Security Issues in SCADA Networks



Similar documents
Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

SCADA SYSTEMS AND SECURITY WHITEPAPER

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

SCADA Security Measures

INTRUSION DETECTION SYSTEMS and Network Security

Innovative Defense Strategies for Securing SCADA & Control Systems

Taxonomy of Intrusion Detection System

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Overview. Firewall Security. Perimeter Security Devices. Routers

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

Designing a security policy to protect your automation solution

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Developing Network Security Strategies

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Intrusion Detection for Mobile Ad Hoc Networks

Network Security 網 路 安 全. Lecture 1 February 20, 2012 洪 國 寶

CS5008: Internet Computing

Security Testing in Critical Systems

Basics of Internet Security

SECURING AN INTEGRATED SCADA SYSTEM. Technical Paper April 2007

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

COSC 472 Network Security

This is a preview - click here to buy the full publication

What would you like to protect?

IT Networking and Security

Security Awareness. Wireless Network Security

Network Security Administrator

Security Frameworks. An Enterprise Approach to Security. Robert Belka Frazier, CISSP

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Deploying Firewalls Throughout Your Organization

A Systems Approach to HVAC Contractor Security

Dr. György Kálmán

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Payment Card Industry (PCI) Data Security Standard

Security Issues with Integrated Smart Buildings

Chapter 20 Firewalls. Cryptography and Network Security Chapter 22. What is a Firewall? Introduction 4/19/2010

Achieving PCI-Compliance through Cyberoam

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

Don t skip these expert tips for making your firewall airtight, bulletproof and fail-safe. 10 Tips to Make Sure Your Firewall is Really Secure

Tutorial 3. June 8, 2015

Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Information Security Assessment and Testing Services RFQ # Questions and Answers September 8, 2014

A Comparison of Oil and Gas Segment Cyber Security Standards

FIREWALLS & CBAC. philip.heimer@hh.se

Goals. Understanding security testing

Information Technology Security Guideline. Network Security Zoning

SCADA/Business Network Separation: Securing an Integrated SCADA System

How To Protect Your Network From Attack

External Supplier Control Requirements

Industrial Communication. Securing Industrial Wireless

SANS Top 20 Critical Controls for Effective Cyber Defense

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

74% 96 Action Items. Compliance

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

a) Encryption is enabled on the access point. b) The conference room network is on a separate virtual local area network (VLAN)

Wireless Network Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

Symphony Plus Cyber security for the power and water industries

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

Recommended IP Telephony Architecture

Introduction to Cyber Security / Information Security

CS 356 Lecture 17 and 18 Intrusion Detection. Spring 2013

Current and Future Research into Network Security Prof. Madjid Merabti

SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab March 04, 2004

IDS : Intrusion Detection System the Survey of Information Security

SECURITY IN THE INTERNET OF THINGS

Cybersecurity considerations for electrical distribution systems

Cyber Essentials KAMI VANIEA 2

Global Partner Management Notice

Network Security: 30 Questions Every Manager Should Ask. Author: Dr. Eric Cole Chief Security Strategist Secure Anchor Consulting

Computer Security: Principles and Practice

Cyber Security Risk Mitigation Checklist

UCIT INFORMATION SECURITY STANDARDS

Security for. Industrial. Automation. Considering the PROFINET Security Guideline

PCI DSS Requirements - Security Controls and Processes

Chapter 9 Firewalls and Intrusion Prevention Systems

Introduction of Intrusion Detection Systems

SECURITY IN THE INTERNET OF THINGS

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

Roger W. Kuhn, Jr. Advisory Director Education Fellow Cyber Security Forum Initiative

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

A Strategic Approach to Protecting SCADA and Process Control Systems

Network/Cyber Security

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

Ovation Security Center Data Sheet

Chap. 1: Introduction

Cryptography and Network Security

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

Transcription:

Security Issues in SCADA Networks by V. M. Igure, S. A. Laughter, and R. D. Williams Computers & Security, 25(7): 498-506, 2006 presented by Ruilong Deng Postdoctoral Research Fellow School of Electrical and Electronic Engineering 25 July 2014

1. Introduction Evolution of control networks simple point-to-point networks monitoring/command device remote sensor/actuator complex networks with field bus communication (SCADA) central control unit remote terminal unit (RTU) Why face security issues increasing interconnectivity of SCADA networks connect to outside corporate network/internet via gateways 7/25/2014 Security Issues in SCADA Networks 2

