SlideShare uma empresa Scribd logo

S4 Japan 2014 Closing Remarks and Cybersecurity History

Digital Bond
Digital Bond

Tatsuaki Takebe of Yokogawa Electric Corporation provides the closing keynote with a focus on international standards activity and how it affects the Japanese ICS community.

Tecnologia
1 de 26
Baixar para ler offline
S4 Japan 2014 Closing Remarks Yokogawa Electric Corporation IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 1 - Tatsuaki Takebe All brand or product names in this document are trademarks or registered trademarks of their respective companies.
• First Self-destruct program (Richard Skrenta) • First Self-replicate program (Skrenta’s Elk Cloner) • ©Brain Virus developed by two Pakistanis’ • Yale, Cascade, Jerusalem, Lehigh, etc. • Ken Thompson demo first Trojan Horse • Fred Cohen’s VAX Viruses Protocol Weaknesses/Buffer overflow IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 2 - • Apple II Computer • Commodore • Atari • TI-99 • TRS-80 • First Worm developed in Xerox Palo Alto • FBI arrest “414s” Hacker Group • First “Concept” Macro Virus • Stealth virus (Whale) • Variable Encryption (1260) • Morris’ Worm • Robert T Morris fined $10K, 3 years probation • Code Red • Nimda • Philippines’ “I LOVE YOU” virus • Melissa virus ($80m) • Excel Macro Virus (cross platform) • “Solar Sunrise” - Two California Teens attack on 500 Military, Govt, & Private Computer Systems (Vul) • Slammer • Blaster • WeiChia • MyDoom • Sasser • Melissa’s author sentenced 20 months jail • DDoS on 13 “root” servers Standalone Systems – Disk/Diskette Sharing Information Warfare Computer Crimes Trusted Operating Systems (Orange Book) Trusted Network (Red Book) – ITSEC • Phishing attacks proliferated UK Green Book to BS 7799 to ISO 17799 to ISO 27001 Common Criteria (ISO 15408) Insecure Default/Weak Security Techniques/Feature Misuse/Social Engineering • Spyware • Bots • Phishing begins in AOL • “Cuckoo’s Egg” in LBL Cyber Crimes • SPAM Mails Discovery 発見 Experimentation 実験 Criminal Exploitation 非合法利用 197 7 197 8 197 9 198 0 198 1 198 2 198 3 198 4 198 5 198 6 198 7 198 8 198 9 199 0 199 1 199 2 199 3 199 4 199 5 199 6 199 7 199 8 199 9 200 0 200 1 200 2 200 3 200 4 200 5 200 6 • Pharming attacks (DNS poisoning) • Kevin Mitnick arrested, five years imprisonment • ZoTob • WMF Internet World Client-server/PC-LAN Networks Wide Web Web 2.0 By Meng Chow Kang
" Attack Sophistication & Intruder Knowledge " Everybody can be an attacker. " Attack tools can be used for the control systems. “Stealth”/Advanced Scanning Techniques Network Management Diagnostics Sweepers Disabling Audits Malicious Code Morphing WWW Attacks Automated Probes/Scans Hijacking Sessions Exploiting Known Vulnerabilities Password Cracking Self-Replicating Code IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 3 - Password Guessing Sniffers BOTS Distributed Attack Tools Denial of Service GUI Packet Spoofing High 1980 1985 1990 1995 2000 2005 2010 Intruder Knowledge Low Attackers Back Doors Zombies Attack Sophistication Lipson, H. F., Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, Special Report CMS/SEI-2002-SR-009, November 2002, page 10.
Security Incidents • From The Repository of Industrial Security Incidents IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 4 - 35 30 25 20 15 10 5 0 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
" Industrial Control Systems Security Coverage TCIP IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> I S C I ISCI I3P SCADA    L O G IIC                Achilles Wurld- Tech - 5 - PCSRF A G A Power Oil & Gas Chem Water Transport Comm Req R&D Dev Test Eval Demo Deploy Operation  SCADA SBIRs CSSP CSSP NSTB ISA | 9 9 API 1164 FERC、NERC S P | 9 9 ISA CIDX ChemITC Mu Dynamics ICSJWG
Critical Infrastructure & Stds IEC ISO/IEC/JTC1 ISO/IEC 15408, 18045, 19790, 24759, 27001, 27002(17799) 62351-‐‑‒1〜~7 62443-‐‑‒1〜~3 NSTB CSSP CPNI(NISCC Tech Note Series) FERC EPRI NERC 国際 International 政府系 Govmtl 業界 Industry 成果 Outcome NIST SP800-‐‑‒82, 53, 30, 18, 37 FIPS 199, 200, 140-‐‑‒2 CMVP, CAVP ISCI I3P LOGIIC API Chemical CIDX 化学 薬品 R isk M a p A ccess P o licy T o o l E m era ld D E A D B O L T S ecS S H S M T U Water Sewerage 運輸 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 6 - AGA a cc CIP-‐‑‒002-‐‑‒X〜~ -‐‑‒009-‐‑‒X API 1164 AGA12 Guidance for Addressing Cyber Security in the Chemical Industry In tellig en t ID S INL Cyber Security Procurement Language for Control Systems IEEE IE E E -1 4 0 2 , 1 6 8 6 DOE 21 Steps to Improve Cyber Security Unite PCSF Organizations & People ISA99 WG1-‐‑‒6 ISA99.01.01,02.01, 03.01, CCEVS,NVLAP(TestLab) Test Specs Test Labs PCSRF SPP-‐‑‒ICS PP Power 電⼒力力 Oil Gas ⽯石油 ガス 上下 ⽔水道 鉄道 Transport Railroad Telecommunication 通信 Any
