SlideShare uma empresa Scribd logo

Securing SCADA

J
Jeffrey Wang , P.Eng

The importance of SCADA security.

Engenharia
1 de 22
Baixar para ler offline
3/10/2016 1 SCADA Security Challenges & Strategies Jeffrey Wang, P. Eng. 2016, Oshawa Acronym ICS: Industrial Control System DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition PLC: Programmable Logic Controller RTU: Remote Terminal Unit HMI: Human Machine Interface TCP/IP: Transmission Control Protocol/Internet Protocol IDS: Intrusion Detection System COTS: Commercial off-the-shelf ACL: Access Control List DMZ: Demilitarized Zone WAN: Wide Area Network LAN: Local Area Network Page 2 Securing SCADA prepared by Jeffrey Wang
3/10/2016 2 Content Overview Cyber Threats and Vulnerabilities Security Challenges Mitigation Strategies References Page 3 Securing SCADA prepared by Jeffrey Wang Overview SCADA system Overview SCADA System Components SCADA System Functionality Page 4 Securing SCADA prepared by Jeffrey Wang
3/10/2016 3 SCADA System - Overview SCADA is an acronym for Supervisory Control and Data Acquisition. SCADA is an Industrial control system (ICS). Page 5 Securing SCADA prepared by Jeffrey Wang SCADA System - Components Typically SCADA system include the following components: RTU (Remote Terminal Unit) PLC (Programmable Logic Controller) HMI (Human Machine Interface) Field devices (Actuators and Sensors) WAN(Wide Area Network): Wireless/RF communication devices LAN (Local Area Network): Router and Switches Centralized Server Database Server (Data Historian) Page 6 Securing SCADA prepared by Jeffrey Wang
3/10/2016 4 SCADA System - Functionality Major functions of SCADA system including: Field devices control via local or remote working mode Collect field data and transmit to central control server via WAN network Monitor processing and/or control field devices via HMI Manage database for tracking and management analysis Page 7 Securing SCADA prepared by Jeffrey Wang SCADA System - Critical infrastructure SCADA systems are critical national infrastructures Canadian Critical infrastructure within the 10 sectors listed below: • Energy and utilities • Finance • Food • Transportation • Government • Information and communication technology • Health • Water • Safety • Manufacturing Page 8 Securing SCADA prepared by Jeffrey Wang
3/10/2016 5 SCADA System - Tasks SCADA system simply performs four tasks: Data Acquisition Data Communication Data Monitor and Control Data Historian Page 9 Securing SCADA prepared by Jeffrey Wang Data Communication Data Acquisition Data Monitor & Control Why securing SCADA system ? Why? IP-based technologies Internet of Thing (IoT) Cloud computing Mobile computing Threats growing (Cyber threats source refers to From Homeland Security ICS-CERT) Hostile governments Terrorist groups Disgruntled employees Malicious intruders. GAO Threat Table (Source: GAO-Government Accountability Office) Vulnerabilities increasing Alerts (From ICS-CERT for control system/Government /Home & Business) Alerts provide timely notification to critical infrastructure owners and operators concerning threats to critical infrastructure networks. Be proactive for potential cyber- attack to SCADA system Page 10 Securing SCADA prepared by Jeffrey Wang
3/10/2016 6 Vulnerabilities Physical Vulnerabilities Cyber Vulnerabilities Page 11 Securing SCADA prepared by Jeffrey Wang Vulnerabilities –ICS-CERT Alerts Industrial Control Systems Cyber Emergency Response Team(ICS-CERT ) Publish cyber security alerts to three categories: • Control System Users • Government Users • Home and Business Examples: ICS-ALERT-15-225-02A : Rockwell Automation 1766-L32 Series Vulnerability (Update A) ICS-ALERT-11-204-01B : Siemens S7-300_S7-400 Hardcoded Credentials (Update B) ICS-ALERT-12-097-02A : 3S CoDeSys Improper Access Control (Update A) ICS-ALERT-11-256-06 : Beckhoff TwinCAT Vulnerability ICS-ALERT-12-020-07A : WAGO IO 750 Vulnerabilities (Update A) ICS-ALERT-12-136-01 : Wonderware SuiteLink Unallocated Unicode String ICS-ALERT-12-020-02A : Rockwell Automation ControlLogix PLC Vulnerabilities (Update A) ICS-ALERT-11-332-02A : Siemens SIMATIC WinCC Flexible (Update A) ICS-ALERT-11-256-05A : Rockwell Automation RSLogix Overflow Vulnerability (UPDATE A) Source: ICS-CERT Alerts: https://ics-cert.us-cert.gov/alerts Page 12 Securing SCADA prepared by Jeffrey Wang
3/10/2016 7 Physical Vulnerabilities Common Physical Vulnerabilities: Inadequate policies, procedures, and culture governing control system security Inadequately designed networks with insufficient defense-in-depth Remote access without appropriate access control Separate auditable administration mechanisms Inadequately secured wireless communication Use of a non-dedicated communications channel for command and control Lack of easy tools to detect/report anomalous activity Installation of inappropriate applications on critical host computers Inadequately scrutinized control system software Unauthenticated command and control data. Page 13 Securing SCADA prepared by Jeffrey Wang Cyber Vulnerabilities Common Cyber Vulnerabilities including: Operating System Vulnerabilities Interconnections Open Source / Public Information Authentication Remote access Monitoring and Defenses Wireless access SCADA/SQL/PLC Software Page 14 Securing SCADA prepared by Jeffrey Wang
3/10/2016 8 Cyber Vulnerabilities Cyber Vulnerabilities in details: Un-patched published vulnerabilities Web-based HMI vulnerabilities Improper authentication Improper access control (authorization) Buffer overflow in SCADA services SCADA data and command message manipulation and injection SQL injection insecure protocols unprotected transport of SCADA application credentials Standard IT protocols with pain-text authentication Page 15 Securing SCADA prepared by Jeffrey Wang Vulnerabilities – Allen-Bradly/Rockwell PLC Web-based access with default user ID and password AB SLC505 AB Micrologix PLC AB CompactLogix Page 16 Securing SCADA prepared by Jeffrey Wang
3/10/2016 9 Vulnerabilities – Unprotected Authentication MicroLogix 1400, It is easy to access with administrator and default password Page 17 Securing SCADA prepared by Jeffrey Wang Vulnerabilities – Access with Default ID & Password Intruder can change access permission once granted access control. Default IDs( administrator, and default passwords Page 18 Securing SCADA prepared by Jeffrey Wang
3/10/2016 10 Vulnerabilities – Supervisory Control Supervisory control: Write/Read memory block or disable the device Page 19 Securing SCADA prepared by Jeffrey Wang Cyber Attack - STUXNET STUXNET: the most famous cyber attack by United States and Israel. STUXNET worm was at first identified by a Belarus company VirusBlokAda in mid- June 2010. Physical Impact: Sabotaging 1000 centrifuges at Iran’s Natanz nuclear plant Stuxnet worm – now every hacker in the world knows about PLCs, HMIs and the opportunities to attack them. The Windows operating system Siemens SIMATIC Step 7 and WinCC Siemens S7 – 300/400 PLCs S7-315-2/S7-417 USB flash memory Zero-Day via Windows OS DB memory block in PLC Page 20 Securing SCADA prepared by Jeffrey Wang
