SlideShare a Scribd company logo

10. PI_Dunton - OT Security.pdf

PROFIBUS and PROFINET InternationaI - PI UK
PROFIBUS and PROFINET InternationaI - PI UK

Recent event at Ford Dunton by PI-UK.

Engineering
1 of 14
Download to read offline
Tim Beech – TGN Project Services Ltd / Indu-Sol OT Cyber Security
2 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why? 1 IT vs OT - Differences and Approach to Security 2 Threats / Attack Paths 3 Implementing OT Security 4 © 2021 Aims
3 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why Do We Need Security? ▪ Merge of IT and OT has opened up OT networks to compromise ▪ OT networks / assets have become targets ▪ Protect data & assets from attack ▪ Cost of a Cyber Attack ▪ Financial cost – ransom, downtime & recovery ▪ Data loss ▪ Damage to reputation ▪ Third Quarter of 2022 - £1.6billion in losses © 2021
4 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why Do We Need Security? © 2021
5 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 IT vs OT Information Technology ▪ Data flow and storage focussed ▪ Business Functions (HR, Finance, Email) ▪ Protection of Data is critical CIA ▪ Confidentiality / Integrity / Availability Operation Technology ▪ Control focussed ▪ Manufacturing functions & Safety Systems ▪ Protection of people / process is critical CAIC ▪ Control / Availability / Integrity / Confidentiality © 2021
6 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 © 2021 IT vs OT – Network Levels Level 5 – Clients / Workstations Level 4 – Servers, Data Storage Level 3 – ES / Historians / MES Level 2 – SCADA / HMI Level 1 – PLC & IO Devices Level 3.5 / DMZ – Data Servers / DHCP / Edge Devices OT IT
7 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths for OT Networks Top 10 Threats to OT Networks (According to BSI) 1. Social Engineering & Phishing 2. Malware via removable media / external hardware 3. Human Error & Sabotage 4. Malware via Internet / Intranet 5. Internet connected control components 6. Intrusion via Remote Access 7. Technical Malpractice 8. Compromise of Extranet & Cloud Components 9. (D)DOS Attacks 10. Compromise from personal devices in the production environment © 2021
8 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 1. Social Engineering & Phishing 2. Malware via removable media / external hardware 3. Human Error & Sabotage © 2021
9 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 4. Malware via Internet / Intranet 5. Internet connected components 6. Intrusion via Remote Access © 2021
10 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 7. Technical Malpractice 8. Compromise of Extranet & Cloud Components 9. (D)DoS Attacks 10. Compromise from personal devices in the production environment © 2021
11 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Protection Concept © 2021 Security Awareness Trusted Zone Firewalls / DMZ / Remote Access Physical Protection Locking ports / Restrict MCC Access Network Monitoring Asset Management and Monitoring ▪ Multilevel approach ▪ Scalable ▪ Fit for purpose ▪ Training ▪ Supported by policies, procedures and standards ▪ Multi-discipline teams
12 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Implementing OT Security ▪ Security shouldn’t be an after thought!! ▪ Protection Concept ▪ Defence in Depth ▪ Policies, Procedures & Standards ▪ Planning ▪ Threats and risks should be assessed ▪ DMZ between IT and OT ▪ Initial design and consider impact of modifications ▪ Selection of components ▪ Criteria for selection (standards) © 2021
13 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 © 2021 Case Study – Bad Network / No Security
Questions?

Recommended

IS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_BroadcomIS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_Broadcom
William H. Miller, Jr.
 
Introduction IOT/M2M
Introduction IOT/M2MIntroduction IOT/M2M
Introduction IOT/M2M
LeKhanhAnh
 
Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Securely Deploying Micro Services, Containers & Serverless PaaS Web AppsSecurely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Priyanka Aash
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
Cigdem Sengul
 
1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco
MITEF México
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
aulasnilda
 
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0
PROFIBUS and PROFINET InternationaI - PI UK
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 

Recommended

IS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_BroadcomIS_Associates_IoT_Pres_Miller_Broadcom
IS_Associates_IoT_Pres_Miller_Broadcom
William H. Miller, Jr.
 
