security considerations in process control and scada environments
DESCRIPTION
TRANSCRIPT
![Page 1: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/1.jpg)
Security Considerations in Process Control
and SCADA Environments
Rich ClarkIndustry Security Guidance
Wonderware and ArchestrA Business UnitsInvensys Wonderware
![Page 2: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/2.jpg)
2
Introduction
► Security risks come with rapidly evolving technological advances
► Threat vectors (security holes or technology exploits) appear in rapidly changing technology
► New security features are built into Wonderware Products and newer Microsoft OS's and toolkits, and are being added to every day.
► Close coordination with industry organizations ISA and other Guidance Organizations Government Labs and Entities 3rd Party Vendors
• Microsoft, Security Vendors, Tool Manufacturers, etc.
![Page 3: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/3.jpg)
3
Context for Discussing PCN/SCADA Security
► The DHS (Department of Homeland Security) believes that the next major war most likely will be an infrastructure war or will involve disabling our infrastructure
► There is no such thing as an Enterprise that is 100% secure even though some people want it
► 80/20 rule for Security The first 80% of threat vectors are relatively
inexpensive to secure against
The costs and maintenance climb exponentially when attempting to secure the remaining 20%
![Page 4: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/4.jpg)
4
Context for Discussing PCN/SCADA Security (cont.)
► Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions
in Real Time”
![Page 5: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/5.jpg)
5
Context for Discussing PCN/SCADA Security (cont.)
► Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions
in Real Time”
► Remember that: “A properly designed and fully operational Process
Control Network (PCN) or SCADA System is greater than the sum of the parts”
![Page 6: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/6.jpg)
6
Context for Discussing PCN/SCADA Security (cont.)
► Process Control Software is designed to add intelligence and efficiency to a Production Enterprise Wonderware: “Powering Intelligent Plant Decisions
in Real Time”
► Remember that: “A properly designed and fully operational Process
Control Network (PCN) or SCADA System is greater than the sum of the parts”
► A central issue to implementation and security Most IT personnel view individual PCN machines as
end devices, instead of the whole PCN as the end device
This is the fundamental disconnect between Process Control Engineers and IT Personnel
![Page 7: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/7.jpg)
7
Control Enterprise Definitions
► What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much!
![Page 8: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/8.jpg)
8
Control Enterprise Definitions
► What is the difference between a Process Control Network (PCN) and a SCADA System? Not Much!
► Industry groups are having trouble categorizing each Enterprise Type because there are too many similarities between them SCADA (Supervisory Control and Data Acquisition)
Systems usually have remote, sometimes independent nodes running single tasks
PCNs usually perform more complex or a wider variety of tasks than SCADA Systems
![Page 9: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/9.jpg)
9
Typical Industry Process Control Network (PCN)
![Page 10: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/10.jpg)
10
Typical Industry SCADA System
![Page 11: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/11.jpg)
11
Evolution of the Plant
► The need for protecting and securing PCN/SCADA Systems is mostly due to growth in Proliferation of open platforms and OS’s
Wireless technologies
Increase in joint ventures/mergers
Outsourcing
Regulatory mandates
Complex plant environments/intelligent equipment
Increased connectivity
Increased network intrusion
![Page 12: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/12.jpg)
12
Solution Delivery Project Completion
► Complete Enterprise Integration will include the Process Design Solution incorporating the following Industry regulations and regulatory agencies
Standards organizations
Security risk identification and assessment with appropriate countermeasures
Compliance to legacy systems
Architectural changes and latest guidance
External and internal influences affecting the Enterprise
Multiple vendors
Company policies and industry best practices
![Page 13: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/13.jpg)
13
Standards and Regulations
► To make your job easier, Wonderware is working with these organizations and helping to establish standards MSMUG
OPC Standards Committee
FDA
ISO 900x
NERC 1300 Electrical Industry
ENISA 460 Euro Control Systems Standards
ISA S-99
GAO
DHS
![Page 14: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/14.jpg)
14
Establishing a Security Program for the PCN
► Create a formal project and address the following topics
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 15: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/15.jpg)
15
Establishing a Security Program for the PCN
► Create a formal project and address the following topics
Security Program Performance Management
Awareness &
Assessment Policy &
ProceduresSecurity Solution
![Page 16: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/16.jpg)
16
Establishing a Security Program for the PCN
► Create a formal project and address the following topics
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 17: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/17.jpg)
17
Establishing a Security Program for the PCN
► Create a formal project and address the following topics
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 18: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/18.jpg)
18
Establishing a Security Program for the PCN
► Create a formal project and address the following topics
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 19: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/19.jpg)
19
Awareness and Assessment Review
► Establish Security Team
► Define Security Objectives
► Identify Current Vulnerabilities
► Establish Security Plan
Security Program Performance Management
Awareness &
Assessment
Policy & Procedures
Security Solution
![Page 20: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/20.jpg)
20
Risk Analysis and Assessment
► Risk is broadly defined as IF a Threat Agent uses a tool, technique, or method
to exploit a Vulnerability, THEN a loss of (confidentiality, integrity, or availability) to an Asset may result in an impact
► Risk Assessment is a methodical process to determine threats, vulnerabilities, and risks to determine what solutions should be put in place
► A Formal Risk Assessment will produce a probability number from 0-1 of the event occurring
► Generally speaking, low probability (of occurring) risks are harder to protect against and cost moreto do so
![Page 21: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/21.jpg)
21
Cost of Protection vs Breach Event Probability
More Vulnerable to Attack Safer Against Breach Events
Cost curve for increasing the
protection level
Breach events having a high probability of never occurring
![Page 22: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/22.jpg)
22
Risk Analysis and Assessment (cont.)