3/10/2016 11 Cyber Attack - Insider Insider hacks into sewage treatment plant Queensland, Australia (2000) Disgruntled employee Vitek Boden hacks into sewage system via WiFi from the company’s Parking lot and releases over a million liters of raw sewage into the coastal waters. Physical Impact” Intruder controlled about 150 pump stations near three months Released about 1 million litre of raw sewage into nearby rivers and parks. Tools: Laptop, radio and wireless access Page 21 Securing SCADA prepared by Jeffrey Wang Security Challenges Page 23 Securing SCADA prepared by Jeffrey Wang
3/10/2016 12 SCADA Security Challenges Vulnerable operating system (OS) and applications in SCADA system are from commercial off-the –shelf (COTS) including Linux, Mac OS, Windows and embedded PLC OS (VxWorks); Most industrial control network connected to corporation network with Internet access. Especially IP-based technologies. Such as Wireless, IoT (Internet of Things), Cloud computing, Mobile computing and smart metering; Unsecure legacy system and devices are still widely used in SCADA system. No updated firmware available , no patching. They are transparent to control professional; Open source communication protocols (Modbus, DNP3, IEC 61850,Ethernet/IP) were not designed with security in mind and lack basic authorization features; There are numerous unpatched and unpatchable systems; Lack of remote access authentication, weak or default password; Lack of physical security protection . Page 23 Securing SCADA prepared by Jeffrey Wang Security Standards • Security Standards • Cyber Security Objective Page 25 Securing SCADA prepared by Jeffrey Wang
3/10/2016 13 Industrial Control System Security Standards Good News! There are many security standards…. NIST SP-800-82 : Guide to Industrial Control Systems Security National Institute of Standards and Technology(NIST) ISA/IEC-62443 (formal ANSI/ISA99) : Security for Industrial Automation and Control Systems Security The International Society of Automation (ISA) The International Electrotechnical Commission(IEC) NERC CIP- 006 : Physical Security of Critical Cyber Assets North American Reliability Corporation(NERC) Critical Infrastructure Protection(CIP) TR12-002 : Industrial Control System (ICS) Cyber Security: Recommended Best Practices (combined with NIST and ISA99 standards) • Canadian Cyber Incident Response Centre (CCIRC) Page 25 Securing SCADA prepared by Jeffrey Wang Cyber Security Objective- I.T. Security Perspective Three fundamental goals per NIST SP800-82 standard Confidentiality Any important information you have — such as employee, client or financial records — should be kept confidential. This information should only be accessed by people (or systems) that you have given permission to do so. Integrity You need to make sure to maintain the integrity of this information and other assets (such as software) in order to keep everything complete, intact and uncorrupted. Availability You should maintain the availability of systems (such as networks), services and information when required by the business or its clients. Page 26 Securing SCADA prepared by Jeffrey Wang
3/10/2016 14 Cyber Security Objective- SCADA Security Perspective Availability Confidentiality Integrity Page 27 Securing SCADA prepared by Jeffrey Wang Integrity Confidentiality Availability Mitigation Strategies Physical Assets Security Cyber Security Page 28 Securing SCADA prepared by Jeffrey Wang Cyber Security Standards Physical Security
3/10/2016 15 Mitigation Strategies - Recommendations My recommendation: Physical Assets Security NERC CIP-006 standard is intended to ensure the implementation of a physical security program for the protection of Critical Cyber Assets Cyber Security NIST SP800-82 standard is cybersecurity guidance for Industrial Control Systems (ICS) Security ISA/IEC-62443 (ISA99) standard Canadian Cyber Incident Response Centre(CCIRC) TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended Best Practices Page 29 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Risk Assessment Sources of threats External Internal Accidental Vulnerabilities Risks = Threats x Vulnerabilities x Impact Page 30 Securing SCADA prepared by Jeffrey Wang
3/10/2016 16 Physical Assets Security Page 32 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - NERC CIP Standards NERC CIP standards Include 9 standards and 45 requirements: CIP-002-1: Critical Cyber Asset Identification CIP-003-1: Security Management Controls CIP-004-1: Personnel and Training CIP-005-1: Electronic Security Perimeters CIP-006-1: Physical Security of Critical Cyber Assets CIP-007-1: Systems Security Management CIP-008-1: Incident Reporting and Response Planning CIP-009-1: Recovery Plans for Critical Cyber Assets NERC: North American Electric Reliability Corporation CIP: Critical Infrastructure Protection Page 32 Securing SCADA prepared by Jeffrey Wang
3/10/2016 17 Mitigation Strategies - Physical Protection Guideline Physical Access Controls The Responsible Entity shall document and implement the operational and procedural controls to manage physical access at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Monitoring Physical Access The Responsible Entity shall document and implement the technical and procedural controls for monitoring physical access at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Unauthorized access attempts shall be reviewed immediately and handled in accordance with the procedures specified in Requirement CIP-008. Logging Physical Access • Logging shall record sufficient information to uniquely identify individuals and the time of access twenty-four hours a day, seven days a week. The Responsible Entity shall implement and document the technical and procedural mechanisms for logging physical entry at all access points to the Physical Security Perimeter(s). Page 33 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Physical Security Physical Security Purpose: To assist you detect and identify threats and restrict access to sensitive area (server room and important field equipment) Detect Be alerted to unauthorized entries or attempts Be alerted to mechanical/electrical failures Be alerted to remote site entry requests Identify Remotely view facility, people, equipment View recorded information and events Restrict and allow entry to facility Create physical facility access logs Prosecute offenders Restrict Keep the bad guys out Page 34 Securing SCADA prepared by Jeffrey Wang