" Industrial Control Systems Security Coverage IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> I S C I ISCI - 7 - Power Oil & Gas Chem Water Transport Comm Req R&D Dev Test Eval Demo Deploy Operation ISA99 ISA99
IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 8 - 8 " IEC/ISA 62443 Series structure
" ISA 99 organizational structure 㼃㻳㻝 㼃㻳㻟 㼃㻳㻠 㼃㻳㻡 㼃㻳㻢 㼃㻳㻣 㼃㻳㻤 㼃㻳㻝㻜 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 9 - 㼃㼕㼞㼑㼘㼑㼟㼟㻌㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌㻵㼚㼟㼠㼕㼠㼡㼠㼑 9 㼃㻯㻵 㻵㻿㻭 㻥㻥 㻭㻿㻯㻵 㻵㻿㻯㻵 㻝㻜㻜 㻭㼡㼠㼛㼙㼍㼠㼕㼛㼚㻌 㻿㼠㼍㼚㼐㼍㼞㼐㼟㻌 㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌 㻵㼚㼟㼠㼕㼠㼡㼠㼑 㼃㻳㻞 㼃㻳㻥 㼃㻳㻝㻝 㻵㻱㻯㻌㻸㼕㼍㼕㼟㼛㼚 㼀㼑㼏㼔㼚㼛㼘㼛㼓㼕㼑㼟 㻿㼑㼏㼡㼞㼕㼠㼥㻌㻼㼞㼛㼓㼞㼍㼙 㼀㼑㼞㼙㼕㼚㼛㼘㼛㼓㼥㻘㻌㻯㼛㼚㼏㼑㼜㼠㼟㻌㼍㼚㼐㻌㻹㼛㼐㼑㼘㼟 㼀㼑㼏㼔㼚㼕㼏㼍㼘㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻯㼛㼙㼙㼕㼠㼠㼑㼑㻌㻼㼘㼍㼚㼚㼕㼚㼓㻌㼍㼚㼐㻌㻰㼕㼞㼑㼏㼠㼕㼛㼚 㻼㼍㼠㼏㼔㻌㻹㼍㼚㼍㼓㼑㼙㼑㼚㼠 㻿㼍㼒㼑㼠㼥㻌㻒㻌㻿㼑㼏㼡㼞㼕㼠㼥 㻯㼛㼙㼙㼡㼚㼕㼏㼍㼠㼕㼛㼚㻌㼍㼚㼐㻌㻻㼡㼠㼞㼑㼍㼏㼔 㼃㼕㼞㼑㼘㼑㼟㼟㻌㼍㼚㼐㻌㻿㼑㼏㼡㼞㼕㼠㼥㻌㻶㼃㻳 㼀㻳㻝 㼀㻳㻟 㼀㻳㻠 㼀㻳㻡 㻵㻿㻭㻥㻥㻌㻵㻿㻭㻢㻣㻌㻶㼃㻳㻌㼛㼚㻌㼏㼥㼎㼑㼞㻌㼟㼑㼏㼡㼞㼕㼠㼥㻌㼒㼛㼞㻌㼚㼡㼏㼘㼑㼍㼞㻌㼜㼘㼍㼚㼠㼟 㻲㼛㼡㼚㼐㼍㼠㼕㼛㼚㼍㼘㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㼆㼛㼚㼑㼟㻌㼍㼚㼐㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻰㼑㼞㼕㼢㼑㼐㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻹㼑㼠㼞㼕㼏㼟 㻼㼞㼛㼐㼡㼏㼠㻌㻰㼑㼢㼑㼘㼛㼜㼙㼑㼚㼠㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻿㼑㼏㼡㼞㼕㼠㼥 㼃㼕㼞㼑㼘㼑㼟㼟 㻵㻿㻭㻌㻿㼑㼏㼡㼞㼕㼠㼥㻌㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌㻵㼚㼟㼠㼕㼠㼡㼠㼑 㻵㻱㻯㻛㻶㼀㻯㻝㻌㻸㼕㼍㼕㼟㼛㼚㻌㻭㼏㼠㼕㼢㼕㼠㼕㼑㼟 㻸㼑㼍㼐㼑㼞㼟㼔㼕㼜 㼀㻳㻞 㼀㻳㻢
IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 10 - " IEC TC 65
Cards & PI BioMetrics IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 11 - " ISO IEC Security Financial Services Vocabulary
IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 12 - " ISO/IEC JTC 1/SC 27 SC 27 WG 1 WG 2 WG 3 WG 4 WG 5 ISMS Crypto Security Evaluation Security Control & Services IDMgmnt & Privacy 2700X 15408 19790 24760 29100 29101 ISA 99 IEC TC 65/WG10 SC 22/WG 23 ISA 99 IEC TC 65/WG10
IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 13 - " ISO/IEC JTC 1 SC 22 SC 22 WG4 COBOL WG5 Fortran WG9 ADA WG14 C WG17 Prolog WG19 Formal programming languages WG21 C++ WG23 Prog Lang Vul TR24772 SC 27/WG 3
Secure IACS and maintain operational security 㻵㼙㼜㼘㻌㼆㼛㼚㼑㼟㻌㻒 㻯㼛㼚㼐㼡㼕㼠㼟㻘㻌㻯㼛㼙㼜 㻵 㼀 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 14 - 㻿㼠㼍㼞㼠 㻻㻷㻫 㻱㼚㼐 㻼㼍㼠㼏㼔㻌㻹㼍㼚㼍㼓㼑㼙㼑㼚㼠 㻿㻭㻸䚷䠚㻩㻿㻭㻸 㻱㼢㼍㼘㻌㻿㼥㼟㼠㼑㼙㻌 㻾㼕㼟㼗 㻿㼡㼎㼟㼥㼟㼠㼑㼙㼟 㼆㼛㼚㼑㼟㻌㻒㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻱㼢㼍㼘㻌㻿㼥㼟㼠㼑㼙㻌 㻻㼜㼑㼞㻚㻌㻿㻭㻸 㻾㼑㼠㼕㼞㼑㻌㻿㼥㼟㼠㼑㼙 㻹㼍㼗㼑㻌㻻㼜㼑㼞㼍㼠㼕㼛㼚㼍㼘㻌 㻿㼑㼏㼡㼞㼕㼠㼥㻌㻼㼛㼘㼕㼏㼥 㻯㼔㼛㼛㼟㼑㻌㻿㻭㻸 㼆㼛㼚㼑㼟㻌㻒㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻻㼜㼑㼞㼍㼠㼑㻌㻿㼥㼟㼠㼑㼙 System Security Compliance Metrics Establishing an Industrial Automation and Control Systems Security Program Operating an industrial automation and control system security program IEC 62443-‐‑‒2-‐‑‒4 practices IACS supplier security policies and Target Security Assurance Levels for ISA 99.01.03 ISA 99.02.01 ISA 99.02.02 ISA 99.02.03 ISA 99.03.02 Zones and Conduits System security requirements and security assurance levels ISA 99.03.03 ISA 99.02.01 ISA 99.03.02 ISA 99.03.02 ISA 99.01.03 ISA 99.03.03 ISA 99.01.03 ISA 99.02.02 ISA 99.02.03 ISA 99.02.01 㻿㼠㼍㼞㼠 㻱㼢㼍㼘㻌㻾㼕㼟㼗㻌㼒㼛㼞 㻯㼛㼙㼜㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻿㼑㼏㻌㻾㼝㼙㼚㼠㼟㻌㼒㼛㼞 㻯㼛㼙㼜㻘㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻰㼑㼟㼕㼓㼚㻌㻒㻌㻵㼙㼜㼘 㻱㼢㼍㼘㻌㻿㻭㻸㻌㼒㼛㼞 㻯㼛㼙㼜㻘㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻻㻷 㻫 ISA 99.04.01 ISA 99.04.02 㻱㼚㼐 IEC 62443-‐‑‒2-‐‑‒4 IEC 62443-‐‑‒2-‐‑‒4 How to fit the entire pieces together?
" Compliance " IEC 62443-2-1 ISMS compliance for Asset Owners (62443-2-1 is IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 15 - aligned with ISO/IEC 27001) " IEC 62443-2-4 Vendor/System Integrator Security Maturity
Product security • IEC 62443-4-1 Assurance Sec Rea • IEC 62443-4-2 Functional Sec Req IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 16 -
ISASecure Levels Communication Robustness Testing IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 17 - Software Development Security Assessment ソフトウェア開発セキュリティ評価 Functional Security Assessment セキュリティ機能評価 Software Development Security Assessment ソフトウェア開発 セキュリティ評価 Functional Security Assessment セキュリティ機能評価 Software Development Security Assessment ソフトウェア開発 セキュリティ評価 Functional Security Assessment セキュリティ機能評価 LEVEL 1 LEVEL 2 LEVEL 3 Requirements Necessary to Achieve Certification Levels Level 1 Level 2 Level 3 Total Count in Specification SDSA 130 149 170 170 FSA 20 49 82 82 CRT All All All CRT Common Specification plus all 6 Protocol CRT Specifications
