Symphony Plus Cyber security for the power and water industries



Similar documents
Document ID. Cyber security for substation automation products and systems

i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors

Cyber security measures in protection and control IEDs

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

How To Secure Your System From Cyber Attacks

GE Measurement & Control. Cyber Security for NEI 08-09

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Decrease your HMI/SCADA risk

Protecting productivity with Plant Security Services

SCADA Compliance Tools For NERC-CIP. The Right Tools for Bringing Your Organization in Line with the Latest Standards

Network Access Control ProCurve and Microsoft NAP Integration

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

FIREWALL CHECKLIST. Pre Audit Checklist. 2. Obtain the Internet Policy, Standards, and Procedures relevant to the firewall review.

LogRhythm and NERC CIP Compliance

ABB s approach concerning IS Security for Automation Systems

Approved 12/14/11. FIREWALL POLICY INTERNAL USE ONLY Page 2


INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Cyber Security focus in ABB: a Key issue. 03 Luglio 2014, Roma 1 Conferenza Nazionale Cyber Security Marco Biancardi, ABB SpA, Power System Division

Cisco Advanced Services for Network Security

How To Achieve Pca Compliance With Redhat Enterprise Linux

Achieving PCI-Compliance through Cyberoam

A Systems Approach to HVAC Contractor Security

IndustrialIT System 800xA Engineering

Industrial Security for Process Automation

The rocky relationship between safety and security

Security all around. Industrial security for your plant at all levels. siemens.com/industrialsecurity. Answers for industry.

BSM for IT Governance, Risk and Compliance: NERC CIP

Dr. György Kálmán

Ovation Security Center Data Sheet

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

Assuria can help protectively monitor firewalls for PCI compliance. Assuria can also check the configurations of personal firewalls on host devices

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Alcatel-Lucent Services

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

QRadar SIEM 6.3 Datasheet

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

Industrial Cyber Security. Complete Solutions to Protect Availability, Safety and Reliability of Industrial Facilities

INFORMATION TECHNOLOGY ENGINEER V

800xA Smart Client Frequently Asked Questions

IT Security and OT Security. Understanding the Challenges

ICANWK406A Install, configure and test network security

Clavister InSight TM. Protecting Values

Automation Suite for. 201 CMR Compliance

Ovation Security Center Data Sheet

GE Oil & Gas. Cyber Security for NERC CIP Versions 5 & 6 Compliance

Security in the smart grid

Windows Least Privilege Management and Beyond

CG Automation Solutions USA

The Protection Mission a constant endeavor

Information Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus

CHIS, Inc. Privacy General Guidelines

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

PCI Requirements Coverage Summary Table

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

Sygate Secure Enterprise and Alcatel

RuggedCom Solutions for

Cyber Security for NERC CIP Version 5 Compliance

Cyber Security From product to system solution

GE Measurement & Control. Cyber Security for Industrial Controls

Device Lifecycle Management

Verve Security Center

System 800xA Networks Control. Monitor. Communicate.

Developing the Corporate Security Architecture. Alex Woda July 22, 2009

CIP- 005 R2: Understanding the Security Requirements for Secure Remote Access to the Bulk Energy System

ABB Automation Days, Madrid, May 25 th and 26 th, Patrik Boo What do you need to know about cyber security?

White Paper. Wireless FF HSE connection successfully setup at Shell Test Lab. Summary. Overview

The self-defending network a resilient network. By Steen Pedersen Ementor, Denmark

GFI White Paper PCI-DSS compliance and GFI Software products

PCI Requirements Coverage Summary Table

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

March

Industrial Security Solutions

Basics of Internet Security

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

KASEYA CLOUD SOLUTION CATALOG 2016 Q1. UPDATED & EFFECTIVE AS OF: February 1, Kaseya Catalog Kaseya Copyright All rights reserved.

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Supplier Information Security Addendum for GE Restricted Data

Computer System Security Updates

FDA 21 CFR Part 11 Electronic records and signatures solutions for the Life Sciences Industry

SCADA SYSTEMS AND SECURITY WHITEPAPER

Technical Proposition. Security

This is a preview - click here to buy the full publication

Information Technology Branch Access Control Technical Standard

Directory and File Transfer Services. Chapter 7

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

SCADA/Business Network Separation: Securing an Integrated SCADA System

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

Did you know your security solution can help with PCI compliance too?

