Models for Cyber Security Analysis



Similar documents
The VIKING Project: An Initiative on Resilient Control of Power Networks

Cyber Security Controls Assessment : A Critical Discipline of Systems Engineering

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

The Cyber Security Modeling Language and Cyber Security research at department for Industrial Information and Control Systems

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

Feature. SCADA Cybersecurity Framework

Directory and File Transfer Services. Chapter 7

Cyber-Physical System Security of the Power Grid

ISACA rudens konference

Cyber Security and Privacy - Program 183

Cyber Security for SCADA/ICS Networks

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

Introduction to Cyber Security / Information Security

Looking at the SANS 20 Critical Security Controls

Cyber Security Modeling and Assessment of SCADA System Architectures

Document ID. Cyber security for substation automation products and systems

John Essner, CISO Office of Information Technology State of New Jersey

IBX Business Network Platform Information Security Controls Document Classification [Public]

Cyber Security Risk Management: A New and Holistic Approach

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Airports and their SCADA Systems. Dr Leigh Armistead, CISSP. Peregrine Technical Solutions

Which cybersecurity standard is most relevant for a water utility?

Symphony Plus Cyber security for the power and water industries

Cybersecurity Risk Assessment in Smart Grids

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment

Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

A Systems Engineering Approach to Developing Cyber Security Professionals

Cyber Security Seminar KTH

Program Overview and 2015 Outlook

Cybersecurity in a Mobile IP World

Principles of Information Assurance Syllabus

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

FISMA Implementation Project

InfoSec Academy Application & Secure Code Track

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

future data and infrastructure

IEEE-Northwest Energy Systems Symposium (NWESS)

University of Pittsburgh Security Assessment Questionnaire (v1.5)

CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT

FREQUENTLY ASKED QUESTIONS

The State of Industrial Control Systems Security and National Critical Infrastructure Protection

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

Intrusion Detection for SCADA Systems

Effective Use of Assessments for Cyber Security Risk Mitigation

Claes Rytoft, ABB, Security in Power Systems. ABB Group October 29, 2009 Slide 1

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Telecom Testing and Security Certification. A.K.MITTAL DDG (TTSC) Department of Telecommunication Ministry of Communication & IT

Information Security Services

Cyber Security Compliance (NERC CIP V5)

The Next Generation of Security Leaders

IBM Managed Security Services Vulnerability Scanning:

Logging In: Auditing Cybersecurity in an Unsecure World

NERC Alert System Overview

Compliance Risk Management IT Governance Assurance

Smart Grid Cybersecurity

Risk and Security Assessment. Zbigniew Kalbarczyk

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CIP Supply Chain Risk Management (RM ) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016

The Importance of Cybersecurity Monitoring for Utilities

Security Controls What Works. Southside Virginia Community College: Security Awareness

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

Personal Security Practices of the CAO

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Building Insecurity Lisa Kaiser

SCADA System Cyber Security A Comparison of Standards

Bellevue University Cybersecurity Programs & Courses

(Instructor-led; 3 Days)

Roadmaps to Securing Industrial Control Systems

Cyber security. Protecting critical infrastructure in a changing world

Management of Security Information and Events in Future Internet

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

Cyber Security. Smart Grid

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?

Information Systems and Tech (IST)

Cloud Computing Technologies Achieving Greater Trustworthiness and Resilience

Big Data, Big Risk, Big Rewards. Hussein Syed

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT

Patching & Malicious Software Prevention CIP-007 R3 & R4

Common Cyber Threats. Common cyber threats include:

Managing Security and Privacy Risk in Healthcare Applications

Critical Infrastructure Security: The Emerging Smart Grid. Cyber Security Lecture 5: Assurance, Evaluation, and Compliance Carl Hauser & Adam Hahn

Introduction to Computer Security

Managing Cloud Computing Risk

The Protection Mission a constant endeavor

External Supplier Control Requirements

Hedge Funds & the Cloud: The Pros, Cons and Considerations

Transcription:

Enterprise Architecture t Models for Cyber Security Analysis Teodor Sommestad Royal Institute of Technology KTH Stockholm, Sweden 1 Consequences of Cyber Security Incidents (?) CIA senior analyst Tom Donahue: We have information that cyberattacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. 2 1

Cyber security managment is difficult! Is my control system secure enough? Head of Operations Which parameters decides cyber security? 3 The control system is complex Much advance functionality Interconnected Heterogenous Third-party components Actually, I don t even know everything I have out there 4 2

Vulnerabilities are potentially everywhere A system is not securer than its weakest link 5 And security is a complex area A wide-spanning area: Business Organization Requirements Risk analysis, information and functionality criticality classification, staff access rights, business continuity management, IT Organization Requirements Testing tools and competence, configuration management, IT policies, acquisition processes, coding practices IT System requirements Firewalls, IDS, access control, authentication, encryption, execution environment limitations, network configurations, protocol limitations, internal application design, Vulnerabilities/attack vectors denial of service, default passwords, man in the middle, buffer overflow,. And all of this is connected systems to systems to organization to organization to vulnerabilities to vulnerabilities to attacks to attacks 6 3

Poor decision support for cyber security Plenty of reference material: NIST SP 800-82 (and others), NERC CIP, ISO 17799, ISO 27004, ISA-SP99, material from US-CERT, SCADA Procurement Language,, books, articles But, they don t help much with how-to, prioriteies, or causalities.. Should I spend my security budget on a training program or new firewalls? 7 The life for our decsisionmaker in summary Poor understanding of the system architecture configuration and its environment Poor understanding of how to achieve security Limited resources, time and money 8 4

A promising approach: Enterprise Architecture Take a holistic and business oriented approach to IT-managment Use graphical models Business (processes and organizational structure) Information Application Infrastructure technology 9 Models for Control Systems!? CEO T&D Maintenance Operation Maintenance Distribution operation Network Planning Planning 10 5

Theory for Control System models!? CEO T&D Maintenance Operation Maintenance Distribution operation Network Planning Planning? Distance between Paris and Dakar = F(x) Cyber Security Level = F(x) 11 Control System Architecture Attacks The VIKING project Vital Infrastructure, Networks, Information and Control Systems Management A cyber physical project analyzing how cyber attacks ends in consequnces in society by connecting control system architecture models and power system models Probability for control orders Power System Simulator Probability for power delivery Societal Impact $ 12 6

Partners ABB Developer of SCADA systems E.ON Power transmission and distribution, SCADA system user Astron SCADA system integration KTH -Stockholm Software system architecture, networked control systems, communication networks ETH -Zurich Power system modeling, cyber-physical modeling, game theory UC Berkeley Computer security, systems modeling University of Maryland Hybrid networks, network security 13 Our approach to cyber attack analysis is based on defense graphs Countermeasures + => Attacks Defense graphs Gives: The probability that an attack is successful An index on how secure the system is 14 7

Example defense graph 15 Using Bayesian statistics for quantifying the defense graphs Existence of default passwords T F Passwords used in multiple systems T F T F Personnel susceptible to social engineering T F T F T F T F Success 0.9 0.8 0.8 0.7 0.8 0.7 0.7 0.1 Failure 0.1 0.2 0.2 0.3 0.2 0.3 0.3 0.9 16 8

Coping with uncertainty Bayesian statistics capture uncertainty in: Theoretical structure Values of parameters 17 Adding architecture model elements 18 9

Architecture (meta-)models with an integrated analysis framework 19 Architectural decision-support nce Extected consequen Scenario 3 Scenario 2 Scenario 1-1000 -800-600 -400-200 0 20 10

Thank you! Questions? 21 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information