ISASecure EDSA Certification Program IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> Detects and Avoids systematic design faults • The vendor’s software development and maintenance processes are audited for artifacts for DUT • Ensures the organization follows a robust, secure software development process - 18 - Embedded Device Security Assurance Software Development Security Assurance (SDSA) ソフトウェア開発 セキュリティ評価 Functional Security Assessment (FSA) セキュリティ機能評価 Communications Robustness Testing (CRT) 通信堅牢性テスト Detects Implementation Errors/Omissions • A component’s security functionality is audited against its derived requirements for its specified security level • Ensures the product has properly implemented the security functional requirements Identifies vulnerabilities in device networking capabilities • A component’s communication robustness is tested against communication robustness requirements • Tests for vulnerabilities in the 4 layers of OSI Reference Model
ISA Security Compliance Institute • Document Structure for Product Evaluation " Similar structure for system evaluation is being discussed now. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 19 - 19 Tatsuaki Takebe Yokogawa Electric Corp.
• In order to decrease the chances to be hacked, • You need investments • Attackers need skill, resources to crack the secure system • Let’s make an agreement and grade the level Lvl 4 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 20 - Attackers’ Skill, Resources, Tools, Time How much security? Investment, Efforts, Tech Level, Assurance Level Chances to get compromised. Lvl 3 Lvl 2 Lvl 1
" 62443-3-3 System security requirements and security assurance levels From Draft 3 ISA 62443-3-3(99.03.03) Sep 2011 4. FR 1 Identification and authentication control To prevent unauthorized access to device and/or inquiry of its info To prevent unauthorized operation of device To prevent tampering data To prevent data leakage To prevent unauthorized information leakage To notify security violation to authority and to report forensic evidence To protect the entire NW resources from DoS attacks IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 21 - 5. FR 2 – Use control 6. FR 3 – Data integrity 7. FR 4 – Data confidentiality 8. FR 5 – Restricted data flow 9. FR 6 – Timely response to events 10. FR 7 – Resource availability 21 Tatsuaki Takebe Yokogawa Electric Corp.
" 62443-3-3 System security requirements and security assurance levels From Draft 3 ISA 62443-3-3(99.03.03) Sep 2011 4. Identify and authenticate all users (humans, processes and devices), and allow them access to the system or assets. • SL 1 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against casual or coincidental access by unauthorized entities. • SL 2 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using simple means. • SL 3 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using sophisticated means. • SL 4 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using sophisticated means with extended resources. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 22 - 22 Tatsuaki Takebe Yokogawa Electric Corp.
" 62443-4-1 Product Development Requirements From Draft 1 Edit 1 ISA-99.04.01 Jun 2011 5. Phase 1 – Security Management Plan (SMP) – SDSA-SMP-1 - Security Management Plan – SDSA-SMP-2 - Action Item Resolution – SDSA-SMP-3 - Documentation of software releases – SDSA-SMP-4 - Development Environment Security Documentation – SDSA-SMP-5 - CM System – SDSA-SMP-6 - Configuration Management Plan – SDSA-SMP-7 - Configuration List IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 23 - 23 Tatsuaki Takebe Yokogawa Electric Corp.
" 62443-4-1 Product Development Requirements From Draft 1 Edit 1 ISA-99.04.01 Jun 2011 6. Phase 2 - Security Requirements Specification (SRS) 7. Phase 3 – Software Architecture Design (SAD) 8. Phase 4 - Security Risk Assessment and Threat Modeling IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 24 - (SRA) 9. Phase 5 - Detailed Software Design (DSD) 10. Phase 6 - Document Security Guidelines (DSG) 11. Phase 7 - Module Implementation & Verification (MIV) 12. Phase 8 - Security Integration Testing (SIT) 13. Phase 9 - Security Process Verification (SPV) 14. Phase 10 - Security Response Planning (SPR) 15. Phase 11 - Security Validation Testing (SVT) 16. Phase 12 - Security Response Execution (SRE) 24 Tatsuaki Takebe Yokogawa Electric Corp.
Conclusions IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 25 - • Why standards? • No security is perfect. • Standards are the golden mean agreed upon by the stakeholders. • Compliance/Certification gives assurance if something happens.
Thank you very much for your attention IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 26 -