► Sources of threats External
Internal
Accidental
Vulnerabilities
![Page 23: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/23.jpg)
23
General attacker threatsCommon criminals
Organized crime
Nation states/Governments
Non state-sponsoredterrorism
Anti world trade/Anti globalizationactivists
Regional political activism
Animal rights activists
Environmental groups
Malicious code attack specifically directed against a Customer
General malicious code threat
Illegal information brokers andfreelance agents
Competitors, contractors, corporations
Disaffected staff(including contractors)
Some Sources of These Threats…
Corporate intelligence/Investigation companies
“Insider” threats including social engineering, espionage, and spoofing people with high access levels
Unintentional exposure of vulnerabilities by untrained personnel
![Page 24: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/24.jpg)
24
Risk Analysis and Assessment (cont.)
► Sources of threats External
Internal
Accidental
Vulnerabilities
► As attack software and network tools become more sophisticated, the attacker’s need for technical knowledge of what they are doing is being greatly reduced
![Page 25: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/25.jpg)
25
Attack Sophistication vs. Intruder Technical Knowledge
Sources: Carnegie Mellon University, 2002 and Idaho National Laboratory, 2005
1980 1985 1990 1995 2000 2005 2010
Automated Probes/Scans
Password Guessing
Self-Replicating Code
Password Cracking
Exploiting Known Vulnerabilities
Disabling Audits
Hijacking Sessions
Sweepers
Sniffers
Distributed Attack Tools
Denial of Service
GUI
Network Management Diagnostics
WWW Attacks
“Stealth”/AdvancedScanning TechniquesHigh
Low
Intruders
Back Doors
Zombies
BOTS
Morphing
Malicious Code
Attack Sophistication
Intruder Knowledge
Packet Spoofing
![Page 26: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/26.jpg)
26
Final Note: Vulnerabilities Risk Mitigation
► The largest vulnerability that existed was open source Operating Systems
► Microsoft put $10M into tightening up security of Windows XP and 2003 Server last year
► None of the other open platform Operating Systems manufacturers have committed those kinds of resources to tighten up similar vulnerabilities intheir OS’s
► Microsoft OS Security has become a matter of user identification of risks (risk analysis) and applying specific countermeasures at appropriate levels of OS interaction
![Page 27: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/27.jpg)
27
Policy and Procedures
►Established Standards
►Regulatory Drivers
►Local and Company Requirements
►ISO 17799, ISA-SP99, META, CERT, etc.
►FDA, FERC, NERC, SEC, DEA, etc.
►Site Policy, Information, Authorizations, etc.
Security Program Performance Management
Awareness & Assessment
Policy & Procedure
s
Security Solution
![Page 28: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/28.jpg)
28
Establishing Policies and Procedures
► Create a committee of Subject Matter Experts
► SMEs should include Process Engineers and IT personnel who are being cross-trained
► Get Executive buy-in
► No one is exempt from company security policy including Executive Level…
![Page 29: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/29.jpg)
29
Historian –
InSQL
Application Object Server
Application Object Server
Application Object Server
OperatorStation
OperatorStation
OperatorStation
OperatorStation
DevelopmentStation
DevelopmentStation
The Case of the CFO’s Sleeping Notebook
Instead of shutting down the machine properly, he made the machine sleep keeping the virus in resident memory.