3/10/2016 18 Cyber Security Mitigation Strategies - NIST SP 800-82 Standards NIST SP 800-82 : Guide to Industrial Control Systems Security Provide guidance for establishing secure ICS, including implementation guidance for SP 800-53 controls Content Overview of ICS ICS Characteristics, Threats and Vulnerabilities ICS Security Program Development and Deployment Network Architecture ICS Security Controls Appendixes Current Activities in Industrial Control Systems Security Emerging Security Capabilities NIST: National Institute of Standards and Technology SP: Special Publication Page 36 Securing SCADA prepared by Jeffrey Wang
3/10/2016 19 Mitigation Strategies - Cyber Security Objective Restricting logical access to the SCADA network and network activity This includes using a demilitarized zone (DMZ) network architecture with firewalls to prevent network traffic from passing directly between the corporate and SCADA networks, and having separate authentication mechanisms and credentials for users of the corporate and SCADA networks. The ICS should also use a network topology that has multiple layers, with the most critical communications occurring in the most secure and reliable layer. Restricting physical access to the SCADA network and devices Unauthorized physical access to components could cause serious disruption of the SCADA’s functionality. A combination of physical access controls should be used, such as locks, card readers, and/or guards. Page 37 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Cyber Security Objective Protecting individual SCADA components from exploitation This includes deploying security patches in as expeditious a manner as possible, after testing them under field conditions; disabling all unused ports and services; restricting SCADA user privileges to only those that are required for each person’s role; tracking and monitoring audit trails; and using security controls such as antivirus software and file integrity checking software where technically feasible to prevent, deter, detect, and mitigate malware. Maintaining functionality during adverse conditions This involves designing the SCADA so that each critical component has a redundant counterpart. Additionally, if a component fails, it should fail in a manner that does not generate unnecessary traffic on the SCADA or other networks, or does not cause another problem elsewhere, such as a cascading event. Page 38 Securing SCADA prepared by Jeffrey Wang
3/10/2016 20 Mitigation Strategies – ANSI/ISA99 Standard Module 1: Defining Industrial Cybersecurity Covers the concepts of physical, operational, and electronic security; and defines Cybersecurity as it relates to industrial automation and control systems Module 2: Risk Assessment Covers the concept of risk and how safety plays a part in assessing possible consequences from a cyberattack Module 3: Threats and Vulnerabilities Covers "social engineering" and how outsiders gather information to enable attacks and to physically enter your secured areas Module 4: Security Policies, Programs, and Procedures Covers the creation and deployment of policies, standards, and procedures and how they are a critical aspect of a security program Page 39 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies – ANSI/ISA99 Standard Module 5: Understanding TCP/IP, Hackers, and Malware Covers the basics of the IP networking architecture and how computers are addressed and how IP delivers information to computers and TCP/UDP to complete the delivery to specified applications using port numbers Module 6: Technical Countermeasures Covers the technical countermeasures and technology that can be employed to protect your systems, detect and remove malware, and block hacking attempts; and explains the technologies such as firewalls, proxy servers, VPN, and VLAN and how they relate to industrial automation systems Module 7: Architectural & Operational Strategies Covers ways to segment and isolate your process automation systems in order to increase their reliability and Cyber security Page 40 Securing SCADA prepared by Jeffrey Wang
3/10/2016 21 Mitigation Strategies -TR12-002 Recommendation TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended Best Practices, by Canadian Cyber Incident Response Centre 1. Network Segmentation 2. Remote Access 3. Wireless Communications 4. Patch Management 5. Access Policies and Controls 6. Secure the Host (System Hardening) 7. Intrusion Detection 8. Physical and Environmental Security 9. Malware Protection and Detection 10. Awareness 11. Periodic Assessments and Audits 12. Change Control and Configuration Management 13. Incident Planning and Response Page 41 Securing SCADA prepared by Jeffrey Wang Useful software Solarwinds Inc. URL: http://www.solarwinds.com/ Develops enterprise information technology (IT) infrastructure management software for IT professionals. Kaspersky - URL: http://www.kaspersky.com Kaspersky Lab is an international software security group operating in almost 200 countries and territories worldwide. Bitdefender- URL: http://www.bitdefender.com Bitdefender products feature anti-virus and anti-spyware capabilities against internet security threats such as viruses, Trojans, rootkits, rogues, aggressive adware, spam and others. McAFee - URL: http://www.mcafee.com Intel Security Group (previously McAfee, Inc.) is an American global computer security software Symantec - URL: Http://www.symantec.com Security, Antivirus and Backup Solutions provider Page 42 Securing SCADA prepared by Jeffrey Wang
3/10/2016 22 References NIST SP-800-82 Guide to Industrial Control Systems Security http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf ICS-CERT, ICS-TIP-12-146-01A—Targeted Cyber Intrusion Detection and Mitigation Strategies http://www.us-cert.gov/control_systems/pdf/ICS-TIP-12-146-01A.pdf CCIRC, TR11-002 Mitigation Guidelines for Advanced Persistent Threats http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2011/tr11-002-eng.aspx ICS-CERT, Incident Response Summary Report 2009 – 2011 http://www.us-cert.gov/control_systems/pdf/ICS- CERT_Incident_Response_Summary_Report_09_11.pdf US-CERT, Control Systems Security Program (CSSP) http://www.us-cert.gov/control_systems/ US-CERT, Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies http://www.us-cert.gov/control_systems/practices/documents/Defense_in_Depth_Oct09.pdf CPNI, CPNI Viewpoint: Securing the move to IP-based SCADA/PLC networks http://www.cpni.gov.uk/Documents/Publications/2011/2011034-scada- securing_the_move_to_ipbased_scada_plc_networks_gpg.pdf International Society of Automation (ISA), ISA99, Industrial Automation and Control Systems Security http://www.isa.org/MSTemplate.cfm?MicrositeID=988&CommitteeID=6821 Page 43 Securing SCADA prepared by Jeffrey Wang THANK YOU Page 44 Securing SCADA prepared by Jeffrey Wang