Recomendados

Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 

Recomendados

Monitoring ICS Communications
Monitoring ICS CommunicationsMonitoring ICS Communications
Monitoring ICS CommunicationsDigital Bond
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
Attacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaAttacking and Defending Autos Via OBD-II from escar Asia
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
 
API Training 10 Nov 2014
API Training 10 Nov 2014API Training 10 Nov 2014
API Training 10 Nov 2014Digital Bond
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Vulnerability Inheritance in ICS (English)
Vulnerability Inheritance in ICS (English)Digital Bond
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayEnergySec
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014iotisrael
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 
Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 

Mais conteúdo relacionado

Mais procurados

Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)Digital Bond
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Honeywell
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network ArchitecturesEnergySec
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayEnergySec
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014iotisrael
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationEnergySec
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSJim Gilsinn
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyHoneywell
 

Mais procurados (20)

Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)ICS Network Security Monitoring (NSM)
ICS Network Security Monitoring (NSM)
 
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...
 
Unidirectional Network Architectures
Unidirectional Network ArchitecturesUnidirectional Network Architectures
Unidirectional Network Architectures
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles Away
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber Grief
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014Securing Critical Iot Infrastructure, IoT Israel 2014
Securing Critical Iot Infrastructure, IoT Israel 2014
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
 
Cyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICSCyber & Process Attack Scenarios for ICS
Cyber & Process Attack Scenarios for ICS
 
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case StudyAccenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
Accenture & NextNine – Medium Size Oil & Gas Company Cyber Security Case Study
 

Destaque

Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Digital Bond
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Digital Bond
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case StudyDigital Bond
 
Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Digital Bond
 
ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)Digital Bond
 
Unidirectional Security Appliances to Secure ICS
Unidirectional Security Appliances to Secure ICSUnidirectional Security Appliances to Secure ICS
Unidirectional Security Appliances to Secure ICSDigital Bond
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service HardeningDigital Bond
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE ExperienceDigital Bond
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Digital Bond
 
Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Digital Bond
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityChris Sistrunk
 
PT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening GuidePT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening Guideqqlan
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheetqqlan
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSFDigital Bond
 
SCADA hacking industrial-scale fun
SCADA hacking industrial-scale funSCADA hacking industrial-scale fun
SCADA hacking industrial-scale funJan Seidl
 
Cybersecurity for Automation Control and SCADA Systems
Cybersecurity for Automation Control and SCADA SystemsCybersecurity for Automation Control and SCADA Systems
Cybersecurity for Automation Control and SCADA SystemsLiving Online
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouPaula Januszkiewicz
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...Paula Januszkiewicz
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 

Destaque (20)

Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)Internet Accessible ICS in Japan (English)
Internet Accessible ICS in Japan (English)
 
Incubation of ICS Malware (English)
Incubation of ICS Malware (English)Incubation of ICS Malware (English)
Incubation of ICS Malware (English)
 
Accelerating OT - A Case Study
Accelerating OT - A Case StudyAccelerating OT - A Case Study
Accelerating OT - A Case Study
 
Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)Survey and Analysis of ICS Vulnerabilities (Japanese)
Survey and Analysis of ICS Vulnerabilities (Japanese)
 
ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)ICS Security Training ... What Works and What Is Needed (Japanese)
ICS Security Training ... What Works and What Is Needed (Japanese)
 
Unidirectional Security Appliances to Secure ICS
Unidirectional Security Appliances to Secure ICSUnidirectional Security Appliances to Secure ICS
Unidirectional Security Appliances to Secure ICS
 
Windows Service Hardening
Windows Service HardeningWindows Service Hardening
Windows Service Hardening
 
The RIPE Experience
The RIPE ExperienceThe RIPE Experience
The RIPE Experience
 
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)Dynamic Zoning Based On Situational Activity in ICS (Japanese)
Dynamic Zoning Based On Situational Activity in ICS (Japanese)
 
Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015Remote Control Automobiles at ESCAR US 2015
Remote Control Automobiles at ESCAR US 2015
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
PT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening GuidePT - Siemens WinCC Flexible Security Hardening Guide
PT - Siemens WinCC Flexible Security Hardening Guide
 
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat SheetICS/SCADA/PLC Google/Shodanhq Cheat Sheet
ICS/SCADA/PLC Google/Shodanhq Cheat Sheet
 
Lessons Learned from the NIST CSF
Lessons Learned from the NIST CSFLessons Learned from the NIST CSF
Lessons Learned from the NIST CSF
 
SCADA hacking industrial-scale fun
SCADA hacking industrial-scale funSCADA hacking industrial-scale fun
SCADA hacking industrial-scale fun
 
Cybersecurity for Automation Control and SCADA Systems
Cybersecurity for Automation Control and SCADA SystemsCybersecurity for Automation Control and SCADA Systems
Cybersecurity for Automation Control and SCADA Systems
 
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling YouRSA Conference 2017 session: What System Stores on the Disk Without Telling You
RSA Conference 2017 session: What System Stores on the Disk Without Telling You
 
Kerberos
KerberosKerberos
Kerberos
 
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
RSA Conference 2017 session: Hacker’s Perspective on Your Windows Infrastruct...
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS Solutions
 

Semelhante a S4 Japan 2014 Closing Remarks and Cybersecurity History

BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdfJokaTek
 
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaT06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaVo Quoc Hieu
 
IEC 62061 introduction
IEC 62061 introductionIEC 62061 introduction
IEC 62061 introductionKoenLeekens
 