Introduction to Cyber Security / Information Security

ISACA rudens konference

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

Transcription:

Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15

Symphony Plus Cyber security for the power and water industries 2 Symphony Plus Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 2 01/10/12 10:15

ABB addresses cyber security in every respect Industrial automation and control systems have evolved significantly over the past decade thanks to many technological advancements and breakthroughs. At the heart of these advancements are specialized IT systems. To provide end users with comprehensive real-time information and allow for higher levels of reliability and control, these systems have become more and more interconnected. The new generation of automation systems utilizes open standards such as OPC, PROFINET, IEC 60870-5-104, DNP 3.0, IEC 61850 and commercial technologies, in particular Ethernet and TCP/IP-based communication protocols. They also enable connectivity to external networks, such as office intranet and the Internet. These changes in technology have brought huge benefits from an operational perspective, but they have also introduced cyber security concerns previously known only in office or enterprise IT systems. Cyber security risks were inherited by adopting open IT standards, but fortunately so were the cyber security mechanisms that were developed in a large number of enterprise environments to address those risks. These mechanisms enable the design and development of cyber security solutions that are specifically for industrial automation and control systems, and which utilize proven technology. ABB fully understands the importance of cyber security, and its responsibility to advance the security of control systems used by the power and water industries. ABB customers can rely on system solutions where reliability and security have the highest priority. Systematic approach to ensure cyber security Over the past few years, the global power and water industries have steadily increased their focus on cyber security for industrial automation and control systems. As a result, many different drivers and trends have emerged. ABB has identified cyber security as a key requirement and is committed to providing customers with products, systems and services that clearly address this issue. ABB takes a systematic approach to cyber security through its operations on a global level. For instance, ABB has established the Power Systems Security Council to keep track of the global needs and requirements of cyber security. The mandate of the council is to ensure that products and solutions used in power systems meet the expectations of customers. Besides continuously adapting security requirements to keep up with changing demands, the security council drives proactive R&D efforts to support future trends, and ensures fast and efficient security improvements. ABB also recognizes the importance of cyber security standards, and is an active member and driver of various industry initiatives, including active involvement in ISA, IEEE and IEC. Symphony Plus 3 Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 3 01/10/12 10:15

Symphony Plus Cyber security for the power and water industries Standard NERC CIP ISA S99/IEC 62443 IEC 62351 NIST SGIP-CSWG IEEE PSRC/H13& SUB/C10 IEEE 1686 Main focus Cyber security regulation for North American power utilities Industrial automation and control system security Data and communications security Smart Grid Interoperability Panel - Cyber Security Working Group Cyber security requirements for substation automation, protection and control systems IEEE standard for substation intelligent electronic devices (IEDs) cyber security capabilities Cyber security initiatives driven or supported by ABB Cyber security is embedded in ABB products Cyber security is embedded in ABB s product life cycle, and is an integral part of our industrial automation and control solutions. This means that cyber security is addressed at each stage of our product portfolio life cycle, from design and development to maintenance. Threat modeling and security design reviews, security training of software developers, and in-house and external security testing are examples of the numerous actions ABB is taking to ensure reliable and secure solutions for its customers. Individual user accounts and detailed security event logs are just two instances of built-in security features available in our products. ABB s industrial automation and control systems are available with firewalls, hardening and pre-defined antivirus software. System deliveries follow our strict guidelines on the handling of cyber security. Cyber security without compromise Evolving technologies like Ethernet and industry-specific standards such as OPC, PROFINET and IEC 61850 are enablers for information exchange that support higher system reliability. Additionally, it is important to safeguard interoperability, which allows information exchange between different vendors compliant products and systems. Ensuring reliability and interoperability are two of the main goals when designing and engineering industrial automation and control systems. Supporting availability, reliability and interoperability, while at the same time addressing cyber security, is a challenging task. ABB is committed to providing its customers with solutions that address all these aspects without compromise. Cyber security addressed throughout the system life cycle ABB provides products and solutions that enable end users to fulfill the requirements of cyber security standards such as NERC CIP. We view cyber security not only as a single, onetime activity, but as an integrated part of different phases of the product and system life cycle, as well as of the processes that support the products and systems in operation both now and in the future. Among the key elements of these processes are our security patch test center and our independent robustness test center, where all our products are tested using current state-of-the-art security testing tools. 4 Cyber security for the power and water industries Symphony Plus Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 4 01/10/12 10:15

A centralized security testing process applying up-to-date and rigorous test procedures guarantees a common and best practice approach. The test centers conduct regular regression tests on ABB products and systems to ensure a high level of robustness against cyber security attacks. The key requirements that need to be covered by a secure industrial automation and control system are: Availability Integrity Avoid denial of service Avoid unauthorized modification ABB is also constantly extending and improving securityrelated organizational processes such as those handling vulnerability. The proper and timely handling of software vulnerability is an important factor in helping our customers to minimize their risk exposure to cyber security threats. Confidentiality Authentication Authorization Auditability Avoid disclosure Avoid spoofing/forgery Avoid unauthorized usage Avoid hiding of attacks Cyber security on the client/server level Interactions between industrial automation and control systems, corporate networks and the outside world are usually handled on the client/server level, which means that ensuring a high level of security on this level is vital. ABB therefore uses best-in-class firewalls, intrusion detection or prevention systems, or virtual private network (VPN) technology. Additionally, ABB has built security mechanisms such as advanced account management and detailed security audit trails into its products. Systems can be divided into multiple security zones to further improve security. ABB s system security approach is completed by robust control and field level devices supporting many security features. Cyber security features in Symphony TM Plus ABB is addressing all of these requirements, both on a system and on a product level. All communication from the outside world to an industrial automation and control system can, for instance, be protected by using a firewall and/or VPN-enabled communication. Verified antivirus software is supported to protect the system s computers from attacks and viruses. Additionally, the system architecture can be designed using different security zones. Cyber security can be further improved by limiting the use of removable media in the system s computers. Symphony Plus Cyber security for the power and water industries 5 Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 5 01/10/12 10:15

