SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP
Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations Schneider Electric Seminar - 2
SCADA Systems An application of computer technology which: gathers information from field devices displays it for use by an operator executes automatic control sequences stores and displays data for analysis. Schneider Electric Seminar - 3
Elements of a Typical SCADA System Laptop VPN / Dial up PDA Remote Communications Terminal Server Wireless Network Device Workstation Workstation Server Radio Ethernet SCADA Control Center Interface to Remote Areas Clearwell PLC Control Panels Field Devices Human Machine Interface (HMI) M MCC S-2 Historical Server Comm Tower Field Controller. Clearwell Pump Venturi Flow Tube To Distribution Networks CL2, Turbidity, Conductivity, ph Analyzers Schneider Electric Seminar - 4
SCADA Systems vs. IT Systems Some Common Characteristics Internet Protocol (IP) based systems Ethernet networks Servers and Workstations PC based Windows Operating Systems Network Connectivity Schneider Electric Seminar - 5
SCADA Systems vs. IT Systems SCADA shares many characteristics with IT systems, but SCADA also has: Direct effect on the real world Significant impact on environment Risks to health and safety of human lives Mission Criticality Real Time / High Availability IT Security techniques are a good foundation for SCADA Security Schneider Electric Seminar - 6
SCADA System Risk Factors Standard Protocols and Technologies Vulnerabilities known to hackers/attackers Connections from control network to other networks Corporate WAN/Internet Rogue or Unknown Connections Public Information on Common Control Platforms Easy to understand HMI Graphics Schneider Electric Seminar - 7
SCADA System Threats Attackers Hackers Insiders Disgruntled employees or former employees Spyware/Malware Terrorists Schneider Electric Seminar - 8
SCADA System Threats Control System Disruptions Lack of Monitoring Inability to control Unauthorized Changes Alarm Setpoints Control Setpoints False Information to Operators Virus Introduction Schneider Electric Seminar - 9
Do We Really Need to Worry? Worcester Air Traffic Communications 1997 Hacker disabled multiple comm systems Maroochy Shire Sewage Spill 2000 Disgruntled job applicant hacked into remote control systems CSX Train Signaling System 2003 Sobig computer virus - Infection shut down signaling, dispatching and other systems Schneider Electric Seminar - 10
Do We Really Need to Worry? Davis-Bessey Nuclear Power Plant 2003 Slammer worm: Disabled Safety Monitoring System, Failure of Process Computer (plant was not operating) Northeast Power Blackout 2003 SCADA failure contributed to blackout Bellingham Washington Gas Pipeline Failure 1999 SCADA failure allowed overpressure, contributed to incident Schneider Electric Seminar - 11
Potential SCADA Vulnerability Types Policy and Procedure Control Platform Hardware Software Configuration Network Systems Schneider Electric Seminar - 12
Policy and Procedure Considerations Security Policies & Procedures Training Disaster Recovery Change Management Develop Security Policies SCADA Specific Disaster Recovery Plan Monitor for current issues (WaterISAC, US-CERT email list) Schneider Electric Seminar - 13
Low Hanging Fruit Policies and Procedures Software Backups SCADA Configuration PLC Programs Historical Data System Documentation Security Awareness Training Schneider Electric Seminar - 14
Control Platform Considerations Hardware Software Configuration Schneider Electric Seminar - 15
Control Platform Considerations Hardware Physical Security of Critical Systems Redundancy for Critical Components Backup Power Environmental Controls Accidental remote access Schneider Electric Seminar - 16
Low Hanging Fruit Hardware Physical Security of SCADA Assets Separate Servers in Secure Location Limit Operator Access to USB ports Lock Field Equipment Cabinets and Enclosures Secure Cables in conduit to prevent damage (radio coax, etc.) Schneider Electric Seminar - 17
Control Platform Considerations Software Old/Outdated Operating Systems Patch Management for Operating Systems Patch Management for Control Software Virus Protection (Malware) Software Intrusion Detection Software Schneider Electric Seminar - 18
Low Hanging Fruit - Software Anti-Virus Software Verify with SCADA vendor, Deploy carefully Manage Signature Updates Intrusion Detection Software Handle similar to anti-virus software Schneider Electric Seminar - 19
Control Platform Considerations Configuration Critical Configuration Parameters Password Policies and Application Portable Devices (Laptop, PDA) Vendor Default Configurations Access Controls Schneider Electric Seminar - 20
Low Hanging Fruit Configuration Passwords / System Access Individual Passwords Strong Password requirements for privileged users Critical Processes consider impact on passwords if rapid response needed (e.g. UV Local Operator Interface) Define Access Control levels Schneider Electric Seminar - 21
Network Systems Considerations Security Perimeter Separated Networks (Control, Non-Control) Firewall Configuration Wireless Connections Wireless LAN Remote Telemetry Schneider Electric Seminar - 22
Typical SCADA Network Scheme Split Networks Laptop PDA Wireless Network Device Workstation Workstation SCADA Ethernet Network Radio SCADA Server SCADA Server Control Ethernet Network Historical Server Comm. Tower Schneider Electric Seminar - 23
Access to Corporate LAN/WAN Schneider Electric Seminar - 24
DMZ Architecture Laptop with VPN Business System Server (Typical) Internet Admin Network (LAN/WAN) Firewall to Internet Firewall to Admin LAN/WAN Laptop PDA DMZ Network Historical Server Wireless Network Device Workstation Workstation SCADA Ethernet Network Data Server Firewall SCADA Server SCADA Server Control Ethernet Network Schneider Electric Seminar - 25
CSSP Recommended Defense-In-Depth Architecture Schneider Electric Seminar - 26
Wireless Networks Plan your Installation Antennas placed to minimize exposure outside designated areas Configure your Hardware Unique SSID non-broadcast MAC Filtering Strong Security / Authorization Protocols Schneider Electric Seminar - 27
Remote Telemetry Physical Protection of Equipment Spread Spectrum Change Default Codes Licensed Consider Encryption Schneider Electric Seminar - 28
Resources Water Information Sharing and Analysis Center (WaterISAC) www.waterisac.org Department of Homeland Security Control Systems Security Program - www.uscert.gov/control_systems NIST Industrial Control System Security Project http://csrc.nist.gov/sec-cert/ics/index.html ISA Security Compliance Institute - www.isa.org/isasecure Process Control Systems Forum - www.pcsforum.org NIST SP 800-82: Guide to Industrial Control Security Control Systems Cyber Security Self Assessment Tool (CS2SAT) Schneider Electric Seminar - 29
Summary SCADA System Security is a real concern. IT Cyber-Security Techniques are a good foundation for SCADA Security improvements. There are many simple improvements that can be made to enhance system security. Schneider Electric Seminar - 30
Questions? Terry M. Draper, PE, PMP drapertm@bv.com
Potential SCADA Vulnerability Types Policy and Procedure Security Policies and Procedures Training Disaster Recovery Change Management Control Platform Hardware Software Configuration Schneider Electric Seminar - 32
Potential SCADA Vulnerability Types Network Systems Hardware/Software/Configuration Network Perimeter Network Monitoring and Logging Communications Wireless Connections Schneider Electric Seminar - 33