T89 introductiontofunctionalsafetyformachinery
T89 introductiontofunctionalsafetyformachineryT89 introductiontofunctionalsafetyformachinery
T89 introductiontofunctionalsafetyformachineryVo Quoc Hieu
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01RoutecoMarketing
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析Onward Security
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryAshley Zupkus
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart ManufacturingCSA Group
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsSean R. Bouchard, P.Eng
 
Functional integrity certification exida
Functional integrity certification exidaFunctional integrity certification exida
Functional integrity certification exidaKoenLeekens
 
Industrial Wireless Security (Japanese)
Industrial Wireless Security (Japanese)Industrial Wireless Security (Japanese)
Industrial Wireless Security (Japanese)Digital Bond
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibilityEric Verhulst
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...promediakw
 
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)Arie Vayner
 
Innovations in Switching
Innovations in SwitchingInnovations in Switching
Innovations in SwitchingCisco Canada
 
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...Cisco Canada
 

Semelhante a S4 Japan 2014 Closing Remarks and Cybersecurity History (20)

BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdf
 
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canadaT06 machine safetyachievingandmaintainingregulatorycompliance-canada
T06 machine safetyachievingandmaintainingregulatorycompliance-canada
 
IEC 62061 introduction
IEC 62061 introductionIEC 62061 introduction
IEC 62061 introduction
 
T89 introductiontofunctionalsafetyformachinery
T89 introductiontofunctionalsafetyformachineryT89 introductiontofunctionalsafetyformachinery
T89 introductiontofunctionalsafetyformachinery
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析
 
Towards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industryTowards 0-bug software in the automotive industry
Towards 0-bug software in the automotive industry
 
Smart Manufacturing
Smart ManufacturingSmart Manufacturing
Smart Manufacturing
 
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water OperatorsIntroduction to Industrial Cybersecurity for Water and Waste Water Operators
Introduction to Industrial Cybersecurity for Water and Waste Water Operators
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009
 
Mercom Capabilities 2015.ppt
Mercom Capabilities 2015.pptMercom Capabilities 2015.ppt
Mercom Capabilities 2015.ppt
 
Wind River Overview
Wind River OverviewWind River Overview
Wind River Overview
 
Functional integrity certification exida
Functional integrity certification exidaFunctional integrity certification exida
Functional integrity certification exida
 
Industrial Wireless Security (Japanese)
Industrial Wireless Security (Japanese)Industrial Wireless Security (Japanese)
Industrial Wireless Security (Japanese)
 
Unified Systems Engineering feasibility
Unified Systems Engineering feasibilityUnified Systems Engineering feasibility
Unified Systems Engineering feasibility
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
Embedded Event Manager (EEM) on IOS (CiscoLive 2015)
 
Innovations in Switching
Innovations in SwitchingInnovations in Switching
Innovations in Switching
 
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM...
 
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v22-25-2014 Part 1 - NRECA Kickoff Meeting v2
2-25-2014 Part 1 - NRECA Kickoff Meeting v2
 

Mais de Digital Bond

The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security ProductsDigital Bond
 
Havex Deep Dive (English)
Havex Deep Dive (English)Havex Deep Dive (English)
Havex Deep Dive (English)Digital Bond
 
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)Unsolicited Response - Getting BACnet Off of the Internet (Japanese)
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)Digital Bond
 
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)Digital Bond
 
Application Whitelisting and DPI in ICS (English)
Application Whitelisting and DPI in ICS (English)Application Whitelisting and DPI in ICS (English)
Application Whitelisting and DPI in ICS (English)Digital Bond
 
S4x14 Session: You Name It; We Analyze It
S4x14 Session: You Name It; We Analyze ItS4x14 Session: You Name It; We Analyze It
S4x14 Session: You Name It; We Analyze ItDigital Bond
 
Writing ICS Vulnerability Analysis
Writing ICS Vulnerability AnalysisWriting ICS Vulnerability Analysis
Writing ICS Vulnerability AnalysisDigital Bond
 
HART as an Attack Vector
HART as an Attack VectorHART as an Attack Vector
HART as an Attack VectorDigital Bond
 
PLC Code Protection
PLC Code ProtectionPLC Code Protection
PLC Code ProtectionDigital Bond
 

Mais de Digital Bond (9)

The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
Havex Deep Dive (English)
Havex Deep Dive (English)Havex Deep Dive (English)
Havex Deep Dive (English)
 
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)Unsolicited Response - Getting BACnet Off of the Internet (Japanese)
Unsolicited Response - Getting BACnet Off of the Internet (Japanese)
 
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
 
Application Whitelisting and DPI in ICS (English)
Application Whitelisting and DPI in ICS (English)Application Whitelisting and DPI in ICS (English)
Application Whitelisting and DPI in ICS (English)
 
S4x14 Session: You Name It; We Analyze It
S4x14 Session: You Name It; We Analyze ItS4x14 Session: You Name It; We Analyze It
S4x14 Session: You Name It; We Analyze It
 
Writing ICS Vulnerability Analysis
Writing ICS Vulnerability AnalysisWriting ICS Vulnerability Analysis
Writing ICS Vulnerability Analysis
 
HART as an Attack Vector
HART as an Attack VectorHART as an Attack Vector
HART as an Attack Vector
 
