WORKSHOP Rethinking Cyber Security for Industrial Control Systems



Similar documents
Rethinking Cyber Security for Industrial Control Systems (ICS)

SCADA Security Training

ARC WHITE PAPER. Risk Drives Industrial Control System Cyber Security Investment VISION, EXPERIENCE, ANSWERS FOR INDUSTRY MAY 2011

ARC Forum Orlando 2015 Building a Secure Industrial Internet of Things

Panel on Emerging Cyber Security Technologies. Robert F. Brammer, Ph.D., VP and CTO. Northrop Grumman Information Systems.

Ernie Hayden CISSP CEH GICSP Executive Consultant

An International Perspective on Security and Compliance

i Network, Inc Technology Solutions, Products & Services Providing the right information, to the right customer, at the right time.

Historians and Production Management as Cloud Applications

A Modern Process Automation System Offers More than Process Control. Dick Hill Vice President ARC Advisory Group

What Risk Managers need to know about ICS Cyber Security

CERIAS Tech Report Mapping Water Sector Cyber-Security Vulnerabilities by James H. Graham, Jeffrey L. Hieb and J. Chris Foreman Center for

Cyber Security Considerations in the Development of I&C Systems for Nuclear Power Plants

Cyber Risk Mitigation via Security Monitoring. Enhanced by Managed Services

AURORA Vulnerability Background

Effective OPC Security for Control Systems - Solutions you can bank on

Cyber Security nei prodotti di automazione

How To Manage Risk On A Scada System

New Era in Cyber Security. Technology Development

Safe Network Integration

Smart grid security analysis

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

CPM and Operations Management

Control Systems Security: Australian Government Activities. Dr. Jason Smith Asst. Director, Operations CERT Australia Attorney-General s Department

Process Control Systems Forum (PCSF)

Data Analytics & Information Security

Innovative Defense Strategies for Securing SCADA & Control Systems

NIST Cybersecurity Initiatives. ARC World Industry Forum 2014

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids

Cyber Security and Privacy - Program 183

ISACA rudens konference

Cyber Security focus in ABB: a Key issue. 03 Luglio 2014, Roma 1 Conferenza Nazionale Cyber Security Marco Biancardi, ABB SpA, Power System Division

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

The Case for Support: The Center for Cyber Security Studies at the U. S. Naval Academy

Session 14: Functional Security in a Process Environment

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Roadmaps to Securing Industrial Control Systems

Testing Control Systems

Leveraging Cloud Services for Quicker Implementation and More Secure Automation Solutions

ARC WHITE PAPER. Yokogawa s Comprehensive Lifecycle Approach to Process Control System Cyber-Security VISION, EXPERIENCE, ANSWERS FOR INDUSTRY

CSSC-CL Announces ISASecure Certification of Hitachi and Yokogawa Industrial Control Devices. ~For More Globally Competitive Control System Devices ~

Collaborative Service Management Reduces Cost and Risk. Executive Overview Trends in Process Industry Operations Challenge Service Models...

Copyright 2013 OSIsoft, LLC. 1

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

The Critical Infrastructure: To be or not to be Secure. European Network for Cyber Security. Fred Streefland Director Education & Training

Preventing Cyber Security Attacks Against the Water Industry

1 ISA Security Compliance Institute

OPC & Security Agenda

Vulnerability Analysis of Energy Delivery Control Systems

Dr. Markus Braendle, Head of Cyber Security, ABB Group 10 Steps on the Road to a Successful Cyber Security Program Asia Pacific ICS Security SUMMIT

SCADA System Overview

ISA Security Compliance Institute

Cyber Security of Industrial Control Systems:

Industrial IT cpmplus Enterprise Connectivity Collaborative Production Management. Improving the total cost of ownership of your ERP System

The Cyber Security Modeling Language and Cyber Security research at department for Industrial Information and Control Systems

Mobility Solutions for Plant Personnel

Update On Smart Grid Cyber Security

The Electronic Arms Race of Cyber Security 4.2 Lecture 7

ISA Security Compliance Institute

Invensys-Skelta Takes BPM to Operations. customers and the Invensys challenge is to Invensys manufacturing customers.

How To Protect Water Utilities From Cyber Attack

GE Fanuc Production Management Software

Privacy and Security in Healthcare

Cyber-Physical System Security of the Power Grid

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

DHS, National Cyber Security Division Overview

AN ANALYSIS OF TECHNICAL SECURITY CONTROL REQUIREMENTS FOR DIGITAL I&C SYSTEMS IN NUCLEAR POWER PLANTS

Cyber Security Implications of SIS Integration with Control Networks

Vendor System Vulnerability Testing Test Plan

Advanced Automation, Cloud Computing, and Recipe Management for Improving Batch Manufacturing Operations

Industrial Control Systems Security Guide

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Apollogic company presentation

Decrease your HMI/SCADA risk

How To Improve Your Energy Efficiency

Department of Homeland Security Federal Government Offerings, Products, and Services

Erik Johansson, , Virtualization in Control Systems Possibilities and Challenges

Federal Facilities Council Workshop: Cyber Resilience of Building Control Systems-----Nov 17-19, Washington, DC

