More Related Content
Similar to 10. PI_Dunton - OT Security.pdf (20)
More from PROFIBUS and PROFINET InternationaI - PI UK (20)
10. PI_Dunton - OT Security.pdf
- 1. Tim Beech – TGN Project Services Ltd / Indu-Sol
OT Cyber Security
- 3. 3
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
Why Do We Need Security?
▪ Merge of IT and OT has opened up OT networks to compromise
▪ OT networks / assets have become targets
▪ Protect data & assets from attack
▪ Cost of a Cyber Attack
▪ Financial cost – ransom, downtime & recovery
▪ Data loss
▪ Damage to reputation
▪ Third Quarter of 2022 - £1.6billion in losses
© 2021
- 5. 5
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
IT vs OT
Information Technology
▪ Data flow and storage focussed
▪ Business Functions (HR, Finance, Email)
▪ Protection of Data is critical
CIA
▪ Confidentiality / Integrity / Availability
Operation Technology
▪ Control focussed
▪ Manufacturing functions & Safety
Systems
▪ Protection of people / process is critical
CAIC
▪ Control / Availability / Integrity /
Confidentiality
© 2021
- 6. 6
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023 © 2021
IT vs OT – Network Levels
Level 5 – Clients / Workstations
Level 4 – Servers, Data Storage
Level 3 – ES / Historians / MES
Level 2 – SCADA / HMI
Level 1 – PLC & IO Devices
Level 3.5 / DMZ – Data Servers / DHCP /
Edge Devices
OT
IT
- 7. 7
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
Threats & Attack Paths for OT Networks
Top 10 Threats to OT Networks (According to BSI)
1. Social Engineering & Phishing
2. Malware via removable media / external hardware
3. Human Error & Sabotage
4. Malware via Internet / Intranet
5. Internet connected control components
6. Intrusion via Remote Access
7. Technical Malpractice
8. Compromise of Extranet & Cloud Components
9. (D)DOS Attacks
10. Compromise from personal devices in the production environment
© 2021
- 10. 10
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
Threats & Attack Paths
7. Technical Malpractice
8. Compromise of Extranet & Cloud Components
9. (D)DoS Attacks
10. Compromise from personal devices in the production environment
© 2021
- 11. 11
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
Protection Concept
© 2021
Security
Awareness
Trusted Zone
Firewalls / DMZ / Remote
Access
Physical Protection
Locking ports / Restrict
MCC Access
Network
Monitoring
Asset Management
and Monitoring
▪ Multilevel approach
▪ Scalable
▪ Fit for purpose
▪ Training
▪ Supported by policies, procedures and
standards
▪ Multi-discipline teams
- 12. 12
PROFIBUS& PROFINETInternational(PI)
What Happened To Profibus? – Ford Dunton 16-Feb-2023
Implementing OT Security
▪ Security shouldn’t be an after thought!!
▪ Protection Concept
▪ Defence in Depth
▪ Policies, Procedures & Standards
▪ Planning
▪ Threats and risks should be assessed
▪ DMZ between IT and OT
▪ Initial design and consider impact of modifications
▪ Selection of components
▪ Criteria for selection (standards)
© 2021