PLC Code Protection
PLC Code ProtectionPLC Code Protection
PLC Code Protection
 

Último

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 

Último (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 

S4 Japan 2014 Closing Remarks and Cybersecurity History

  • 1. S4 Japan 2014 Closing Remarks Yokogawa Electric Corporation IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 1 - Tatsuaki Takebe All brand or product names in this document are trademarks or registered trademarks of their respective companies.
  • 2. • First Self-destruct program (Richard Skrenta) • First Self-replicate program (Skrenta’s Elk Cloner) • ©Brain Virus developed by two Pakistanis’ • Yale, Cascade, Jerusalem, Lehigh, etc. • Ken Thompson demo first Trojan Horse • Fred Cohen’s VAX Viruses Protocol Weaknesses/Buffer overflow IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 2 - • Apple II Computer • Commodore • Atari • TI-99 • TRS-80 • First Worm developed in Xerox Palo Alto • FBI arrest “414s” Hacker Group • First “Concept” Macro Virus • Stealth virus (Whale) • Variable Encryption (1260) • Morris’ Worm • Robert T Morris fined $10K, 3 years probation • Code Red • Nimda • Philippines’ “I LOVE YOU” virus • Melissa virus ($80m) • Excel Macro Virus (cross platform) • “Solar Sunrise” - Two California Teens attack on 500 Military, Govt, & Private Computer Systems (Vul) • Slammer • Blaster • WeiChia • MyDoom • Sasser • Melissa’s author sentenced 20 months jail • DDoS on 13 “root” servers Standalone Systems – Disk/Diskette Sharing Information Warfare Computer Crimes Trusted Operating Systems (Orange Book) Trusted Network (Red Book) – ITSEC • Phishing attacks proliferated UK Green Book to BS 7799 to ISO 17799 to ISO 27001 Common Criteria (ISO 15408) Insecure Default/Weak Security Techniques/Feature Misuse/Social Engineering • Spyware • Bots • Phishing begins in AOL • “Cuckoo’s Egg” in LBL Cyber Crimes • SPAM Mails Discovery 発見 Experimentation 実験 Criminal Exploitation 非合法利用 197 7 197 8 197 9 198 0 198 1 198 2 198 3 198 4 198 5 198 6 198 7 198 8 198 9 199 0 199 1 199 2 199 3 199 4 199 5 199 6 199 7 199 8 199 9 200 0 200 1 200 2 200 3 200 4 200 5 200 6 • Pharming attacks (DNS poisoning) • Kevin Mitnick arrested, five years imprisonment • ZoTob • WMF Internet World Client-server/PC-LAN Networks Wide Web Web 2.0 By Meng Chow Kang
  • 3. " Attack Sophistication & Intruder Knowledge " Everybody can be an attacker. " Attack tools can be used for the control systems. “Stealth”/Advanced Scanning Techniques Network Management Diagnostics Sweepers Disabling Audits Malicious Code Morphing WWW Attacks Automated Probes/Scans Hijacking Sessions Exploiting Known Vulnerabilities Password Cracking Self-Replicating Code IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 3 - Password Guessing Sniffers BOTS Distributed Attack Tools Denial of Service GUI Packet Spoofing High 1980 1985 1990 1995 2000 2005 2010 Intruder Knowledge Low Attackers Back Doors Zombies Attack Sophistication Lipson, H. F., Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, Special Report CMS/SEI-2002-SR-009, November 2002, page 10.
  • 4. Security Incidents • From The Repository of Industrial Security Incidents IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 4 - 35 30 25 20 15 10 5 0 1982 1983 1984 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
  • 5. " Industrial Control Systems Security Coverage TCIP IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> I S C I ISCI I3P SCADA    L O G IIC                Achilles Wurld- Tech - 5 - PCSRF A G A Power Oil & Gas Chem Water Transport Comm Req R&D Dev Test Eval Demo Deploy Operation  SCADA SBIRs CSSP CSSP NSTB ISA | 9 9 API 1164 FERC、NERC S P | 9 9 ISA CIDX ChemITC Mu Dynamics ICSJWG
  • 6. Critical Infrastructure & Stds IEC ISO/IEC/JTC1 ISO/IEC 15408, 18045, 19790, 24759, 27001, 27002(17799) 62351-‐‑‒1〜~7 62443-‐‑‒1〜~3 NSTB CSSP CPNI(NISCC Tech Note Series) FERC EPRI NERC 国際 International 政府系 Govmtl 業界 Industry 成果 Outcome NIST SP800-‐‑‒82, 53, 30, 18, 37 FIPS 199, 200, 140-‐‑‒2 CMVP, CAVP ISCI I3P LOGIIC API Chemical CIDX 化学 薬品 R isk M a p A ccess P o licy T o o l E m era ld D E A D B O L T S ecS S H S M T U Water Sewerage 運輸 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 6 - AGA a cc CIP-‐‑‒002-‐‑‒X〜~ -‐‑‒009-‐‑‒X API 1164 AGA12 Guidance for Addressing Cyber Security in the Chemical Industry In tellig en t ID S INL Cyber Security Procurement Language for Control Systems IEEE IE E E -1 4 0 2 , 1 6 8 6 DOE 21 Steps to Improve Cyber Security Unite PCSF Organizations & People ISA99 WG1-‐‑‒6 ISA99.01.01,02.01, 03.01, CCEVS,NVLAP(TestLab) Test Specs Test Labs PCSRF SPP-‐‑‒ICS PP Power 電⼒力力 Oil Gas ⽯石油 ガス 上下 ⽔水道 鉄道 Transport Railroad Telecommunication 通信 Any
