on the outside interface, and all ports are open on the inside interface of the security appliance. Cisco ASA 5500 Adaptive Security Appliances Document ID:

9 Its Impact on a Chemical Plant Plant Floor Reality: Cisco ASA firewall is installed between DCS and PLCs with DCS as SCADA master (thus inbound traffic to PLC must be allowed) Event: Firewall installed with default rule sets Impact: All traffic to PLCs is blocked, plant down for three hours SCADA/ICS Appropriate Technologies Deploy ICS appropriate security technologies to secure ICS/SCADA systems Look beyond traditional network layer firewalls, towards firewalls that are capable of deep packet inspection of key SCADA and ICS protocols 9

10 High Level Overview UNDERSTANDING OPC SECURITY OPC Classic World s leading technology for integrating different automation products. Defines the communication interface that exposes Automation data. Includes all OPC standards that are based on Microsoft's DCOM Technology. Security concerns due to DCOM. 10

11 OPC Security Considerations Cyber Security Network Security Network Security Who has Access? Secure OPC Architectures OPC Security What might they Do? Behavioral Security Process Security What can they Do? Common OPC Security Issues Unauthorized OPC Clients Authorized OPC Clients with too much power No layering of security OPC Servers implemented with no security restrictions Data privacy: Confidentiality 11

12 Issue: Unauthorized Access Keep out malicious users Keep out unauthorized clients Microsoft Windows Security ACL based User control: Windows Security Application Control: DCOM What DCOM Security Provides OPC Servers employ no security OPC Clients control OPC Servers Prevent unauthorized access DCOM ACLs used to limit who may: Launch (start) the server Access (communicate) with OPC server User 1 OPC Client OPC Server Access Control List User/Group Launch Access User 1 Yes Yes User 2 No Yes User 3 No (or not listed) No (or not listed) User 2 OPC Client OPC Server User 3 OPC Client 12

13 What Can Users Do? User Connects User Token Passed Full Access Granted Administrator Engineer Contractor DCOM Security User Connects User Token Passed Same Access granted to all Users (Authorization) Read Write Browse 13

14 OPC Security Specification Developed by OPC Foundation NT Security performs authentication OPC Server performs access authorization Access authorization based on either : 1. NT Access Token (preferred) Uses the Windows login name/password 2. Private Credential (IOPCSecurityPrivate) Special interface Both OPC Server and client support required OPC Security Specification User first passes DCOM security (Authentication) Access Certificate passed to OPC Server OPC Server grants access (Authorizes) Read Write Browse 14

15 Layering security Goals Give the least rights possible to authorized clients Eliminate ability to arbitrarily add client nodes One big firewall is not good enough DCOM and regular IT firewalls don t mix Employing OPC Security SECURE OPC COMPONENTS 15

16 Nested Security Perspectives Cyber Security Network Security Secure OPC Architectures Nested Security Perspectives Cyber Security Network Security Secure OPC Architectures 16

17 Leveraging OPC Security Specification is vendor neutral Vendor implementations vary: Most: Do not implement Some : Perform user authentication only OPC Security Gateway: Per User Per Tag Security Not all OPC products are made equal OPC Security In Action Tag level security User based ACL Read Write Browse ACL 17

18 OPC Security in Action Limited Tag Visibility Custom Read/Write Permission Read Write Browse ACL OPC Security in Action Tag level security Custom Read/Write Permissions Read Write Browse ACL 18

19 Example Company A Company B Read Write Browse Server Example Company A Company B Read Write Browse Server 19

20 Easy Permission Settings Per User Per Group Per Tag Example Company A Company B Read Write Browse Read Write Browse Server 20

21 Bringing it all together SECURING OPC ARCHITECTURES Securing Existing OPC Architectures Most OPC Servers: Do not support OPC Security Specification DCOM level authorization only Multi vendor OPC Architectures Typical Firewalls not used 21

22 Secure Data Access Corporate IT Server 1 Server 2 App Engineering Secure Data Access Corporate Tunneller IT Server 1 Server 2 App Engineering 22

23 Secure Data Access Corporate Tunneller IT Server 1 Server 2 App Engineering Secure OPC Components Minimize Accidental damage Control OPC Server Visibility Indirect access to multiple OPC Servers 23

24 MatrikonOPC Security Gateway Secures OPC architectures Hides OPC Servers from unauthorized users OPC Security Specification compliant Supports OPC DA and HDA Easy to use point and click security Your Turn QUESTIONS? 24