Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
CHRISTY THOMAS
Senior Cyber Security Advisor (OT & IT)
Objectives
• Proprietary
• Complete vertical solutions
• Customized
• Specialized communications
• Wired, fiber, microwave, dialup, serial, etc.
• 100s of different protocols
• Slow; e.g. 1200 baud
• Long service lifetimes: 15–20 years
• Not designed with security in mind
Technology Trends in ICS
Application Security
SW code quality
Privileges and access controls
Authentication
Cryptographic issues
Credentials management
Source: Cyber–Physical System Security for the Electric Power Grid , Proceedings of the IEEE | Vol. 100, No. 1, January 2012
ICS Cybersecurity
Vulnerabilities across ICS Components
Number of vulnerable products across industries Source: US ICS-CERT classification - Vulnerabilities published in 2018
Major Flaws of ICS ..How to
Unpatched
Vulnerabilities
There is Architecture &
No Segmentation Issues
Cybersecurity Architecture
Physical Security
Recovery Prevention
ICS Perimeter Security
Host Security
Response Detection
Security Monitoring
Vendor Management