Document ID. Cyber security for substation automation products and systems



Similar documents
Symphony Plus Cyber security for the power and water industries

Cyber security measures in protection and control IEDs

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Cyber Security focus in ABB: a Key issue. 03 Luglio 2014, Roma 1 Conferenza Nazionale Cyber Security Marco Biancardi, ABB SpA, Power System Division

Protecting productivity with Plant Security Services

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

How To Secure Your System From Cyber Attacks

Industrial Security for Process Automation

Substation Automation and Protection. ABB Value Provider Program Support program for system integrators within substation automation and protection

ABB s approach concerning IS Security for Automation Systems

Ovation Security Center Data Sheet

Security in the smart grid

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services


Ovation Security Center Data Sheet

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Cyber Security Seminar KTH

Verve Security Center

Standard CIP Cyber Security Systems Security Management

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

Decrease your HMI/SCADA risk

March

Did you know your security solution can help with PCI compliance too?

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

Industrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities

GFI White Paper PCI-DSS compliance and GFI Software products

NovaTech NERC CIP Compliance Document and Product Description Updated June 2015

Payment Card Industry Data Security Standard

LogRhythm and NERC CIP Compliance

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Standard CIP 007 3a Cyber Security Systems Security Management

NERC CIP VERSION 5 COMPLIANCE

GE Measurement & Control. Cyber Security for NEI 08-09

BSM for IT Governance, Risk and Compliance: NERC CIP

How To Achieve Pca Compliance With Redhat Enterprise Linux

Cyber security. Protecting critical infrastructure in a changing world

Summary of CIP Version 5 Standards

Cyber Security. Smart Grid

CONTENTS. PCI DSS Compliance Guide

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

RuggedCom Solutions for

/ gridsecurity Cyber Security Global solutions for energy automation Answers for infrastructure and cities.

Cyber Security Compliance (NERC CIP V5)

Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme

Security all around. Industrial security for your plant at all levels. siemens.com/industrialsecurity. Answers for industry.

Securing Distribution Automation

A Decision Maker s Guide to Securing an IT Infrastructure

Cisco Advanced Services for Network Security

Cyber Security From product to system solution

¼ããÀ ããè¾ã ¹ãÆãä ã¼ãîãä ã ããõà ãäìããä ã½ã¾ã ºããñ à Securities and Exchange Board of India

Cyber Security for NERC CIP Version 5 Compliance

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Security Standard: Servers, Server-based Applications and Databases

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

Client Security Risk Assessment Questionnaire

Introduction. PCI DSS Overview

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Notable Changes to NERC Reliability Standard CIP-010-3

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

74% 96 Action Items. Compliance

NERC CIP Whitepaper How Endian Solutions Can Help With Compliance

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Dr. György Kálmán

Achieving PCI-Compliance through Cyberoam

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

LogRhythm and PCI Compliance

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

Device Hardening, Vulnerability Remediation and Mitigation for Security Compliance

The rocky relationship between safety and security

Global Partner Management Notice

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Question Name C 1.1 Do all users and administrators have a unique ID and password? Yes

PCI Compliance Can Make Your Organization Stronger and Fitter. Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc.

ProjectManager.com Security White Paper

The Protection Mission a constant endeavor

Best Practices for DanPac Express Cyber Security

FERC, NERC and Emerging CIP Standards

Critical Security Controls

TRIPWIRE NERC SOLUTION SUITE

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Protecting Your Organisation from Targeted Cyber Intrusion

Designing a security policy to protect your automation solution

CG Automation Solutions USA

Operational Guidelines for Industrial Security

GiftWrap 4.0 Security FAQ

Network Security Guidelines. e-governance

PCI Requirements Coverage Summary Table

PCI PA - DSS. Point BKX Implementation Guide. Version Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core

Best Practices for PCI DSS V3.0 Network Security Compliance

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Transcription:

Document ID Cyber security for substation automation products and systems

2 Cyber security for substation automation systems by ABB

ABB addresses all aspects of cyber security The electric power grid has evolved significantly over the past decade thanks to many technological advancements and breakthroughs. As a result, the emerging smart grid is quickly becoming a reality. At the heart of these intelligent advancements are specialized IT systems various control and automation solutions such as substation automation systems. To provide end users with comprehensive real-time information, enabling higher reliability and greater control, automation systems have become ever more interconnected. To combat the increased risks associated with these interconnections, we offer a wide range of cyber security products and solutions for automation systems and critical infrastructure. The new generation of automation systems uses open standards such as IEC 60870-5-104, DNP 3.0 and IEC 61850 and commercial technologies, in particular Ethernet- and TCP/IP-based communication protocols. They also enable connectivity to external networks, such as office intranet systems and the Internet. These changes in technology, including the adoption of open IT standards, have brought huge benefits from an operational perspective, but they have also introduced cyber security concerns previously known only to office or enterprise IT systems. To counter cyber security risks, open IT standards are equipped with cyber security mechanisms. These mechanisms, developed in a large number of enterprise environments, are proven technologies that enable the design, development and continual improvement of cyber security solutions specifically for control systems, including substation automation applications. We fully understand the importance of cyber security and its role in advancing the security of substation automation systems. As an ABB customer investing in new ABB techno- System architecture for substation automation system. Cyber security for substation automation systems by ABB 3