  • 7. " Industrial Control Systems Security Coverage IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> I S C I ISCI - 7 - Power Oil & Gas Chem Water Transport Comm Req R&D Dev Test Eval Demo Deploy Operation ISA99 ISA99
  • 8. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 8 - 8 " IEC/ISA 62443 Series structure
  • 9. " ISA 99 organizational structure 㼃㻳㻝 㼃㻳㻟 㼃㻳㻠 㼃㻳㻡 㼃㻳㻢 㼃㻳㻣 㼃㻳㻤 㼃㻳㻝㻜 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 9 - 㼃㼕㼞㼑㼘㼑㼟㼟㻌㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌㻵㼚㼟㼠㼕㼠㼡㼠㼑 9 㼃㻯㻵 㻵㻿㻭 㻥㻥 㻭㻿㻯㻵 㻵㻿㻯㻵 㻝㻜㻜 㻭㼡㼠㼛㼙㼍㼠㼕㼛㼚㻌 㻿㼠㼍㼚㼐㼍㼞㼐㼟㻌 㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌 㻵㼚㼟㼠㼕㼠㼡㼠㼑 㼃㻳㻞 㼃㻳㻥 㼃㻳㻝㻝 㻵㻱㻯㻌㻸㼕㼍㼕㼟㼛㼚 㼀㼑㼏㼔㼚㼛㼘㼛㼓㼕㼑㼟 㻿㼑㼏㼡㼞㼕㼠㼥㻌㻼㼞㼛㼓㼞㼍㼙 㼀㼑㼞㼙㼕㼚㼛㼘㼛㼓㼥㻘㻌㻯㼛㼚㼏㼑㼜㼠㼟㻌㼍㼚㼐㻌㻹㼛㼐㼑㼘㼟 㼀㼑㼏㼔㼚㼕㼏㼍㼘㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻯㼛㼙㼙㼕㼠㼠㼑㼑㻌㻼㼘㼍㼚㼚㼕㼚㼓㻌㼍㼚㼐㻌㻰㼕㼞㼑㼏㼠㼕㼛㼚 㻼㼍㼠㼏㼔㻌㻹㼍㼚㼍㼓㼑㼙㼑㼚㼠 㻿㼍㼒㼑㼠㼥㻌㻒㻌㻿㼑㼏㼡㼞㼕㼠㼥 㻯㼛㼙㼙㼡㼚㼕㼏㼍㼠㼕㼛㼚㻌㼍㼚㼐㻌㻻㼡㼠㼞㼑㼍㼏㼔 㼃㼕㼞㼑㼘㼑㼟㼟㻌㼍㼚㼐㻌㻿㼑㼏㼡㼞㼕㼠㼥㻌㻶㼃㻳 㼀㻳㻝 㼀㻳㻟 㼀㻳㻠 㼀㻳㻡 㻵㻿㻭㻥㻥㻌㻵㻿㻭㻢㻣㻌㻶㼃㻳㻌㼛㼚㻌㼏㼥㼎㼑㼞㻌㼟㼑㼏㼡㼞㼕㼠㼥㻌㼒㼛㼞㻌㼚㼡㼏㼘㼑㼍㼞㻌㼜㼘㼍㼚㼠㼟 㻲㼛㼡㼚㼐㼍㼠㼕㼛㼚㼍㼘㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㼆㼛㼚㼑㼟㻌㼍㼚㼐㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻰㼑㼞㼕㼢㼑㼐㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻹㼑㼠㼞㼕㼏㼟 㻼㼞㼛㼐㼡㼏㼠㻌㻰㼑㼢㼑㼘㼛㼜㼙㼑㼚㼠㻌㻾㼑㼝㼡㼕㼞㼑㼙㼑㼚㼠㼟 㻿㼑㼏㼡㼞㼕㼠㼥 㼃㼕㼞㼑㼘㼑㼟㼟 㻵㻿㻭㻌㻿㼑㼏㼡㼞㼕㼠㼥㻌㻯㼛㼙㼜㼘㼕㼍㼚㼏㼑㻌㻵㼚㼟㼠㼕㼠㼡㼠㼑 㻵㻱㻯㻛㻶㼀㻯㻝㻌㻸㼕㼍㼕㼟㼛㼚㻌㻭㼏㼠㼕㼢㼕㼠㼕㼑㼟 㻸㼑㼍㼐㼑㼞㼟㼔㼕㼜 㼀㻳㻞 㼀㻳㻢
  • 10. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 10 - " IEC TC 65
  • 11. Cards & PI BioMetrics IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 11 - " ISO IEC Security Financial Services Vocabulary
  • 12. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 12 - " ISO/IEC JTC 1/SC 27 SC 27 WG 1 WG 2 WG 3 WG 4 WG 5 ISMS Crypto Security Evaluation Security Control & Services IDMgmnt & Privacy 2700X 15408 19790 24760 29100 29101 ISA 99 IEC TC 65/WG10 SC 22/WG 23 ISA 99 IEC TC 65/WG10
  • 13. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 13 - " ISO/IEC JTC 1 SC 22 SC 22 WG4 COBOL WG5 Fortran WG9 ADA WG14 C WG17 Prolog WG19 Formal programming languages WG21 C++ WG23 Prog Lang Vul TR24772 SC 27/WG 3
  • 14. Secure IACS and maintain operational security 㻵㼙㼜㼘㻌㼆㼛㼚㼑㼟㻌㻒 㻯㼛㼚㼐㼡㼕㼠㼟㻘㻌㻯㼛㼙㼜 㻵 㼀 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 14 - 㻿㼠㼍㼞㼠 㻻㻷㻫 㻱㼚㼐 㻼㼍㼠㼏㼔㻌㻹㼍㼚㼍㼓㼑㼙㼑㼚㼠 㻿㻭㻸䚷䠚㻩㻿㻭㻸 㻱㼢㼍㼘㻌㻿㼥㼟㼠㼑㼙㻌 㻾㼕㼟㼗 㻿㼡㼎㼟㼥㼟㼠㼑㼙㼟 㼆㼛㼚㼑㼟㻌㻒㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻱㼢㼍㼘㻌㻿㼥㼟㼠㼑㼙㻌 㻻㼜㼑㼞㻚㻌㻿㻭㻸 㻾㼑㼠㼕㼞㼑㻌㻿㼥㼟㼠㼑㼙 㻹㼍㼗㼑㻌㻻㼜㼑㼞㼍㼠㼕㼛㼚㼍㼘㻌 㻿㼑㼏㼡㼞㼕㼠㼥㻌㻼㼛㼘㼕㼏㼥 㻯㼔㼛㼛㼟㼑㻌㻿㻭㻸 㼆㼛㼚㼑㼟㻌㻒㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻻㼜㼑㼞㼍㼠㼑㻌㻿㼥㼟㼠㼑㼙 System Security Compliance Metrics Establishing an Industrial Automation and Control Systems Security Program Operating an industrial automation and control system security program IEC 62443-‐‑‒2-‐‑‒4 practices IACS supplier security policies and Target Security Assurance Levels for ISA 99.01.03 ISA 99.02.01 ISA 99.02.02 ISA 99.02.03 ISA 99.03.02 Zones and Conduits System security requirements and security assurance levels ISA 99.03.03 ISA 99.02.01 ISA 99.03.02 ISA 99.03.02 ISA 99.01.03 ISA 99.03.03 ISA 99.01.03 ISA 99.02.02 ISA 99.02.03 ISA 99.02.01 㻿㼠㼍㼞㼠 㻱㼢㼍㼘㻌㻾㼕㼟㼗㻌㼒㼛㼞 㻯㼛㼙㼜㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻿㼑㼏㻌㻾㼝㼙㼚㼠㼟㻌㼒㼛㼞 㻯㼛㼙㼜㻘㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻰㼑㼟㼕㼓㼚㻌㻒㻌㻵㼙㼜㼘 㻱㼢㼍㼘㻌㻿㻭㻸㻌㼒㼛㼞 㻯㼛㼙㼜㻘㻌㻯㼛㼚㼐㼡㼕㼠㼟 㻻㻷 㻫 ISA 99.04.01 ISA 99.04.02 㻱㼚㼐 IEC 62443-‐‑‒2-‐‑‒4 IEC 62443-‐‑‒2-‐‑‒4 How to fit the entire pieces together?
  • 15. " Compliance " IEC 62443-2-1 ISMS compliance for Asset Owners (62443-2-1 is IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 15 - aligned with ISO/IEC 27001) " IEC 62443-2-4 Vendor/System Integrator Security Maturity
  • 16. Product security • IEC 62443-4-1 Assurance Sec Rea • IEC 62443-4-2 Functional Sec Req IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 16 -
  • 17. ISASecure Levels Communication Robustness Testing IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 17 - Software Development Security Assessment ソフトウェア開発セキュリティ評価 Functional Security Assessment セキュリティ機能評価 Software Development Security Assessment ソフトウェア開発 セキュリティ評価 Functional Security Assessment セキュリティ機能評価 Software Development Security Assessment ソフトウェア開発 セキュリティ評価 Functional Security Assessment セキュリティ機能評価 LEVEL 1 LEVEL 2 LEVEL 3 Requirements Necessary to Achieve Certification Levels Level 1 Level 2 Level 3 Total Count in Specification SDSA 130 149 170 170 FSA 20 49 82 82 CRT All All All CRT Common Specification plus all 6 Protocol CRT Specifications