Recomendados

Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 

Recomendados

Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...Eran Goldstein
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended Larry Vandenaweele
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2David Spinks
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMarina Krotofil
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsCommunity Protection Forum
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009Narinrit Prem-apiwathanokul
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Scada security
Scada securityScada security
Scada securitysommerville-videos
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
CIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCloudIDSummit
 
Mnescot controls monitoring
Mnescot controls monitoringMnescot controls monitoring
Mnescot controls monitoringmnescot
 

Mais conteúdo relacionado

Mais procurados

Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended Larry Vandenaweele
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security WebinarAVEVA
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMarina Krotofil
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 

Mais procurados (20)

Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
 
SCADA Security Webinar
SCADA Security WebinarSCADA Security Webinar
SCADA Security Webinar
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
 
Mission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control SystemsMission Impact Assessment for Industrial Control Systems
Mission Impact Assessment for Industrial Control Systems
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Scada security
Scada securityScada security
Scada security
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS Communications
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 

Destaque

CIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCloudIDSummit
 
Mnescot controls monitoring
Mnescot controls monitoringMnescot controls monitoring
Mnescot controls monitoringmnescot
 
Physical and logical access controls - A pre-requsite for Internal Controls
Physical and logical access controls - A pre-requsite for Internal ControlsPhysical and logical access controls - A pre-requsite for Internal Controls
Physical and logical access controls - A pre-requsite for Internal ControlsBharath Rao
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA
 
Intro To Access Controls
Intro To Access ControlsIntro To Access Controls
Intro To Access ControlsHari Pudipeddi
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aJames W. De Rienzo
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Controljwpiccininni
 
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804James W. De Rienzo
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 

Destaque (9)

CIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control ConvergenceCIS14: Physical and Logical Access Control Convergence
CIS14: Physical and Logical Access Control Convergence
 
Mnescot controls monitoring
Mnescot controls monitoringMnescot controls monitoring
Mnescot controls monitoring
 
Physical and logical access controls - A pre-requsite for Internal Controls
Physical and logical access controls - A pre-requsite for Internal ControlsPhysical and logical access controls - A pre-requsite for Internal Controls
Physical and logical access controls - A pre-requsite for Internal Controls
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
 
Intro To Access Controls
Intro To Access ControlsIntro To Access Controls
Intro To Access Controls
 
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6aCritical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
 
Physical/Network Access Control
Physical/Network Access ControlPhysical/Network Access Control
Physical/Network Access Control
 
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
(4) NIST SP 800-53 Revision 4 (security control enhancements omitted) 20140804
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 

Semelhante a Securing SCADA

Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Networks
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesNir Cohen
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...TI Safe
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Shakeel Ali
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014iotisrael
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIntel® Software
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system운상 조
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin RodillasTI Safe
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...TI Safe
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks
 
How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsBen Rothke
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 

Semelhante a Securing SCADA (20)

Iot cyber security
Iot cyber securityIot cyber security
Iot cyber security
 
Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18Nozomi Fortinet Accelerate18
Nozomi Fortinet Accelerate18
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
 
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014
 
IoT Security Challenges and Solutions
IoT Security Challenges and SolutionsIoT Security Challenges and Solutions
IoT Security Challenges and Solutions
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
Veena kakati
Veena kakatiVeena kakati
Veena kakati
 
David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016David Blanco ISHM 8280-2016
David Blanco ISHM 8280-2016
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Nozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company IntroductionNozomi Networks Q1_2018 Company Introduction
Nozomi Networks Q1_2018 Company Introduction
 
How PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applicationsHow PCI And PA DSS will change enterprise applications
How PCI And PA DSS will change enterprise applications
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 

Último

Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxsiddharthjain2303
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communicationpanditadesh123
 
home automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadhome automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadaditya806802
 
Engineering Drawing section of solid
Engineering Drawing section of solidEngineering Drawing section of solid
Engineering Drawing section of solidnamansinghjarodiya
 
Katarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School CourseKatarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School Coursebim.edu.pl
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdfCaalaaAbdulkerim
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleAlluxio, Inc.
 
"Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ..."Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ...Erbil Polytechnic University
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectErbil Polytechnic University
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfAsst.prof M.Gokilavani
 
Crystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxCrystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxachiever3003
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdfHafizMudaserAhmad
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating SystemRashmi Bhat
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 

Último (20)

Energy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptxEnergy Awareness training ppt for manufacturing process.pptx
Energy Awareness training ppt for manufacturing process.pptx
 
multiple access in wireless communication
multiple access in wireless communicationmultiple access in wireless communication
multiple access in wireless communication
 
home automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasadhome automation using Arduino by Aditya Prasad
home automation using Arduino by Aditya Prasad
 
Engineering Drawing section of solid
Engineering Drawing section of solidEngineering Drawing section of solid
Engineering Drawing section of solid
 
Katarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School CourseKatarzyna Lipka-Sidor - BIM School Course
Katarzyna Lipka-Sidor - BIM School Course
 
Research Methodology for Engineering pdf
Research Methodology for Engineering pdfResearch Methodology for Engineering pdf
Research Methodology for Engineering pdf
 
Correctly Loading Incremental Data at Scale
Correctly Loading Incremental Data at ScaleCorrectly Loading Incremental Data at Scale
Correctly Loading Incremental Data at Scale
 
"Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ..."Exploring the Essential Functions and Design Considerations of Spillways in ...
"Exploring the Essential Functions and Design Considerations of Spillways in ...
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
Risk Management in Engineering Construction Project
Risk Management in Engineering Construction ProjectRisk Management in Engineering Construction Project
Risk Management in Engineering Construction Project
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdfCCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
CCS355 Neural Networks & Deep Learning Unit 1 PDF notes with Question bank .pdf
 
young call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Serviceyoung call girls in Green Park🔝 9953056974 🔝 escort Service
young call girls in Green Park🔝 9953056974 🔝 escort Service
 
Crystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptxCrystal Structure analysis and detailed information pptx
Crystal Structure analysis and detailed information pptx
 
Designing pile caps according to ACI 318-19.pptx
Designing pile caps according to ACI 318-19.pptxDesigning pile caps according to ACI 318-19.pptx
Designing pile caps according to ACI 318-19.pptx
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf11. Properties of Liquid Fuels in Energy Engineering.pdf
11. Properties of Liquid Fuels in Energy Engineering.pdf
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Main Memory Management in Operating System
Main Memory Management in Operating SystemMain Memory Management in Operating System
Main Memory Management in Operating System
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 