Company policy required that all machines connected to the Corp Net be rebooted and virus scanned. They did not enforce this policy at the Executive Level.
When it connected to the Corp Net and woke up, the virus spread immediately to all machines that were not properly patched for the particular virus (a lot of them).
The Enterprise was down for 2 days.
His daughter used the machine to surf the web and it contracted a virus.
CFO Notebook
![Page 30: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/30.jpg)
30
Establishing Policies and Procedures
► Create a committee of Subject Matter Experts
► SMEs should include Process Engineers and IT personnel who are being cross-trained
► Get Executive buy-in
► No one is exempt from company security policy including Executive level
► A security officer is a good idea This position is the single point of contact between
outside connections and the PCN
This position enforces the policy created by thesecurity committee
![Page 31: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/31.jpg)
31
Policies and Procedures
► Establishing Policies and Procedures is the foundation of a solid security strategy
► Some considerations for user accounts Only validated users Users IDs have unique names with medium to
strong passwords Individuals are accountable Restrict access Lockout duration well defined Groups are defined by user access needs and roles Reset any Guest and Default accounts Operator accounts defined/limited by operational
area Service accounts on local domain machines
are not used to logon to network domains
![Page 32: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/32.jpg)
32
Policies and Procedures (continued)
► Passwords Enforce password history to limit reuse of old
passwords
Enforce password aging to force interval changing of passwords
Enforce minimum password length
• Usually 7 or 8 characters minimum
![Page 33: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/33.jpg)
33
Policies and Procedures (continued)
► Passwords Enforce password history to limit reuse of old
passwords
Enforce password aging to force interval changing of passwords
Enforce minimum password length
• Usually 7 or 8 characters minimum
Enforce password complexity
• Some strong password requirements can result in less security because people tend to write these down
• Do not use strong passwords unless you can enforce social engineering
![Page 34: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/34.jpg)
34
Policies and Procedures (continued)
► Passwords Enforce password history to limit reuse of old
passwords
Enforce password aging to force interval changing of passwords
Enforce minimum password length
• Usually 7 or 8 characters minimum
Enforce password complexity
• Some strong password requirements can result in less security because people tend to write these down
• Do not use strong passwords unless you can enforce social engineering
Do not store using reversible encryption
![Page 35: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/35.jpg)
35
Policies and Procedures (continued)
► Remote Access Limit access by defining access based upon needs
Check all equipment brought to the site
Separate role based user groups for temporary accounts —review often
Define/document all outside access routes and accounts
![Page 36: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/36.jpg)
36
Policies and Procedures (continued)
► Remote Access Limit access by defining access based upon needs
Check all equipment brought to the site
Separate role based user groups for temporary accounts —review often
Define/document all outside access routes and accounts
► Physical Access Keep locked
Have specific personnel directly responsible
![Page 37: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/37.jpg)
37
Policies and Procedures (continued)
► Remote Access Limit access by defining access based upon needs
Check all equipment brought to the site
Separate role based user groups for temporary accounts —review often
Define/document all outside access routes and accounts
► Physical Access Keep locked
Have specific personnel directly responsible
► Final Note: You as the engineer or integrator should have a keen awareness of all these issues before the project even starts!
![Page 38: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/38.jpg)
38
Security Solution
► Solution Design
► Solution Recommendations
► Solution Implementation
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 39: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/39.jpg)
39
Security Ecosystem
► Security perspective of a manufacturing and/or industrial ecosystem System Architecture
External and Internal Influence
Vendors
Policies and Procedures
Platform Vendor
Automation Software Vendor
Standards
![Page 40: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/40.jpg)
40
Security Ecosystem
![Page 41: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/41.jpg)
41
Requirements for a Secure Network
► Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer
• Bury any vulnerabilities inside of secure layers!
![Page 42: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/42.jpg)
42
Requirements for a Secure Network
► Have a prevention policy using Firewalls and firewall devices Network based intrusion prevention/detection Host based intrusion prevention/detection Layer, Layer, Layer.
• Bury any vulnerabilities inside of secure layers!