Systematic approach to cyber security logies, you can rely on products and system solutions where reliability and security have the highest priority. To assure reliability and availability of electricity, ABB has a strategic partnership with the well known cyber security company Industrial Defender. Industrial Defender s solutions provide in-depth monitoring, enhanced management, and protection for utility operations networks. At ABB, we have identified cyber security as a key requirement and we are committed to providing products, systems and services that clearly address this issue. We take a systematic approach to cyber security through our operations on a global level. For instance, we have established the Power Systems Security Council to keep track of global needs and require- 4 Cyber security for substation automation systems by ABB ments concerning cyber security. The mandate of the council is to ensure that products and solutions used in power systems meet the expectations of customers. Besides continuously adapting security requirements to keep up with the changing demand, the Security Council drives proactive R&D efforts to address emerging trends, and ensures fast and efficient security improvements. We also recognize the importance of cyber security standards and we are an active member in several industry initiatives, including IEEE and IEC. This involvement ensures that the needs of our customers are considered in the development of new standards and that ABB remains abreast of new developments. It also enables us as a company to incorporate new standards into our products and systems, helping our

customers to comply with regulation as it comes into force. Key cyber security initiatives driven or supported by ABB: Standard Main Focus NERC CIP Cyber Security regulation for North American power utilities IEC 62351* Data and Communications Security IEEE 1686 IEEE Standard for Substation Intelligent Electronic Devices (IEDs) Cyber Security Capabilities IEC 62443 * Industrial Automation and Control System Security (formerly known as ISA S99) * standard is still in development Cyber security embedded Cyber security is integral to the product life cycle at ABB, and it is incorporated into our substation automation products and systems. Threat modeling and security design reviews, security training of software developers, as well as in-house and external security testing, are some of the multiple actions we are taking to ensure reliable and secure solutions for our customers. Individual user accounts and detailed security event logs are just two examples of built-in security features available in our products. Our substation automation systems are available with firewalls and pre-defined antivirus software, and all system deliveries follow our strict guidelines on cyber security. Cyber security for substation automation systems by ABB 5

Cyber security - addressed throughout the system life cycle Cyber security without compromises Evolving technologies like Ethernet and industry-specific standards such as IEC 61850 are enablers for information exchange that support higher system reliability, but it is also important to safeguard interoperability. This is an essential feature in modern systems, allowing information exchange between different vendors IEC 61850-compliant products and systems. Ensuring reliability and interoperability are two of the main goals when designing and engineering IEC 61850-based substation automation products and systems. Ensuring these aspects while maintaining availability and also addressing cyber security is a challenging set of tasks. ABB is committed to providing you with substation automation products and solutions that address all of these aspects without compromise. We aim to provide products and solutions that enable substation automation customers to fulfill the requirements of cyber 6 Cyber security for substation automation systems by ABB security standards, such as NERC CIP. We view cyber security not as a single, one-time activity, but as an integrated part of different phases in the product and system life cycle. Cyber security aspects are taken into consideration from early design and development, extending through testing and commissioning, as well as to processes supporting products and systems in operation. One key element is our independent robustness test center, where all our products are tested using current, state-of-the-art security testing tools. A centralized security testing process, applying up-to-date and rigorous procedures, guarantees a common and bestpractice approach. Our test center conducts regular regression tests on our products and systems to warrant a high level of robustness against cyber security attacks.

Cyber security on the system level Cyber security service offering At ABB, we are constantly extending and improving our security-related processes to ensure that new vulnerabilities are handled properly. A timely response to such issues is an important factor in our efforts to help customers minimize their exposure to cyber security threats. The focus is on maintaining and increasing the cyber security level of the installed base of substation automation systems. In addition to our technical solutions we provide training, consulting as well as a cyber security risk assessment, providing the best cyber security solution for the installation. This assessment analyses the technical as well as the organizational aspects of the installation in order to reduce cyber security risks. Based on this assessment the optimized measures will be proposed. Interactions between substation automation systems, corporate networks and the outside world are usually handled on the station level. In order to secure the substation automation system itself, it is therefore vital to ensure high levels of security at that level. ABB products and systems use best-in-class firewalls, intrusion detection and prevention systems, as well as VPN technology for encryption. Thanks to the firewall the substation can be protected by blocking all unnecessary incoming communication. To provide an additional level of security, systems can be subdivided into multiple security zones. Protect against threats to substation automation systems Manage critical activities, such as configurations, changes and patches Monitor security and health activities in real-time Product and system cyber security features Cyber security for substation automation systems by ABB 7