Securing SCADA

  • 1. 3/10/2016 1 SCADA Security Challenges & Strategies Jeffrey Wang, P. Eng. 2016, Oshawa Acronym ICS: Industrial Control System DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition PLC: Programmable Logic Controller RTU: Remote Terminal Unit HMI: Human Machine Interface TCP/IP: Transmission Control Protocol/Internet Protocol IDS: Intrusion Detection System COTS: Commercial off-the-shelf ACL: Access Control List DMZ: Demilitarized Zone WAN: Wide Area Network LAN: Local Area Network Page 2 Securing SCADA prepared by Jeffrey Wang
  • 2. 3/10/2016 2 Content Overview Cyber Threats and Vulnerabilities Security Challenges Mitigation Strategies References Page 3 Securing SCADA prepared by Jeffrey Wang Overview SCADA system Overview SCADA System Components SCADA System Functionality Page 4 Securing SCADA prepared by Jeffrey Wang
  • 3. 3/10/2016 3 SCADA System - Overview SCADA is an acronym for Supervisory Control and Data Acquisition. SCADA is an Industrial control system (ICS). Page 5 Securing SCADA prepared by Jeffrey Wang SCADA System - Components Typically SCADA system include the following components: RTU (Remote Terminal Unit) PLC (Programmable Logic Controller) HMI (Human Machine Interface) Field devices (Actuators and Sensors) WAN(Wide Area Network): Wireless/RF communication devices LAN (Local Area Network): Router and Switches Centralized Server Database Server (Data Historian) Page 6 Securing SCADA prepared by Jeffrey Wang
  • 4. 3/10/2016 4 SCADA System - Functionality Major functions of SCADA system including: Field devices control via local or remote working mode Collect field data and transmit to central control server via WAN network Monitor processing and/or control field devices via HMI Manage database for tracking and management analysis Page 7 Securing SCADA prepared by Jeffrey Wang SCADA System - Critical infrastructure SCADA systems are critical national infrastructures Canadian Critical infrastructure within the 10 sectors listed below: • Energy and utilities • Finance • Food • Transportation • Government • Information and communication technology • Health • Water • Safety • Manufacturing Page 8 Securing SCADA prepared by Jeffrey Wang
  • 5. 3/10/2016 5 SCADA System - Tasks SCADA system simply performs four tasks: Data Acquisition Data Communication Data Monitor and Control Data Historian Page 9 Securing SCADA prepared by Jeffrey Wang Data Communication Data Acquisition Data Monitor & Control Why securing SCADA system ? Why? IP-based technologies Internet of Thing (IoT) Cloud computing Mobile computing Threats growing (Cyber threats source refers to From Homeland Security ICS-CERT) Hostile governments Terrorist groups Disgruntled employees Malicious intruders. GAO Threat Table (Source: GAO-Government Accountability Office) Vulnerabilities increasing Alerts (From ICS-CERT for control system/Government /Home & Business) Alerts provide timely notification to critical infrastructure owners and operators concerning threats to critical infrastructure networks. Be proactive for potential cyber- attack to SCADA system Page 10 Securing SCADA prepared by Jeffrey Wang
  • 6. 3/10/2016 6 Vulnerabilities Physical Vulnerabilities Cyber Vulnerabilities Page 11 Securing SCADA prepared by Jeffrey Wang Vulnerabilities –ICS-CERT Alerts Industrial Control Systems Cyber Emergency Response Team(ICS-CERT ) Publish cyber security alerts to three categories: • Control System Users • Government Users • Home and Business Examples: ICS-ALERT-15-225-02A : Rockwell Automation 1766-L32 Series Vulnerability (Update A) ICS-ALERT-11-204-01B : Siemens S7-300_S7-400 Hardcoded Credentials (Update B) ICS-ALERT-12-097-02A : 3S CoDeSys Improper Access Control (Update A) ICS-ALERT-11-256-06 : Beckhoff TwinCAT Vulnerability ICS-ALERT-12-020-07A : WAGO IO 750 Vulnerabilities (Update A) ICS-ALERT-12-136-01 : Wonderware SuiteLink Unallocated Unicode String ICS-ALERT-12-020-02A : Rockwell Automation ControlLogix PLC Vulnerabilities (Update A) ICS-ALERT-11-332-02A : Siemens SIMATIC WinCC Flexible (Update A) ICS-ALERT-11-256-05A : Rockwell Automation RSLogix Overflow Vulnerability (UPDATE A) Source: ICS-CERT Alerts: https://ics-cert.us-cert.gov/alerts Page 12 Securing SCADA prepared by Jeffrey Wang
  • 7. 3/10/2016 7 Physical Vulnerabilities Common Physical Vulnerabilities: Inadequate policies, procedures, and culture governing control system security Inadequately designed networks with insufficient defense-in-depth Remote access without appropriate access control Separate auditable administration mechanisms Inadequately secured wireless communication Use of a non-dedicated communications channel for command and control Lack of easy tools to detect/report anomalous activity Installation of inappropriate applications on critical host computers Inadequately scrutinized control system software Unauthenticated command and control data. Page 13 Securing SCADA prepared by Jeffrey Wang Cyber Vulnerabilities Common Cyber Vulnerabilities including: Operating System Vulnerabilities Interconnections Open Source / Public Information Authentication Remote access Monitoring and Defenses Wireless access SCADA/SQL/PLC Software Page 14 Securing SCADA prepared by Jeffrey Wang
  • 8. 3/10/2016 8 Cyber Vulnerabilities Cyber Vulnerabilities in details: Un-patched published vulnerabilities Web-based HMI vulnerabilities Improper authentication Improper access control (authorization) Buffer overflow in SCADA services SCADA data and command message manipulation and injection SQL injection insecure protocols unprotected transport of SCADA application credentials Standard IT protocols with pain-text authentication Page 15 Securing SCADA prepared by Jeffrey Wang Vulnerabilities – Allen-Bradly/Rockwell PLC Web-based access with default user ID and password AB SLC505 AB Micrologix PLC AB CompactLogix Page 16 Securing SCADA prepared by Jeffrey Wang
  • 9. 3/10/2016 9 Vulnerabilities – Unprotected Authentication MicroLogix 1400, It is easy to access with administrator and default password Page 17 Securing SCADA prepared by Jeffrey Wang Vulnerabilities – Access with Default ID & Password Intruder can change access permission once granted access control. Default IDs( administrator, and default passwords Page 18 Securing SCADA prepared by Jeffrey Wang
  • 10. 3/10/2016 10 Vulnerabilities – Supervisory Control Supervisory control: Write/Read memory block or disable the device Page 19 Securing SCADA prepared by Jeffrey Wang Cyber Attack - STUXNET STUXNET: the most famous cyber attack by United States and Israel. STUXNET worm was at first identified by a Belarus company VirusBlokAda in mid- June 2010. Physical Impact: Sabotaging 1000 centrifuges at Iran’s Natanz nuclear plant Stuxnet worm – now every hacker in the world knows about PLCs, HMIs and the opportunities to attack them. The Windows operating system Siemens SIMATIC Step 7 and WinCC Siemens S7 – 300/400 PLCs S7-315-2/S7-417 USB flash memory Zero-Day via Windows OS DB memory block in PLC Page 20 Securing SCADA prepared by Jeffrey Wang
