Industrie 4.0 - Security 0.1?



Similar documents
Threat Modeling Smart Metering Gateways

Zero-Day and Less-Than-Zero-Day Vulnerabilities and Exploits in Networked Infrastructures 1

Goals. Understanding security testing

Secure Your Mobile Workplace

Attacks from the Inside

A Decision Maker s Guide to Securing an IT Infrastructure

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

A Systems Engineering Approach to Developing Cyber Security Professionals

CompTIA Security+ (Exam SY0-410)

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

The Peak of Chaos Shane D. Shook, PhD 10/31/2012

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Rapid Security Framework (RSF) Taxonomie, Bewertungsparameter und Marktanalyse zur Auswahl von Fuzzing-Tools

N-Dimension Solutions Cyber Security for Utilities

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Reducing Application Vulnerabilities by Security Engineering

Jort Kollerie SonicWALL

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Kaspersky Endpoint Security 10 for Windows. Deployment guide

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Integrigy Corporate Overview

Best Practices For Department Server and Enterprise System Checklist

Chapter 4 Application, Data and Host Security

Cybersecurity Health Check At A Glance

Section 12 MUST BE COMPLETED BY: 4/22

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

SECURITY PRACTICES FOR ADVANCED METERING INFRASTRUCTURE Elif Üstündağ Soykan, Seda Demirağ Ersöz , ICSG 2014

TECHNICAL VULNERABILITY & PATCH MANAGEMENT

Intel Security Certified Product Specialist Security Information Event Management (SIEM)

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

ICANWK406A Install, configure and test network security

CEH Version8 Course Outline

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Anomaly Detection and Vulnerability Management. Rolf Strehle, ditis Systeme Heidenheim

Security aspects of e-tailing. Chapter 7

Patch Management Policy

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Data Center security trends

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Cloud Services Prevent Zero-day and Targeted Attacks

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Security appliances with integrated switch- Even more secure and more cost effective

HACKING RELOADED. Hacken IS simple! Christian H. Gresser

Technical Security in Smart Metering Devices: A German Perspective S4 SCADA Security Scientific Symposium , Miami Beach FL / USA

Devising a Server Protection Strategy with Trend Micro

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Common Cyber Threats. Common cyber threats include:

Industrial Security for Process Automation

Computer Security DD2395

Devising a Server Protection Strategy with Trend Micro

Security Awareness For Server Administrators. State of Illinois Central Management Services Security and Compliance Solutions

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Cyber Security and Critical Information Infrastructure

Avaya TM G700 Media Gateway Security. White Paper

Avaya G700 Media Gateway Security - Issue 1.0

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

13 Ways Through A Firewall

13 Ways Through A Firewall What you don t know will hurt you

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

The Internet of Things (IoT) and Industrial Networks. Guy Denis Rockwell Automation Alliance Manager Europe 2015

Modular Network Security. Tyler Carter, McAfee Network Security

CRYPTUS DIPLOMA IN IT SECURITY

Endpoint protection for physical and virtual desktops

Promoting Network Security (A Service Provider Perspective)

INFORMATION SECURITY TRAINING CATALOG (2015)

Detailed Description about course module wise:

Astaro Gateway Software Applications

2014 Teradici Corporation.

Guidelines for Website Security and Security Counter Measures for e-e Governance Project

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Securing mobile devices in the business environment

Professional Services Overview

Network Security and the Small Business

FORBIDDEN - Ethical Hacking Workshop Duration

Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望

Symantec AntiVirus Enterprise Edition

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

Total Defense Endpoint Premium r12

Cyber Security, Fraud and Corporate Account Takeovers LBA Bank Counsel Conference December 2014

Intro to QualysGuard IT Risk & Asset Management. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe

CSCI 454/554 Computer and Network Security. Instructor: Dr. Kun Sun

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

Web App Security Audit Services

Transcription:

Industrie 4.0 - Security 0.1? Zur Notwendigkeit von Security Testing Prof. Dr. Hartmut Pohl, Jochen Klein

Information Security (INFOSEC) Informationssicherheit Zustand eines IT-Systems, mit folgenden Sachzielen: Confidentiality: Informationen nur für Berechtigte zugreifbar Integrity: Genauigkeit und Vollständigkeit, Verarbeitungsmethoden geschützt Availability: Nutzung von Daten und Anwendungen durch Berechtigte Authenticity: Daten stammen vom behaupteten Berechtigten ISO/IEC 270xx

Natanz Uranium Enrichment Facility Iranian President Mahmoud Ahmadinejad visits the Natanz uranium enrichment facilities, where a closed computer network was infected by malware introduced via a small flash drive softscheck

Professional Attacks Example: Stuxnet and Derivatives 100 % Stuxnet 2006 Code Red 2006 Flame 2007 Roter Oktober 2007 Duqu 2009 Mahdi 2011 Gauss 2012 Disttrack, Shamoon 2012 miniflame 2012 Narilam 2012 Havex 2014 Stealth Storm Worm 2007 0 % Viruses, Worms, Spam, Phishing, Spyware, Adware, (Botnets) Skript Kiddies, Students, Everybody Targeted