Thomas J. Schlagel Chief Information Officer, BNL

Intelligent Information Network

Introduction to Laboratory Assignment 3 Vulnerability scanning with OpenVAS

Cyber Security and Resilient Systems

INDUSTRY BUSINESS. Clemens Blum, EVP Industry. February 19, 2015

Italy. EY s Global Information Security Survey 2013

Cybersecurity Guidance for Industrial Automation in Oil and Gas Applications

Transcription:

WORKSHOP Rethinking Cyber Security for Industrial Control Systems Bob Mick, Workshop Moderator VP Emerging Technologies ARC Advisory Group bmick@arcweb.com 1

Re-Thinking Cyber Security Why Re-Thinking? An ARC Advisory Group Perspective Are we on the Right Track? What are the Emerging Opportunities? Are We Investing in the Right Security Activities? 2

Security In Manufacturing, Utilities Industrial Control Systems ICS Business Systems ERP, SCM, CRM, EAM, BI Lab Systems, Engineering Systems Remote Access Networking Software Servers Business Systems Remote Users Operations Management Networks Intelligences, Analytics, Integration Historians, Recipe Management, User Interface Networks HMI DCS Trending SCADA Operations Management Engineering Automation Systems Network Unit Controllers, PLCs, Devices Automation Laboratories Network Perspective Security Zone Perspective Focus on Cyber Security for ICS Operations Management and Automation 3

How Do We Approach Re-Thinking for ICS? Industrial Control System (ICS) Cyber Security Examine Fundamental Issues Miles McQueen, University of Idaho - Idaho National Labs INL is involved in several activities relative to ICS Basic Research participate in the academic community Miles challenge: Make us think Listen to a Voice of Experience Ernie Rakaczky, Invensys Contributed to many ICS Cyber Security activities Ernie s challenge: Represent the Supplier Perspective Open Discussion (~40 min) You, from your perspectives Your challenge: Share your ideas and issues (be positive) The Workshop Strategy 4

Rethinking Cyber Security For Control Systems Address Fundamentals Build on Experiences Start Title Speaker 200 2:00pm Opening and Overview Bob Mick, ARC Re-thinking Cyber Security for ICS 2:15pm 3:15pm Software and Human Vulnerabilities Implications for our Critical Infrastructures Break (30 minutes) Miles McQueen, INL 3:45pm Human Factors and a Need for Resilience Miles McQueen, INL 4:45pm Automation Suppliers Perspective and Strategies Ernie Rakaczky, Invensys 5:15pm 6:00pm Q&A Panel and Open Discussion All participants Conclude (for today) Bob Mick, ARC Take Notes about Your Questions and Ideas For the Open Discussion 5

Miles McQueen Idaho University Idaho National Labs Principal Investigator, Cyber Security R&D Department, Idaho National Laboratory Miles has held a variety of leadership roles at INL and has also been Director of the University of Idaho s Computer Science Program at the Idaho Falls Center for Higher Education. With well over 20 peer-reviewed reviewed scientific publications, Miles is currently leading research teams investigating cyber threat attack propagation and consequence modeling for multiple infrastructure simulation efforts. Previously, he investigated novel, first of a kind, 0Day vulnerability estimation techniques. Before the 0Day research, Miles led research teams in the investigation of security metrics, attack graphs, and attack surfaces in collaboration with Carnegie Mellon University and Princeton University Computer Science faculty. Miles has been invited, and has served, on a variety of national level security working groups providing assessments of the current state of the art in cyber security, evaluating the strengths and weaknesses in foundational principles, and identifying promising directions for future research and development. 6

Ernie Rakaczky Invensys Operations Management Program Manager, Control System Cyber Security Ernie has played an active role within the process control arena for over 32 years with the past 7 years fully dedicated in addressing the cyber security requirements for process control systems and raising the overall protection of our global infrastructures. Currently he has the responsibility to ensure a clear understanding and focus on cyber security requirements within all IOM product strategies at Invensys. As each product strategy is defined, consideration of current regulatory requirements, industry best practices and requirements that IOM clients are specifying within their procurement processes are addressed. Additionally, Ernie participates in the efforts underway at ISA within SP99, Automation Federation, NIST-SMART GRID, within ICSJWG from DHS, MSMUG and plays an active role in the various security initiatives with DOE, DHS, INL, NRC, NPRA, IAEA, and SANDIA. 7

Rethinking Cyber Security For Control Systems Address Fundamentals Build on Experiences Start Title Speaker 200 2:00pm Opening and Overview Bob Mick, ARC Re-thinking Cyber Security for ICS 2:15pm 3:15pm Software and Human Vulnerabilities Implications for our Critical Infrastructures Break (30 minutes) Miles McQueen, INL 3:45pm Human Factors and a Need for Resilience Miles McQueen, INL 4:45pm Automation Suppliers Perspective and Strategies Ernie Rakaczky, Invensys 5:15pm 6:00pm Q&A Panel and Open Discussion All participants Conclude (for today) Bob Mick, ARC Take Notes about Your Questions and Ideas For the Open Discussion 8

Let s Get Started! For more information, contact bmick@arcweb.com or visit www.arcweb.com 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information