  • 11. 3/10/2016 11 Cyber Attack - Insider Insider hacks into sewage treatment plant Queensland, Australia (2000) Disgruntled employee Vitek Boden hacks into sewage system via WiFi from the company’s Parking lot and releases over a million liters of raw sewage into the coastal waters. Physical Impact” Intruder controlled about 150 pump stations near three months Released about 1 million litre of raw sewage into nearby rivers and parks. Tools: Laptop, radio and wireless access Page 21 Securing SCADA prepared by Jeffrey Wang Security Challenges Page 23 Securing SCADA prepared by Jeffrey Wang
  • 12. 3/10/2016 12 SCADA Security Challenges Vulnerable operating system (OS) and applications in SCADA system are from commercial off-the –shelf (COTS) including Linux, Mac OS, Windows and embedded PLC OS (VxWorks); Most industrial control network connected to corporation network with Internet access. Especially IP-based technologies. Such as Wireless, IoT (Internet of Things), Cloud computing, Mobile computing and smart metering; Unsecure legacy system and devices are still widely used in SCADA system. No updated firmware available , no patching. They are transparent to control professional; Open source communication protocols (Modbus, DNP3, IEC 61850,Ethernet/IP) were not designed with security in mind and lack basic authorization features; There are numerous unpatched and unpatchable systems; Lack of remote access authentication, weak or default password; Lack of physical security protection . Page 23 Securing SCADA prepared by Jeffrey Wang Security Standards • Security Standards • Cyber Security Objective Page 25 Securing SCADA prepared by Jeffrey Wang
  • 13. 3/10/2016 13 Industrial Control System Security Standards Good News! There are many security standards…. NIST SP-800-82 : Guide to Industrial Control Systems Security National Institute of Standards and Technology(NIST) ISA/IEC-62443 (formal ANSI/ISA99) : Security for Industrial Automation and Control Systems Security The International Society of Automation (ISA) The International Electrotechnical Commission(IEC) NERC CIP- 006 : Physical Security of Critical Cyber Assets North American Reliability Corporation(NERC) Critical Infrastructure Protection(CIP) TR12-002 : Industrial Control System (ICS) Cyber Security: Recommended Best Practices (combined with NIST and ISA99 standards) • Canadian Cyber Incident Response Centre (CCIRC) Page 25 Securing SCADA prepared by Jeffrey Wang Cyber Security Objective- I.T. Security Perspective Three fundamental goals per NIST SP800-82 standard Confidentiality Any important information you have — such as employee, client or financial records — should be kept confidential. This information should only be accessed by people (or systems) that you have given permission to do so. Integrity You need to make sure to maintain the integrity of this information and other assets (such as software) in order to keep everything complete, intact and uncorrupted. Availability You should maintain the availability of systems (such as networks), services and information when required by the business or its clients. Page 26 Securing SCADA prepared by Jeffrey Wang
  • 14. 3/10/2016 14 Cyber Security Objective- SCADA Security Perspective Availability Confidentiality Integrity Page 27 Securing SCADA prepared by Jeffrey Wang Integrity Confidentiality Availability Mitigation Strategies Physical Assets Security Cyber Security Page 28 Securing SCADA prepared by Jeffrey Wang Cyber Security Standards Physical Security
  • 15. 3/10/2016 15 Mitigation Strategies - Recommendations My recommendation: Physical Assets Security NERC CIP-006 standard is intended to ensure the implementation of a physical security program for the protection of Critical Cyber Assets Cyber Security NIST SP800-82 standard is cybersecurity guidance for Industrial Control Systems (ICS) Security ISA/IEC-62443 (ISA99) standard Canadian Cyber Incident Response Centre(CCIRC) TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended Best Practices Page 29 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Risk Assessment Sources of threats External Internal Accidental Vulnerabilities Risks = Threats x Vulnerabilities x Impact Page 30 Securing SCADA prepared by Jeffrey Wang
  • 16. 3/10/2016 16 Physical Assets Security Page 32 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - NERC CIP Standards NERC CIP standards Include 9 standards and 45 requirements: CIP-002-1: Critical Cyber Asset Identification CIP-003-1: Security Management Controls CIP-004-1: Personnel and Training CIP-005-1: Electronic Security Perimeters CIP-006-1: Physical Security of Critical Cyber Assets CIP-007-1: Systems Security Management CIP-008-1: Incident Reporting and Response Planning CIP-009-1: Recovery Plans for Critical Cyber Assets NERC: North American Electric Reliability Corporation CIP: Critical Infrastructure Protection Page 32 Securing SCADA prepared by Jeffrey Wang
  • 17. 3/10/2016 17 Mitigation Strategies - Physical Protection Guideline Physical Access Controls The Responsible Entity shall document and implement the operational and procedural controls to manage physical access at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Monitoring Physical Access The Responsible Entity shall document and implement the technical and procedural controls for monitoring physical access at all access points to the Physical Security Perimeter(s) twenty-four hours a day, seven days a week. Unauthorized access attempts shall be reviewed immediately and handled in accordance with the procedures specified in Requirement CIP-008. Logging Physical Access • Logging shall record sufficient information to uniquely identify individuals and the time of access twenty-four hours a day, seven days a week. The Responsible Entity shall implement and document the technical and procedural mechanisms for logging physical entry at all access points to the Physical Security Perimeter(s). Page 33 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Physical Security Physical Security Purpose: To assist you detect and identify threats and restrict access to sensitive area (server room and important field equipment) Detect Be alerted to unauthorized entries or attempts Be alerted to mechanical/electrical failures Be alerted to remote site entry requests Identify Remotely view facility, people, equipment View recorded information and events Restrict and allow entry to facility Create physical facility access logs Prosecute offenders Restrict Keep the bad guys out Page 34 Securing SCADA prepared by Jeffrey Wang
