Erik Johansson, 091027, erik.z.johansson@se.abb.com Virtualization in Control Systems Possibilities and Challenges

Similar documents
Cloud Computing for SCADA

Before we can talk about virtualization security, we need to delineate the differences between the

Server Virtualization in Manufacturing

6422: Implementing and Managing Windows Server 2008 Hyper-V (3 Days)

Sustain.Ability Honeywell Users Group EMEA. Virtualization Solutions: Improving Efficiency, Availability and Performance

Networking for Caribbean Development

APPLICATION OF SERVER VIRTUALIZATION IN PLATFORM TESTING

SERVER VIRTUALIZATION IN MANUFACTURING

IT Security and OT Security. Understanding the Challenges

VIRTUALIZATION SECURITY IN THE REAL WORLD

Waterfall for NERC-CIP Compliance

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

Server Virtualization A Game-Changer For SMB Customers

WHITE PAPER. Solving the Challenges of Virtual Machine Backups with Acronis Backup & Recovery 10

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

M6422A Implementing and Managing Windows Server 2008 Hyper-V

Protecting Virtual Servers with Acronis True Image Echo

Implementing and Managing Windows Server 2008 Hyper-V

Security. Environments. Dave Shackleford. John Wiley &. Sons, Inc. s j}! '**»* t i j. l:i. in: i««;

Technology Insight Series

MS-6422A - Implement and Manage Microsoft Windows Server Hyper-V

Deployment Options for Microsoft Hyper-V Server

Deployment Guide: Unidesk and Hyper- V

Virtualization In Manufacturing Industries. Copyright 2012 Rockwell Automation, Inc. All rights reserved.

A Better Approach to Backup and Bare-Metal Restore: Disk Imaging Technology

Remote PC Guide Series - Volume 1

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

RELIABILITY AND AVAILABILITY OF CLOUD COMPUTING. Eric Bauer. Randee Adams IEEE IEEE PRESS WILEY A JOHN WILEY & SONS, INC.

Ovation Security Center Data Sheet

Veeam Backup and Replication Architecture and Deployment. Nelson Simao Systems Engineer

Security Model for VM in Cloud

VMware vsphere 5.0 Boot Camp

Increasing Storage Performance, Reducing Cost and Simplifying Management for VDI Deployments

CONTROL SYSTEM VENDOR CYBER SECURITY TRENDS INTERIM REPORT

Neverfail Solutions for VMware: Continuous Availability for Mission-Critical Applications throughout the Virtual Lifecycle

Virtualization System Security

Instant Recovery for VMware

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

Outline SSS Microsoft Windows Server 2008 Hyper-V Virtualization

Leveraging Virtualization for Disaster Recovery in Your Growing Business

Transforming Control System to a Virtualized Platform, including On Process Migration. Anneke Vemer ExxonMobil

Protecting Virtual Servers with Acronis True Image

Leveraging Virtualization for Higher Business Continuity within Industrial Facilities

SCADA Virtualization

Server Virtualization with VMWare

Virtualization Security and Best Practices. Rob Randell, CISSP Senior Security Specialist SE

Evaluation of Enterprise Data Protection using SEP Software

Ovation Security Center Data Sheet

Why is the V3 appliance so effective as a physical desktop replacement?

Intelligent Laptop Virtualization No compromises for IT or end users. VMware Mirage

VMware vsphere 5.1 Advanced Administration

Simplifying the Transition to Virtualization TS17

Citrix XenServer Backups with Xen & Now by SEP

Total Data Protection for your business

Microsoft Windows Server 2008: MS-6422 Implementing and Managing Hyper V Virtualization 6422

Complete Storage and Data Protection Architecture for VMware vsphere

HP Data Protector software. Assuring Business Continuity in Virtualised Environments

How bare-metal client hypervisors will mean the end of agent-based Windows management

Rajesh Gupta Best Practices for SAP BusinessObjects Backup & Recovery Including High Availability and Disaster Recovery Session #2747

Virtualization Essentials

Proven LANDesk Solutions

A Comparison of VMware and {Virtual Server}

Meeting the Challenges of Virtualization Security

Simplify VDI and RDS Private Clouds for SMBs

DeltaV Virtualization High Availability and Disaster Recovery

CA ARCserve Replication and High Availability Deployment Options for Hyper-V

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Unmasking Virtualization Security. Eric A. Hibbard, CISSP, CISA Hitachi Data Systems

EMC Virtual Infrastructure for Microsoft Applications Data Center Solution

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Making Data Security The Foundation Of Your Virtualization Infrastructure