Attack Surface, Attack Paths Internet Successful Attacks essential exploiting Vulnerabilities: No Vulnerability no Attack! Attack Paths Attack Surface Organisation Information System Permitted Port Undetected, unpublished, unpatched Vulnerabilities Firewall, Intrusion Detection, Applications, Servers, SQL, IIS, Mails, FTP, CRM Patched Vulnerabilities Anti-Virus Assets - Data Encryption, Keys 5 idefense Vupen WabiSabiLabi ZDI

Vulnerability Lifecycle Black Risk Vulnerability-free Phase seemingly! Grey Risk Vulnerability discovered, used White Risk Vulnerability fully disclosed: Manufacturer Product Shipment Vulnerability discovered Attack: Exploit developed Vulnerability published Exploit published Patch published 1 Zero-Day-Vulnerability - nobody knows 2 Manufacturer knows unpublished 3 Manufacturer publishes Vulnerability 4 Manufacturer patches

Vulnerability Lifecycle Black Risk Vulnerability-free Phase seemingly! Grey Risk Vulnerability discovered, used White Risk Vulnerability fully disclosed: Manufacturer Zero Day Product Shipment Vulnerability discovered Attack: Exploit developed Vulnerability published Exploit published Patch published 1 Zero-Day-Vulnerability - nobody knows 2 Manufacturer knows unpublished 3 Manufacturer publishes Vulnerability 4 Manufacturer patches

Indispensible Security Measures Grundschutz ISO 27000 Family Access Control, Passwords Anti-Virus Scanner Firewall Encryption: Key Generation, Key Management IDS/IPS

Software Security Tested Kommerzielle Software Webapplications, ERM, CRM, SCM, ERP, E-Business, CIM, Apps für mobile Devices Sicherheitssoftware Firewalls, Router, Gateways, Verschlüsselung, Intrusion Detection Industrial Control Systems (PLC/SPS) Embedded Systems Smart Grid / Smart Meter Gateway Security, Energiemanagement und Smart Home

Security Testing Process ISO 27034: Identifying Zero-Day-Vulnerabilities Security Analysis: Requirements Architecture Analysis Threat Modeling Attack Paths, Attack Surface Static Source Code Analysis Conformity Testing, Covert Functions Explorative Testing: Manual Auditing Penetration Testing Dynamic Analysis: Fuzzing Exploits, Patches Secure Design Secure Implementation Requirements Product Security Design Implementation Release Verification Presentation Reports ISO 27034

Threat Modeling: Data Flow Diagram Advanced Metering Infrastructure (AMI) External-powered Meter Battery-powered Meter Electricity Gas Water Heat Metered Value Metered Value SMGW Admin Trusted Time Service Time Synchronization Firmware Download Measured Values - Tariffs Network Status Wake-up Call... LMN Smart Meter Gateway Customer Information Security Module HAN Authorized External Entity CLS Data Verteilnetzbetreiber (VNB) Messstellenbetreiber (MSB) Messdienstleister (MDL) Lieferant (LF) WAN Prosumer Visual Display Service Technician Controllable Local System (CLS)

Principle Fuzzing Process Fuzzer 0000 0000 1111 1111 1 2 Target Expert Advice: Identification, Rating Report Patch, Fix

Full Fuzzing Process Test System Target System Identification Input Interfaces Code Coverage Proprietary Developed Fuzzer Proprietary Developed Attack Strings Fuzzer 0000 0000 1111 1111 1 Target 2 Encryption I/A DB Target Processor ARM, AMD, IBM, Intel, Nvidia, PLC, Power PC, Qualcomm, Sun, Snapdragon, Target OS Android, CardOS, JCOB, Nucleus, OS X, QNX, Unix, VxWorks, Windows, S7, Monitor-Client Monitor/Debugger Expert Activities Expert Advice: Identification, Rating Proof of Concept Exploits Report Patch, Fix

Security Testing Achievements Method No. Vulnerabilities No. Tools used Architecture Analysis: Threat Modeling 112 (986) 1 Static Source Code Analysis 17 3-5 Penetration Testing 0 (76) 4 + Dynamic Analysis: Fuzzing 27 5-7 Sum 156 > 13

Indispensible Security Measures Security Level 0: Grundschutz ISO 27000 Family Access Control, Passwords Anti-Virus Scanner Firewall Encryption: Key Generation, Key Management IDS/IPS

Security Success 5 effective Methods: Security Requirements Threat Modeling Static Source Code Analysis Penetration Testing Dynamic Analysis: Fuzzing Many Tools of > 300 Every Software and Firmware (Hardware) All Processors & Operating Systems Every Software Development Process Common Criteria / Protection Profiles

Live Presentation Identifying Zero-Day-Vulnerabilities in PLC

Industrie 4.0 - Security 0.1? Zur Notwendigkeit von Security Testing Prof. Dr. Hartmut Pohl Hartmut.Pohl@softScheck.com + 49 (2241) 255 430 softscheck GmbH Köln Büro: Bonnerstr. 108. 53757 Sankt Augustin www. softscheck.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information