  • 18. 3/10/2016 18 Cyber Security Mitigation Strategies - NIST SP 800-82 Standards NIST SP 800-82 : Guide to Industrial Control Systems Security Provide guidance for establishing secure ICS, including implementation guidance for SP 800-53 controls Content Overview of ICS ICS Characteristics, Threats and Vulnerabilities ICS Security Program Development and Deployment Network Architecture ICS Security Controls Appendixes Current Activities in Industrial Control Systems Security Emerging Security Capabilities NIST: National Institute of Standards and Technology SP: Special Publication Page 36 Securing SCADA prepared by Jeffrey Wang
  • 19. 3/10/2016 19 Mitigation Strategies - Cyber Security Objective Restricting logical access to the SCADA network and network activity This includes using a demilitarized zone (DMZ) network architecture with firewalls to prevent network traffic from passing directly between the corporate and SCADA networks, and having separate authentication mechanisms and credentials for users of the corporate and SCADA networks. The ICS should also use a network topology that has multiple layers, with the most critical communications occurring in the most secure and reliable layer. Restricting physical access to the SCADA network and devices Unauthorized physical access to components could cause serious disruption of the SCADA’s functionality. A combination of physical access controls should be used, such as locks, card readers, and/or guards. Page 37 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies - Cyber Security Objective Protecting individual SCADA components from exploitation This includes deploying security patches in as expeditious a manner as possible, after testing them under field conditions; disabling all unused ports and services; restricting SCADA user privileges to only those that are required for each person’s role; tracking and monitoring audit trails; and using security controls such as antivirus software and file integrity checking software where technically feasible to prevent, deter, detect, and mitigate malware. Maintaining functionality during adverse conditions This involves designing the SCADA so that each critical component has a redundant counterpart. Additionally, if a component fails, it should fail in a manner that does not generate unnecessary traffic on the SCADA or other networks, or does not cause another problem elsewhere, such as a cascading event. Page 38 Securing SCADA prepared by Jeffrey Wang
  • 20. 3/10/2016 20 Mitigation Strategies – ANSI/ISA99 Standard Module 1: Defining Industrial Cybersecurity Covers the concepts of physical, operational, and electronic security; and defines Cybersecurity as it relates to industrial automation and control systems Module 2: Risk Assessment Covers the concept of risk and how safety plays a part in assessing possible consequences from a cyberattack Module 3: Threats and Vulnerabilities Covers "social engineering" and how outsiders gather information to enable attacks and to physically enter your secured areas Module 4: Security Policies, Programs, and Procedures Covers the creation and deployment of policies, standards, and procedures and how they are a critical aspect of a security program Page 39 Securing SCADA prepared by Jeffrey Wang Mitigation Strategies – ANSI/ISA99 Standard Module 5: Understanding TCP/IP, Hackers, and Malware Covers the basics of the IP networking architecture and how computers are addressed and how IP delivers information to computers and TCP/UDP to complete the delivery to specified applications using port numbers Module 6: Technical Countermeasures Covers the technical countermeasures and technology that can be employed to protect your systems, detect and remove malware, and block hacking attempts; and explains the technologies such as firewalls, proxy servers, VPN, and VLAN and how they relate to industrial automation systems Module 7: Architectural & Operational Strategies Covers ways to segment and isolate your process automation systems in order to increase their reliability and Cyber security Page 40 Securing SCADA prepared by Jeffrey Wang
  • 21. 3/10/2016 21 Mitigation Strategies -TR12-002 Recommendation TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended Best Practices, by Canadian Cyber Incident Response Centre 1. Network Segmentation 2. Remote Access 3. Wireless Communications 4. Patch Management 5. Access Policies and Controls 6. Secure the Host (System Hardening) 7. Intrusion Detection 8. Physical and Environmental Security 9. Malware Protection and Detection 10. Awareness 11. Periodic Assessments and Audits 12. Change Control and Configuration Management 13. Incident Planning and Response Page 41 Securing SCADA prepared by Jeffrey Wang Useful software Solarwinds Inc. URL: http://www.solarwinds.com/ Develops enterprise information technology (IT) infrastructure management software for IT professionals. Kaspersky - URL: http://www.kaspersky.com Kaspersky Lab is an international software security group operating in almost 200 countries and territories worldwide. Bitdefender- URL: http://www.bitdefender.com Bitdefender products feature anti-virus and anti-spyware capabilities against internet security threats such as viruses, Trojans, rootkits, rogues, aggressive adware, spam and others. McAFee - URL: http://www.mcafee.com Intel Security Group (previously McAfee, Inc.) is an American global computer security software Symantec - URL: Http://www.symantec.com Security, Antivirus and Backup Solutions provider Page 42 Securing SCADA prepared by Jeffrey Wang
  • 22. 3/10/2016 22 References NIST SP-800-82 Guide to Industrial Control Systems Security http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf ICS-CERT, ICS-TIP-12-146-01A—Targeted Cyber Intrusion Detection and Mitigation Strategies http://www.us-cert.gov/control_systems/pdf/ICS-TIP-12-146-01A.pdf CCIRC, TR11-002 Mitigation Guidelines for Advanced Persistent Threats http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2011/tr11-002-eng.aspx ICS-CERT, Incident Response Summary Report 2009 – 2011 http://www.us-cert.gov/control_systems/pdf/ICS- CERT_Incident_Response_Summary_Report_09_11.pdf US-CERT, Control Systems Security Program (CSSP) http://www.us-cert.gov/control_systems/ US-CERT, Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies http://www.us-cert.gov/control_systems/practices/documents/Defense_in_Depth_Oct09.pdf CPNI, CPNI Viewpoint: Securing the move to IP-based SCADA/PLC networks http://www.cpni.gov.uk/Documents/Publications/2011/2011034-scada- securing_the_move_to_ipbased_scada_plc_networks_gpg.pdf International Society of Automation (ISA), ISA99, Industrial Automation and Control Systems Security http://www.isa.org/MSTemplate.cfm?MicrositeID=988&CommitteeID=6821 Page 43 Securing SCADA prepared by Jeffrey Wang THANK YOU Page 44 Securing SCADA prepared by Jeffrey Wang