ABB s Symphony Plus has been designed with cyber security in mind and to provide state-of-the-art functionality in this respect. This allows our customers to easily address NERC CIP requirements and maintain compliance according to these standards and beyond. All this can be done in an easy way using the security administration function in Symphony Plus Engineering Workbench. Overview of security features: User authentication Role-based access control Event logging/audit trails Backup/Restore Hardened hosts Host firewall configuration Antivirus Network zones Security patch validation Optionally: Patch management Virus pattern management Host intrusion detection Host intrusion prevention Network intrusion detection Compliance management Users and user roles The Symphony Plus security model is based on IEC 62351-8. This allows for smooth integration with electrical systems and the smart grid. It supports the definition of rights and the roles for a user or user groups in the Symphony Plus system with definable granularity. Authorization Security controls a user s authority to perform different operations on TAGs in accordance with several parameters: The user s credentials, as provided by the lightweight directory access protocol (LDAP) server The node where the user is logged in. This makes it possible to give a user a different authority according to location, eg, close to the process equipment or in a control room The operation the user wants to perform Access control Basic access to the system is controlled by the user s credentials entered during logon or log-over. Restrictions may be placed on factors such as password length, complexity, age and reuse. Log-over The log-over function enables a fast and temporary switch between users in a running workplace. For example, if an operation requires a right not held by an operator, another user (such as a supervisor) who holds the required right can logover to perform that operation. The log-over changes the rights and user roles but keeps an open view on the process by retaining the workplace and its present contents, supporting automatic revert to the previous user. 6 Cyber security for the power and water industries Symphony Plus Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 6 01/10/12 10:15

Configuration change management Symphony Plus supports configuration change management by defining each version area with three states of configuration data: design, release and running. These states can be archived and easily compared for differences. In addition, Symphony Plus maintains all used software and its versions for easy update management and comparison. Audit trail As required by regulations, Symphony Plus maintains an audit trail of changes made to process settings as well as configuration changes. In addition, all system and security events are collected in the Symphony Plus event management system. Archive The archive function of information management history services supports the permanent offl ine storage of historical data collected in property, message and report logs, as well as the operator workplace alarm and event message buffer, including audit trail messages. The archiving mechanism copies the contents of selected logs to a designated archive media. System monitoring and diagnostics Symphony Plus provides comprehensive diagnostic functions for determining the health of the process and control system. System status can also be displayed in the context of topology diagrams. This includes the status of the system infrastructure eg, controllers, I/O modules, switches, routers and firewalls. All events from these devices are collected, and alarms can be generated in the event of problems. System hardening System hardening can be deployed centrally from the administration console. This includes OS hardening, application hardening, host firewall configuration, and antivirus. It applies to servers, workstations and supported network equipment. Disaster recovery Numerous features of Symphony Plus assist in the recovery of a system failure. Total and selective backup and restores are possible through the system administration features. System nodes can be replaced easily by deploying all original software and configuration data in the new replacement node. Thirdparty software such as Acronis can be employed to restore a server- or workstation-based failure to a state in which a software and configuration deployment can be performed. Network equipment, such as routers and switches, can be backed up and loaded from the system s administration console. Patch and service pack management ABB evaluates security updates from third-party software such as Microsoft, McAfee and Adobe with respect to relevance to, and compatibility with, Symphony Plus. All relevant updates are validated. The goal is to communicate the validation plan for relevant updates within 24 hours of a security update release, and to communicate validation results for updates within seven days of release. Symphony Plus Cyber security for the power and water industries 7 Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 7 01/10/12 10:15

Contact us ABB Inc. Power Generation Wickliffe, Ohio, USA Phone: +1 440 585 3087 Email: powergeneration@us.abb.com ABB AG Power Generation Mannheim, Germany Phone: +49 621 381 3000 Email: powergeneration@de.abb.com ABB Pte. Ltd. Power Generation Singapore Phone: +65 6776 5711 Email: powergeneration@sg.abb.com Copyright 2012 ABB All rights reserved. Specifications subject to change without notice. Pictures, schematics, and other graphics contained herein are published for illustration purposes only and do not represent product configurations or functionality. User documentation accompanying the product is the exclusive source for functionality descriptions. Symphony is a registered or pending trademark of ABB S.p.A. 3BUS095402 EN US Letter Power Generation 1012 www.abb.com/powergeneration Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 8 01/10/12 10:15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information