2. SCADA Network Architecture SCADA network interconnection for field devices on plant floor PC/PLC (programmable logic controller) remote sensor/actuator field bus protocol-based network mater-slave/client-server communication peer-to-peer communication Corporate network/internet IP-based network Gateway interface between field bus protocol/ip-based networks 7/25/2014 Security Issues in SCADA Networks 3

2. SCADA Network Architecture (cont d) 7/25/2014 Security Issues in SCADA Networks 4

3. Security Threats & Vulnerabilities Why face security issues connectivity between plant floor and corporate network simple, isolated control network complex inter-network increased interconnectivity of SCADA networks multiple access points physical isolation does not guarantee security phone line/intranet connection from local to outside network Attacker aim to compromise SCADA security integrity confidentiality authentication availability privacy of data 7/25/2014 Security Issues in SCADA Networks 5

3. Security Threats (cont d) Security threats and vulnerabilities sniff communication traffic gain unauthenticated access to confidential information tamper with data transmitted/stored compromise data integrity change control signal: cause device malfunction change set point: device fail at very low threshold or alarm not go off when it should change operator display value: when alarm actually go off, human operator is unware of it DoS (denial-of-service) attack block/reroute communication traffic plant malicious code obtain greater network access/cause other damage 7/25/2014 Security Issues in SCADA Networks 6

4. SCADA Security Research Challenges Overview improve access control improve security inside SCADA network/develop efficient security-monitoring tool detect intrusion and/or other suspicious activities improve security management Constraint limitation of field bus network slow communication rate (3125 Kbps) small message packet (a few octets) real-time operating requirement 7/25/2014 Security Issues in SCADA Networks 7

4.1 Access Control Challenge difficulty in defining perimeter to SCADA network gateways are not the only means of connection to outside other unexpected links: phone line/intranet apart from technical access control, clearly define security policy gateway authentication provide protocol compatibility between local and outside networks assign login account to authorized user password-based authentication smart card-based authentication...... 7/25/2014 Security Issues in SCADA Networks 8

4.2 Firewalls and IDSs Challenge block unauthorized access recognize/allow specific traffic control/monitor activity of authorized access (permission) 3-zone architecture for firewalls SCADA or process control network, demilitarized zone (buffer), corporate network micro-firewalls embedded within each field device many field devices do not have enough computational capability few commercial firewalls/idss (intrusion detection systems) capable of monitoring SCADA protocol traffic structure of SCADA protocol vulnerability assessment of SCADA protocol 7/25/2014 Security Issues in SCADA Networks 9

4.3 Protocol Vulnerability Assessment Challenge two categories of SCADA protocol vulnerabilities inherent in protocol specification itself result of improper implementation of protocol the latter is easier taxonomy of SCADA protocol vulnerabilities require database of vulnerabilities no public database of SCADA protocol vulnerabilities 7/25/2014 Security Issues in SCADA Networks 10

4.4 Cryptography and Key Management Challenge SCADA protocols do not support complex cryptography implementation limited computational capability of field device low rate data transmission on SCADA network real-time response requirement on device WSNs (wireless sensor networks) have similar operating constraints techniques to implement cryptography in WSNs could possibly be applied to SCADA network 7/25/2014 Security Issues in SCADA Networks 11

4.5 Device and OS Security Challenge security of end devices on SCADA network embedded computing device (printer, router) real-time operating system (RTOS) other real-time control software more susceptible to DoS attack vulnerability assessment of end device and their embedded operating system not practical to provide physical protection to every node OS equipped with tamper-resistant feature existing ones can be prohibitively expensive for SCADA network low-cost alternative with almost same level of security network survive from compromise of a few devices 7/25/2014 Security Issues in SCADA Networks 12

4.6 Security Management Challenge security policy tailored to specific company not possible to develop common security policy meet all companies goal/requirement/need/objective provide guideline for critical administration issues data security policy communication security policy audit security policy physical security policy continuous process constantly monitor SCADA network for security vulnerabilities regularly update/secure with latest patches on SCADA network software/hardware regular maintenance on system 7/25/2014 Security Issues in SCADA Networks 13

5. Conclusion Security issues in SCADA networks introduction SCADA network architecture security threats and vulnerabilities SCADA security research challenges access control firewalls and intrusion detection systems protocol vulnerability assessment cryptography and key management device and OS security security management Any comments to share with us? 7/25/2014 Security Issues in SCADA Networks 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information