Rethinking Cyber Security for Industrial Control Systems (ICS)

PI Server Security Best Practice Guide Bryan Owen Cyber Security Manager OSIsoft

The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

Industrial Security for Process Automation

Parallels Virtuozzo Containers

Session 11 : (additional) Cloud Computing Advantages and Disadvantages

Are you prepared to be next? Invensys Cyber Security

Virtualized Domain Name System and IP Addressing Environments. White Paper September 2010

How To Protect Water Utilities From Cyber Attack

1518 Best Practices in Virtualization & Cloud Security with Symantec

Deep Dive on SimpliVity s OmniStack A Technical Whitepaper

EMC VPLEX FAMILY. Continuous Availability and data Mobility Within and Across Data Centers

Wonderware Industry Solutions for Facilities Management

Always On Infrastructure for Software as a Ser vice

Mitigating Information Security Risks of Virtualization Technologies

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

THE TOP 4 CONTROLS.

managing the risks of virtualization

Course Syllabus. Implementing and Managing Windows Server 2008 Hyper-V. Key Data. Audience. At Course Completion. Prerequisites

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

CYBER SECURITY Is your Industrial Control System prepared? Presenter: Warwick Black Security Architect SCADA & MES Schneider-Electric

Microsoft Services Premier Support. Security Services Catalogue

Transcription:

Erik Johansson, 091027, erik.z.johansson@se.abb.com Virtualization in Control Systems Possibilities and Challenges ABB Group October 19, 2009 Slide 1

Possibilities and Challenges The open debate of virtualization in control systems This presentation kick-starts the discussion by walking through pros and cons of virtualization in control systems as collected from various IT and SCADA related blogs and articles. It is a relatively new and hot topic, which is openly debated on the Internet. Some attention is paid to cyber security issues before diving into the reality of today, finishing off with a quick look in the magic crystal ball about the future. Possibilities what are the good things Challenges why it may be a bad thing Cyber Security more or less secure with VM What about reality where are we now What about the future where are we going

Why Virtualization? In a control system environment Lower number of physical servers Reduction of hardware maintenance and operational costs, significant for high-end SCADA/EMS environments with 50-100 servers. Fast recovery from disasters Snapshots and clones shrink-wraps operational systems for fast and easy recovery from any kind of software induced failure Simplified system deployment Virtual server templates facilitates system deployment by reduction of engineering efforts Excellent development and quality assurance Again, snapshots and clones greatly enhance productivity and quality assurance in in release and production life cycles Allows safe testing of security architectures Existing open source and show case VMs of security products and appliances ready for testing in you virtualized QA system What else?

Why Not Virtualization? In a control system environment Difficulties in finding origin of problem Vendors may be unwilling to support virtualized environments because of the fear of reported problems being related to the hypervisor of infrastructure rather than their applications. E.g. time synchronization Resilience (Availability) The risk of losing 4 online systems by losing one server is evident. Increased attack surface Although the surface of each guest remain the same, the hypervisor and infrastructure as such adds to the total. Potential problem with physical interfaces USB, RS-232 etc may pose problems. Such problems can often be solved by additional, external hardware. Performance Will a virtualized environment have the capacity to withstand a major disturbance in the process? What else?

Cyber Security Issues In a virtualized environment Shared resources may act as an attack platform (http://www.infoworld.com/d/security-central/virtualizations-secret-security-threats-159) "graphics cards and network cards today are really miniature computers that see everything in all the VMs. Mitigations are developed on chip-level High Assurance Platform (http://www.internetnews.com/ent-news/article.php/3696996) NSA are looking at using virtualization to solve the air-gap problem for personnel with multiple security clearances. Today, such personnel need to use separate workstations to access the information for each clearance level. The HAP is developed with security in focus Relaxed posture regarding security in VM infrastructures (http://www.networkworld.com/columnists/2009/012009antonopoulos.html) Almost 70% of all companies that have or are moving to virtualization do not plan to do anything regarding security in their virtualization infrastructures. All security is focused on the guests Real-life incidents may be needed to change this posture

Cyber Security Issues In a virtualized environment Hypervisor kernel less vulnerable (http://www.vmware.com/files/pdf/vi35_security_hardening_wp.pdf) Optimized hypervisor kernels are less susceptible to malware than regular general purpose operating systems. However, they are still not impervious to attacks Single hypervisor vulnerability If mission critical production systems are virtualized, redundancy and thereby availability may be inhibited if there is a single vulnerability in the hypervisor of choice that can be remotely exploited. Conclusion Similar to the pros and cons regarding virtualization, the technology is yet to new to understand if the introduction of virtualization actually help provide better security for control systems, or if it introduce serious security vulnerabilities There is a strong trend in securing control systems on host (guest) level at the moment. Introducing virtualization requires the same focus on hypervisor and infrastructure level! Perhaps even on chip-level as anticipated by NSA and AMD.

