Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Siemens.com/industrialsecurity
About (me):
• Over 18 years in IT, Instrumentation, Control & Automation
• Masters Degree in Industrial Automation from EIT Australia
• Masters Degree in Engineering Management from NorthWest University,
South Africa
• Masters in Business Administration (MBA) from Lincoln University, USA
• Advanced Diploma in Industrial Automation from EIT Australia
• Post-Graduate Diploma in Electrical & Electronics Engineering from FUTA
• Certified OPC Professional, Level 4 from OPC Training Institute, Canada
• Certified Process Control Network CyberSecurity Practitioner
• Cisco Certified Network Professional, CCNP
• Microsoft Certified systems Administrator, MCSA
• A member of COREN, NSE, NIEEE, IEEE & ISA
• Strong Expertise in Yokogawa & Allen Bradley Control Systems Architecture
• Currently PCN / CyberSecurity Engineer for Chevron Nigeria
Security Trends
Globally we are seeing more network connections than ever before
• Employees
• Smartphones
• Laptops
• PC workstations
• Network infrastructure
• Mobile storage devices
• Tablet PC
• Computer center
• Policies and guidelines
• Printer
• Production systems/plants
Industrial Security
Vulnerability disclosures are headline news
Source: https://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-
CERT_Monitor_Sep2014-Feb2015.pdf
Feb. 12, 2013: „Now our enemies are also seeking the ability to sabotage our power grid, In the ICS-CERT fiscal year (October 2013 until September 2014) ICS-
our financial institutions, and our air traffic control systems. We cannot look back years CERT analyzed 245 attacks to control systems in the USA.
from now and wonder why we did nothing in the face of real threats to our security and
our economy. That’s why, earlier today, I signed a new executive order that will strengthen
our cyber defenses... Now, Congress must act as well, by passing legislation to give our
government a greater capacity to secure our networks and deter attacks.“
- U.S. President Barack Obama
Example of Cybersecurity Incidents
Ukranian Blackout:
• Occurred in 2015
• Blackout for nearly 250,000 customers
• First successful attempt on power grid
• Increasing threat to Utilities sector
Example of Cybersecurity Incidents
Shamoon Attack on Saudi Aramco :
• Occurred in 2012
• Ochestrated by a privileged user
• Unleased a Computer Virus
• The virus erased data on ¾ PCs
• 35,000 computers were destroyed
• Encryption and • Access control for • Protection of the data • Authentication of devices
monitoring for industrial components transmission and storage and user
communication and networks
Risk Management
security are some of the methods through which
confidentiality is achieved
Confidentiality
Integrity: Integrity assures that the data or information
system can be trusted. Ensures that it is edited by only Integrity
authorized persons and remains in its original state when
at rest. Data encryption and hashing algorithms are key Availability
processes in providing integrity
Availability: Data and information systems are available
when required. Hardware maintenance, software
patching/upgrading and network optimization ensures
availability
Industrial Security Concept :
Defense in Depth based on IEC 62443 / ISA 99
Plant security
• Physical access protection
• Processes and guidelines
• Holistic security monitoring
Network security
• Cell protection and
perimeter network
• Firewalls and VPN
System integrity
• System hardening
• Patch management
• Detection of attacks
• Authentication and access
protection
Other Security Considerations for ICS
Access Control
• Access control mechanisms guarantee that the person who is attempting access to a
system or application is who she/he says it is. Access control involves a user
submitting a unique identifier, such as a user ID, and the corresponding authenticating
information, such as a password.
Network Security
• Network security protects the confidentiality, integrity, and availability of information
systems against internal and external threats using a variety of security controls.
Log Management
• Critical applications and systems should generate important security- related events to
assist in identifying threats to information, troubleshooting network or system-related
issues, and comply with regulatory requirements.
Remote Access
• Remote users and vendors seek access into the ICS environment for remote
maintenance and support.
Thank you !
References
Baseline Security Requirements for Network Security Zones in the Government of Canada
(ITSG-22). Retrieved from https://www.cse-cst.gc.ca
Cisco and Rockwell Automation (2011). Converged Plantwide Ethernet (CPwE) Design and
Implementation Guide. Cisco Systems, Inc. (n.d.). Retrieved from http://www.cisco.com/
Information Security Forum (2014). The Standard of Good Practice for Information Security.
Retrieved from http://isflive.org
ISA99 Committee (2004). Manufacturing and Control Systems Security Part 1: Models and
Terminology. Retrieved from http://isa99.isa.org/
Krutz, R. L. (2006). Securing SCADA systems. Indianapolis, IN: Wiley Pub.
NIST (2014). NIST Cybersecurity Framework Core: Informative Reference Standards. ISA
62443-3-3:2-13.