Introduction IOT/M2M
Introduction IOT/M2MIntroduction IOT/M2M
Introduction IOT/M2M
LeKhanhAnh
 
Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Securely Deploying Micro Services, Containers & Serverless PaaS Web AppsSecurely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Securely Deploying Micro Services, Containers & Serverless PaaS Web Apps
Priyanka Aash
 
IoT security presented in Ada's List Conference
IoT security presented in Ada's List ConferenceIoT security presented in Ada's List Conference
IoT security presented in Ada's List Conference
Cigdem Sengul
 
1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco1. How will the IoT help your business - cisco
1. How will the IoT help your business - cisco
MITEF México
 
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx11272019 SafeAssign Originality Reporthttpsucumberlan.docx
11272019 SafeAssign Originality Reporthttpsucumberlan.docx
aulasnilda
 
Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0Profinet network design webinar - Peter Thomas may 2020 - v1.0
Profinet network design webinar - Peter Thomas may 2020 - v1.0
PROFIBUS and PROFINET InternationaI - PI UK
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...
Brain IoT Project
 
Integration of mobile technology with contract management - Oracle Primavera ...
Integration of mobile technology with contract management - Oracle Primavera ...Integration of mobile technology with contract management - Oracle Primavera ...
Integration of mobile technology with contract management - Oracle Primavera ...
p6academy
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
Eswar Publications
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
44CON
 
Fortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptxFortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptx
ThanhBoHoaluaVn
 
Securing 4G and LTE systems with Deep Learning and Virtualization
Securing 4G and LTE systems with Deep Learning and VirtualizationSecuring 4G and LTE systems with Deep Learning and Virtualization
Securing 4G and LTE systems with Deep Learning and Virtualization
Dr. Edwin Hernandez
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
Massimiliano Falcinelli
 
INT 1010 10-2.pdf
INT 1010 10-2.pdfINT 1010 10-2.pdf
INT 1010 10-2.pdf
Luis R Castellanos
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
Cognizant
 
Ambient Intelligence
Ambient IntelligenceAmbient Intelligence
Ambient Intelligence
Ram Inamdar
 
Hip ste r - pitch deck
Hip ste r - pitch deckHip ste r - pitch deck
Hip ste r - pitch deck
HIPSteR
 
5G Infrastructure Investments
5G Infrastructure Investments5G Infrastructure Investments
5G Infrastructure Investments
InvestingTips
 
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud Native Day Tel Aviv
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
IRJET Journal
 
Fog Computing
Fog ComputingFog Computing
Fog Computing
IRJET Journal
 
Future Proof Your Network Today To Support IOT Tomorrow
Future Proof Your Network Today To Support IOT TomorrowFuture Proof Your Network Today To Support IOT Tomorrow
Future Proof Your Network Today To Support IOT Tomorrow
Tyrone Systems
 
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Les Interconnectés
 
Entreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTEntreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoT
Scaleway
 
11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf
PROFIBUS and PROFINET InternationaI - PI UK
 
7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf
PROFIBUS and PROFINET InternationaI - PI UK
 

More Related Content

Similar to 10. PI_Dunton - OT Security.pdf

Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
Eswar Publications
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
FIDO Alliance
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
44CON
 
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Les Interconnectés
 

Similar to 10. PI_Dunton - OT Security.pdf (20)

SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...SAM-IoT: Securing low power device communication in critical infrastructure m...
SAM-IoT: Securing low power device communication in critical infrastructure m...
 
Integration of mobile technology with contract management - Oracle Primavera ...
Integration of mobile technology with contract management - Oracle Primavera ...Integration of mobile technology with contract management - Oracle Primavera ...
Integration of mobile technology with contract management - Oracle Primavera ...
 
Application Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise SetupApplication Security framework for Mobile App Development in Enterprise Setup
Application Security framework for Mobile App Development in Enterprise Setup
 
Webinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO AuthenticationWebinar: Securing IoT with FIDO Authentication
Webinar: Securing IoT with FIDO Authentication
 
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
Mavenir: Why and How Private LTE & 5G Networks Are Rapidly Evolving for Enter...
 
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...The UK's Code of Practice for Security in Consumer IoT Products and Services ...
The UK's Code of Practice for Security in Consumer IoT Products and Services ...
 
Fortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptxFortinet - Digital Government Cloud Security 2.pptx
Fortinet - Digital Government Cloud Security 2.pptx
 
Securing 4G and LTE systems with Deep Learning and Virtualization
Securing 4G and LTE systems with Deep Learning and VirtualizationSecuring 4G and LTE systems with Deep Learning and Virtualization
Securing 4G and LTE systems with Deep Learning and Virtualization
 
chile-2015 (2)
chile-2015 (2)chile-2015 (2)
chile-2015 (2)
 
INT 1010 10-2.pdf
INT 1010 10-2.pdfINT 1010 10-2.pdf
INT 1010 10-2.pdf
 
Safeguarding the Internet of Things
Safeguarding the Internet of ThingsSafeguarding the Internet of Things
Safeguarding the Internet of Things
 
Ambient Intelligence
Ambient IntelligenceAmbient Intelligence
Ambient Intelligence
 
Hip ste r - pitch deck
Hip ste r - pitch deckHip ste r - pitch deck
Hip ste r - pitch deck
 
5G Infrastructure Investments
5G Infrastructure Investments5G Infrastructure Investments
5G Infrastructure Investments
 
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
Cloud and Edge: price, performance and privacy considerations in IOT, by Tsvi...
 
IRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and ThreatsIRJET- Android Device Attacks and Threats
IRJET- Android Device Attacks and Threats
 
Fog Computing
Fog ComputingFog Computing
Fog Computing
 
Future Proof Your Network Today To Support IOT Tomorrow
Future Proof Your Network Today To Support IOT TomorrowFuture Proof Your Network Today To Support IOT Tomorrow
Future Proof Your Network Today To Support IOT Tomorrow
 
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
Jean-François Balcon - Cisco - Objets connectés quels usages ? Quels enjeux ...
 
Entreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoTEntreprises : découvrez les briques essentielles d’une solution IoT
Entreprises : découvrez les briques essentielles d’une solution IoT
 

More from PROFIBUS and PROFINET InternationaI - PI UK

More from PROFIBUS and PROFINET InternationaI - PI UK (20)

11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf11. PI_Ford_Dunton_IOLINK_Safety.pdf
11. PI_Ford_Dunton_IOLINK_Safety.pdf
 
7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf7. Ford_Dunton_TSN_CRM.pdf
7. Ford_Dunton_TSN_CRM.pdf
 
6. SRCI Profibus International v2.pdf
6. SRCI Profibus International v2.pdf6. SRCI Profibus International v2.pdf
6. SRCI Profibus International v2.pdf
 
13. CEMA - AUTOMOTIVE.pdf
13. CEMA - AUTOMOTIVE.pdf13. CEMA - AUTOMOTIVE.pdf
13. CEMA - AUTOMOTIVE.pdf
 
12. PI_OPC_UK.pdf
12. PI_OPC_UK.pdf12. PI_OPC_UK.pdf
12. PI_OPC_UK.pdf
 
4. APL PI Presentation 2023.pdf
4. APL PI Presentation 2023.pdf4. APL PI Presentation 2023.pdf
4. APL PI Presentation 2023.pdf
 
9. PA DIM presentation.pdf
9. PA DIM presentation.pdf9. PA DIM presentation.pdf
9. PA DIM presentation.pdf
 
3. Ford Dunton Mark Freeman.pdf
3. Ford Dunton Mark Freeman.pdf3. Ford Dunton Mark Freeman.pdf
3. Ford Dunton Mark Freeman.pdf
 
2. Ford_Dunton_Introductions_CRM.pdf
2. Ford_Dunton_Introductions_CRM.pdf2. Ford_Dunton_Introductions_CRM.pdf
2. Ford_Dunton_Introductions_CRM.pdf
 
PI UK Seminar (Nov 2021) - Online Certified Training Courses
PI UK Seminar (Nov 2021) - Online Certified Training CoursesPI UK Seminar (Nov 2021) - Online Certified Training Courses
PI UK Seminar (Nov 2021) - Online Certified Training Courses
 
PI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
PI UK Seminar (Nov 2021) - PROFINET Implementation and TestingPI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
PI UK Seminar (Nov 2021) - PROFINET Implementation and Testing
 
PI UK Seminar (Nov 2021) - PROFINET Design Basics
PI UK Seminar (Nov 2021) - PROFINET Design BasicsPI UK Seminar (Nov 2021) - PROFINET Design Basics
PI UK Seminar (Nov 2021) - PROFINET Design Basics
 
PI UK Seminar (Nov 2021) - PROFINET Gateways
PI UK Seminar (Nov 2021) - PROFINET GatewaysPI UK Seminar (Nov 2021) - PROFINET Gateways
PI UK Seminar (Nov 2021) - PROFINET Gateways
 
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device ConfigurationPI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
PI UK Seminar (Nov 2021) - PROFIBUS and PROFINET Device Configuration
 
PI UK Seminar (Nov 2021) - PROFINET of Things
PI UK Seminar (Nov 2021) - PROFINET of ThingsPI UK Seminar (Nov 2021) - PROFINET of Things
PI UK Seminar (Nov 2021) - PROFINET of Things
 
PI UK Seminar (Nov 2021) - Update on APL
PI UK Seminar (Nov 2021) - Update on APLPI UK Seminar (Nov 2021) - Update on APL
PI UK Seminar (Nov 2021) - Update on APL
 