Cyber security product features ABB s cyber security feature packages ABB offers a large number of cyber security features in the field of substation automation. Those features cover the following areas: Product and system hardening: All components of the system are permanently hardened according to well-known best-practice guides. Monitor: The monitor features provide real-time security and health activity monitoring across the substation automation systems including networks and applications. Manage: The Managing features enable users to monitor and manage critical activity such as configurations, changes and patches across the substation automation system. Protect: Protecting substation automation systems means defending against unauthorized applications, memory exploits and malware that can compromise SA system availability, performance, security and compliance. At ABB, we are addressing cyber security requirements on a system- as well as on a product level to support cyber security standards such as NERC-CIP, IEEE 1686 and BDEW Whitepaper. We support verified third-party security patches and antivirus software to protect station computers from viruses and other types of attacks. Cyber security can also be improved by preventing the unauthorized use of removable media (such as USB memory sticks) in station computers. We have built additional security mechanisms into our products. Those offer advanced account management, secure communication and detailed security audit trails. This makes it easier for our customers to address NERC CIP requirements and maintain compliance standards. Secure architecture for MicroSCADA Pro based solution. 8 Cyber security for substation automation systems by ABB

Authentication and authorization (Role Based Access Control) ABB substation automation products support user authentication and authorization on an individual user level. Authentication is required and authorization enforced for all access to these products. As a customer, you will be able to manage user accounts yourself. You will be able to create, edit and delete accounts, as well as define usernames and passwords according to your own policies. User rights can be managed either by assigning access permissions directly to individual accounts or by using granting access according to a user s job title (role-based access control). To support NERC-CIP and IEEE 1686 requirements, ABB s substation automation products support password policies that allow you to specify the minimum length as well as the password complexity. Passwords are case sensitive and can include alphanumeric and special characters. Auditability and logging ABB substation automation products create audit trails (log files) of all security-relevant user activity to monitor within actions users perform. Security events that are logged include individual user log-in, log-out, change of parameters or configurations, and updates to software or firmware. For each event, date and time, user, event ID, outcome and source of event are logged. Access to the audit trail is available to authorized users only. Product and system hardening Products can be made significantly more robust by closing ports and services that are not in use. Our products have been systematically hardened to ensure that the products are robust against attacks and perform their main function. For example, unused services have been removed and unused ports closed, and the products have been thoroughly tested at our dedicated, independent security test center using state-of-the-art commercial and open-source security testing Cyber security for substation automation systems by ABB 9

tools. Hardening steps as well as the resulting configurations, such as open ports and services, are documented in detail. By default, only ports and services required for normal operation are enabled in our devices. Secure communication ABB substation automation products permits various measures to secure the communication. One example is the built in VPN communication in MicroSCADA Pro SYS 600 and RTU500 series to establish a secure communication between the substation and the remote system. RTU500 series permits encrypted communication between the web browser and the RTU as well as the Relion 650 series supports a secure communication between the PCM600 and the control and protection devices using state of the art encryption methods. ABB evaluates security updates from third-party software such as McAfee, Adobe, Microsoft and other operating systems with respect to relevance to, and compatibility with, substation automation products. Compatibility with both MicroSCADA Pro SYS 600 and MicroSCADA Pro SYS 600C are analyzed and, for verification, a compatibility report is then issued, certifying that the relevant security patches can be installed in the system, following guidelines from the software vendor, without impacting the functionality, stability or performance of the products. For embedded devices latest security patches are used to increase the robustness of the substation automation products. Patch management Secure architecture for RTU560 based solution. 10 Cyber security for substation automation systems by ABB

Patch deployment To ensure an adequate security throughout the whole system lifecycle ABB can provide a comprehensive patch management deployment as part of a service or maintenance agreement for the substation automation system. Malware protection MicroSCADA Pro-based systems can also be equipped with industry-standard malware and intrusion protection solutions, like virus protection and application whitelisting. Back up & disaster recovery Back up and Restore creates safety copies of the most important files, to be always prepared for the worst. Back up the files to another drive, a DVD or to a network. Cyber security for substation automation systems by ABB 11

Contact us ABB Switzerland Ltd Power Systems Bruggerstrasse 72 CH-5400 Baden, Switzerland Phone: +41 58 585 77 44 Fax: +41 58 585 55 77 ABB Oy Substation Automation Products MicroSCADA Pro P.O. Box 699 FI-65101 Vaasa, Finland Phone: +358 10 22 11 Fax: +358 10 22 41094 ABB AG Substation Automation Products Remote Terminal Units P.O. Box 10 03 51 DE-68128 Mannheim, Germany Phone: +49 621 381 3000 Fax: +49 621 381 7662 ABB AB Substation Automation Products Transmission protection and control IEDs SE-72159 Västerås, Sweden Phone: +46 21 32 50 00 Fax: +46 21 14 69 18 1KHA - 001 149, - SEN PDF - 13.04 - Printed in Switzerland ABB Switzerland Ltd, April 2013. The right to modifications or deviations due to technical progress is reserved. www.abb.com/substationautomation Scan this QR code to visit our Substation Automation website Scan this QR code to visit our Substation Automation Cyber Security website

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information