Reality of Yesterday Example of SCADA/EMS of 2000 Years Model (excl. process comm.) SCADA/EMS production connected to office network SCADA/EMS consist of dual SCADA/EMS, dual Historian, dual data acquisition front-ends, one engineering station and multiple workstations Single solution for backup/recovery Total number of hosts often less than 20 servers for three sites and 20-40 workstations

Reality of Today Example of SCADA/EMS of 2009 Years Model (excl. process comm.) New additions Security Zones Replicas Quality Assurance Configuration Mgt Security Mgt 50 100 Servers 25 50 PC:s

Reality of Today As seen from a vendor perspective Massive increase in number of servers in tenders since last year, mainly inspired from NERC-CIP (security and quality assurance) With the increase in number of servers, there are always discussions regarding virtualization. A couple of customers are considering virtualization of their existing production systems, possibly waiving parts of the support agreements. One contract includes virtualized quality assurance systems Two major tenders includes virtualized environments for development and quality assurance Vendors offering virtualized environment will also have to face to music. Warranty and support agreements must include the virtualized solutions. Readiness for such responsibilities are made by fully virtualized (to some extent including virtual security appliances) release acceptance environments in addition to physical ones. Currently, applications that interact with physical interfaces not natively supported by the VM are excluded, typically data acquisition hosts.

Real Life Experiences Internal Acceptance Tests conducted on virtualized systems Internal Acceptance Tests System verification and validation are conducted on virtualized systems, including virtual appliances, in addition to the physical environments. This facilitates better test coverage since multiple configurations can be tested for each release with significantly less deployment efforts. Penetration and vulnerability tests are conducted on virtual environments but are currently excluding the hypervisors and virtualization infrastructures Development merge verification and validation Virtual environments are used to verify and validate that development tracks are merged into the baseline correctly.

Real Life Experiences Miscellaneous applications of virtualized environments SCADA images produced for critical roles for development and test: SCADA/EMS/Historian application servers in one image Domain Controller, Engineering and HMI in another VMs produced for use in local workstations. Being replaced by centralized lab automation solution ESXi leverage excellent test and demo possibilities A $1000 PC can now run an almost full configuration with reasonable performance, making the virtualization technology very inexpensive and commonly available Introduction of lab automation system Excellent workbench for core configuration tests (dual SCADA, dual Historian, ICCP partners, Security Management etc) Multiple developers can test core configurations at the same time by checking out a specific build, conduct tests and then drop it. Checking out such a configuration is a matter minutes. A system of 5-6 hosts is up and running within five minutes. Unsuitable for testing components that interact with physical interfaces like data acquisition.

Real Life Experiences Lab automation as development and test platform, from beta tests Screenshot from lab automation configuration overview, showing system with dual SCADA/Historian servers and combined Domain Controller, Engineering and HMI

Real Life Experiences Lab automation as development and test platform Screenshot from lab automation configuration overview, showing system from a network perspective

Real Life Experiences Lab automation as development and test platform, console view

Real Life Experiences Lab automation as development and test platform, HMI console view

What awaits us in the future Regarding virtualization in control systems Personally, at the time of writing Virtualization will be the most common solution for non-critical systems, like development, test and quality assurance Production environments will be partly virtualized, but not fully. There will be security incidents where hypervisors are compromised New mitigation techniques and strategies will be developed to make hypervisors extremely difficult to compromise Overall quality of control system over the full life-cycle will increase Stratos Technologies thinks: ( http://www.stratus.com/whitep/documents/server-virtualization-in-manufacturing.pdf) True utility computing enables resource sharing and dynamic resource allocation based on user-specified criteria, such as time of day and incremental capacity needs.

What awaits us in the future Regarding virtualization in control systems Stratos Technologies thinks (contd.): ( http://www.stratus.com/whitep/documents/server-virtualization-in-manufacturing.pdf) Utility computing is the focus Simpler deployment, use will make benefits more broadly accessible Management and monitoring come of age Self-management Policy making can be automated What does that mean exactly? Virtualization standards will increase ease of deployment, reduce risk Single point of failure at virtualization layer is overcome by deploying in a fault-tolerant environment Robust fault-tolerant hardware eliminates single points of failure on the virtualization server platform Finally; what do you think?

ABB Group October 19, 2009 Slide 18

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information