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
PROFINET to PROFIBUS gateways - Peter Thomas - 03 june 2020
 
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020 PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
PROFIBUS lightning surge protection - Peter Thomas, CSL - 10 june 2020
 
PROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter ThomasPROFINET network diagnostics and support - May 2020 - Peter Thomas
PROFINET network diagnostics and support - May 2020 - Peter Thomas
 
EMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter ThomasEMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
EMC in Industrial Automation Systems webinar - May 2020 - Peter Thomas
 

Recently uploaded

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Dr.Costas Sachpazis
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
ranjana rawat
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
ranjana rawat
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
Tonystark477637
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Call Girls in Nagpur High Profile
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
Call Girls in Nagpur High Profile
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
rknatarajan
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur High Profile
 

Recently uploaded (20)

Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Online banking management system project.pdf
Online banking management system project.pdfOnline banking management system project.pdf
Online banking management system project.pdf
 
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
The Most Attractive Pune Call Girls Manchar 8250192130 Will You Miss This Cha...
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
 

10. PI_Dunton - OT Security.pdf

  • 1. Tim Beech – TGN Project Services Ltd / Indu-Sol OT Cyber Security
  • 2. 2 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why? 1 IT vs OT - Differences and Approach to Security 2 Threats / Attack Paths 3 Implementing OT Security 4 © 2021 Aims
  • 3. 3 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why Do We Need Security? ▪ Merge of IT and OT has opened up OT networks to compromise ▪ OT networks / assets have become targets ▪ Protect data & assets from attack ▪ Cost of a Cyber Attack ▪ Financial cost – ransom, downtime & recovery ▪ Data loss ▪ Damage to reputation ▪ Third Quarter of 2022 - £1.6billion in losses © 2021
  • 4. 4 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Why Do We Need Security? © 2021
  • 5. 5 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 IT vs OT Information Technology ▪ Data flow and storage focussed ▪ Business Functions (HR, Finance, Email) ▪ Protection of Data is critical CIA ▪ Confidentiality / Integrity / Availability Operation Technology ▪ Control focussed ▪ Manufacturing functions & Safety Systems ▪ Protection of people / process is critical CAIC ▪ Control / Availability / Integrity / Confidentiality © 2021
  • 6. 6 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 © 2021 IT vs OT – Network Levels Level 5 – Clients / Workstations Level 4 – Servers, Data Storage Level 3 – ES / Historians / MES Level 2 – SCADA / HMI Level 1 – PLC & IO Devices Level 3.5 / DMZ – Data Servers / DHCP / Edge Devices OT IT
  • 7. 7 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths for OT Networks Top 10 Threats to OT Networks (According to BSI) 1. Social Engineering & Phishing 2. Malware via removable media / external hardware 3. Human Error & Sabotage 4. Malware via Internet / Intranet 5. Internet connected control components 6. Intrusion via Remote Access 7. Technical Malpractice 8. Compromise of Extranet & Cloud Components 9. (D)DOS Attacks 10. Compromise from personal devices in the production environment © 2021
  • 8. 8 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 1. Social Engineering & Phishing 2. Malware via removable media / external hardware 3. Human Error & Sabotage © 2021
  • 9. 9 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 4. Malware via Internet / Intranet 5. Internet connected components 6. Intrusion via Remote Access © 2021
  • 10. 10 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Threats & Attack Paths 7. Technical Malpractice 8. Compromise of Extranet & Cloud Components 9. (D)DoS Attacks 10. Compromise from personal devices in the production environment © 2021
  • 11. 11 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Protection Concept © 2021 Security Awareness Trusted Zone Firewalls / DMZ / Remote Access Physical Protection Locking ports / Restrict MCC Access Network Monitoring Asset Management and Monitoring ▪ Multilevel approach ▪ Scalable ▪ Fit for purpose ▪ Training ▪ Supported by policies, procedures and standards ▪ Multi-discipline teams
  • 12. 12 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 Implementing OT Security ▪ Security shouldn’t be an after thought!! ▪ Protection Concept ▪ Defence in Depth ▪ Policies, Procedures & Standards ▪ Planning ▪ Threats and risks should be assessed ▪ DMZ between IT and OT ▪ Initial design and consider impact of modifications ▪ Selection of components ▪ Criteria for selection (standards) © 2021
  • 13. 13 PROFIBUS& PROFINETInternational(PI) What Happened To Profibus? – Ford Dunton 16-Feb-2023 © 2021 Case Study – Bad Network / No Security