  • 18. ISASecure EDSA Certification Program IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> Detects and Avoids systematic design faults • The vendor’s software development and maintenance processes are audited for artifacts for DUT • Ensures the organization follows a robust, secure software development process - 18 - Embedded Device Security Assurance Software Development Security Assurance (SDSA) ソフトウェア開発 セキュリティ評価 Functional Security Assessment (FSA) セキュリティ機能評価 Communications Robustness Testing (CRT) 通信堅牢性テスト Detects Implementation Errors/Omissions • A component’s security functionality is audited against its derived requirements for its specified security level • Ensures the product has properly implemented the security functional requirements Identifies vulnerabilities in device networking capabilities • A component’s communication robustness is tested against communication robustness requirements • Tests for vulnerabilities in the 4 layers of OSI Reference Model
  • 19. ISA Security Compliance Institute • Document Structure for Product Evaluation " Similar structure for system evaluation is being discussed now. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 19 - 19 Tatsuaki Takebe Yokogawa Electric Corp.
  • 20. • In order to decrease the chances to be hacked, • You need investments • Attackers need skill, resources to crack the secure system • Let’s make an agreement and grade the level Lvl 4 IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 20 - Attackers’ Skill, Resources, Tools, Time How much security? Investment, Efforts, Tech Level, Assurance Level Chances to get compromised. Lvl 3 Lvl 2 Lvl 1
  • 21. " 62443-3-3 System security requirements and security assurance levels From Draft 3 ISA 62443-3-3(99.03.03) Sep 2011 4. FR 1 Identification and authentication control To prevent unauthorized access to device and/or inquiry of its info To prevent unauthorized operation of device To prevent tampering data To prevent data leakage To prevent unauthorized information leakage To notify security violation to authority and to report forensic evidence To protect the entire NW resources from DoS attacks IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 21 - 5. FR 2 – Use control 6. FR 3 – Data integrity 7. FR 4 – Data confidentiality 8. FR 5 – Restricted data flow 9. FR 6 – Timely response to events 10. FR 7 – Resource availability 21 Tatsuaki Takebe Yokogawa Electric Corp.
  • 22. " 62443-3-3 System security requirements and security assurance levels From Draft 3 ISA 62443-3-3(99.03.03) Sep 2011 4. Identify and authenticate all users (humans, processes and devices), and allow them access to the system or assets. • SL 1 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against casual or coincidental access by unauthorized entities. • SL 2 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using simple means. • SL 3 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using sophisticated means. • SL 4 – Identify and authenticate all users (humans, processes and devices) by mechanisms which protect against intentional unauthorized access by entities using sophisticated means with extended resources. IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 22 - 22 Tatsuaki Takebe Yokogawa Electric Corp.
  • 23. " 62443-4-1 Product Development Requirements From Draft 1 Edit 1 ISA-99.04.01 Jun 2011 5. Phase 1 – Security Management Plan (SMP) – SDSA-SMP-1 - Security Management Plan – SDSA-SMP-2 - Action Item Resolution – SDSA-SMP-3 - Documentation of software releases – SDSA-SMP-4 - Development Environment Security Documentation – SDSA-SMP-5 - CM System – SDSA-SMP-6 - Configuration Management Plan – SDSA-SMP-7 - Configuration List IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 23 - 23 Tatsuaki Takebe Yokogawa Electric Corp.
  • 24. " 62443-4-1 Product Development Requirements From Draft 1 Edit 1 ISA-99.04.01 Jun 2011 6. Phase 2 - Security Requirements Specification (SRS) 7. Phase 3 – Software Architecture Design (SAD) 8. Phase 4 - Security Risk Assessment and Threat Modeling IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 24 - (SRA) 9. Phase 5 - Detailed Software Design (DSD) 10. Phase 6 - Document Security Guidelines (DSG) 11. Phase 7 - Module Implementation & Verification (MIV) 12. Phase 8 - Security Integration Testing (SIT) 13. Phase 9 - Security Process Verification (SPV) 14. Phase 10 - Security Response Planning (SPR) 15. Phase 11 - Security Validation Testing (SVT) 16. Phase 12 - Security Response Execution (SRE) 24 Tatsuaki Takebe Yokogawa Electric Corp.
  • 25. Conclusions IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 25 - • Why standards? • No security is perfect. • Standards are the golden mean agreed upon by the stakeholders. • Compliance/Certification gives assurance if something happens.
  • 26. Thank you very much for your attention IAMK014-0411 Copyright © Yokogawa Electric Corporation <20141010> - 26 -