► Do not put Corporate and Plant networks on the same domain
► No secure and insecure protocols on same network
► Continually monitor, create alerting and diagnostics of plant network control systems, and look for any “backdoor” integration to the corporate network
![Page 43: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/43.jpg)
43
Secure Architectures
► Secure systems are directly related to Infrastructure
• Servers• Workstations• Ethernet Cables• Fiber Optics
• Switches• Routers• Firewalls• Connectivity
![Page 44: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/44.jpg)
44
Secure Architectures
► Secure systems are directly related to Infrastructure
• Servers• Workstations• Ethernet Cables• Fiber Optics
Protocols and Communications
Host Software• Operating Systems• Virus Protection• Intrusion Protection
• Switches• Routers• Firewalls• Connectivity
![Page 45: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/45.jpg)
45
Secure Architectures
► Secure systems are directly related to Infrastructure
• Servers• Workstations• Ethernet Cables• Fiber Optics
Protocols and Communications
Host Software• Operating Systems• Virus Protection• Intrusion Protection
► Recommendation: Define the Enterprise into Secure Areas (Layers or Rings)
• Switches• Routers• Firewalls• Connectivity
![Page 46: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/46.jpg)
46
Current Designs of Secure Architectures: SCADA
Legacy HMIOPC or SuiteLink Enabled
Firewall
Client PC withActive Factory
SuiteVoyagerClient
Win TerminalClient HMI
Win TerminalClient Dev
Other CorporateIT Functions
Corporate Network Infrastructure
Firewall
InSQL ServerPlatform / AlarmDB
Other WW Databases
SuiteVoyagerPlatform
Win Terminal ServerPlatform
InTouch TSEFS A2 Dev TSE
DMZ
InTouch PlatformActiveFactory
Alarm History ViewerOther WW DB Viewers
PLCs
Sub-station Network
OptionalFirewall
SCADAlarmWith Modem andMonitored DO line
Galaxy RepositoryInTouch file server
AOS PlatformDI Network Object
AOS PlatformDI Network Object
SCADA Com Manager
PLCs
Proprietary DistributedSCADA Communications
Infrastructure
Firewall
Firewall
Firewall
Supervisory Control Network
TCP/IP DistributedSCADA Communications
Infrastructure
InTouch PlatformActive Factory
Alarm History ViewerOther WW DB Viewers
PLCs
Sub-station Network
![Page 47: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/47.jpg)
47
Current Designs of Secure Architectures: PCN
Firewall
Client PC withActive Factory
SuiteVoyagerClient
Win TerminalClient HMI
Win TerminalClient Dev
Other CorporateIT Functions
Corporate Network Infrastructure
Firewall
InSQL ServerPlatform / AlarmDB
Other WW Databases
SuiteVoyagerPlatform
Win Terminal ServerPlatform
InTouch TSEFS A2 Dev TSE
DMZ
InTouch PlatformActiveFactoryAlarm Clients
QI Client
Router
PLCs
Factory Floor Network (TCP/IP)
OptionalFirewall
SCADAlarmWith Modem andMonitored DO line
Galaxy RepositoryInTouch file server
TSE serverIDE
AOS PlatformDI Network Object
PLCs
Non TCP/IP based PLC Network
Process Control Network
![Page 48: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/48.jpg)
48
Current Designs of Secure Architectures: PCN
Firewall
Client PC withActive Factory
SuiteVoyagerClient
Win TerminalClient HMI
Win TerminalClient Dev
Other CorporateIT Functions
Corporate Network Infrastructure
Firewall
InSQL ServerPlatform / AlarmDB
Other WW Databases
SuiteVoyagerPlatform
Win Terminal ServerPlatform
InTouch TSEFS A2 Dev TSE
DMZ
InTouch PlatformActiveFactoryAlarm Clients
QI Client
Router
PLCs
Factory Floor Network (TCP/IP)
OptionalFirewall
SCADAlarmWith Modem andMonitored DO line
Galaxy RepositoryInTouch file server
TSE serverIDE
AOS PlatformDI Network Object
PLCs
Non TCP/IP based PLC Network
Process Control Network
This is aSerious DataBottleneck
![Page 49: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/49.jpg)
49
Firewall
Client PC withActive Factory
SuiteVoyagerClient
Win TerminalClient HMI
Win TerminalClient Dev
Other CorporateIT Functions
Corporate Network Infrastructure
Firewall
InSQL ServerPlatform / AlarmDB
Other WW Databases
SuiteVoyagerPlatform
Win Terminal ServerPlatform
InTouch TSEFS A2 Dev TSE
DMZ
InTouch PlatformActiveFactoryAlarm Clients
QI Client
Router
PLCs
Factory Floor Network (TCP/IP)
OptionalFirewall
SCADAlarmWith Modem andMonitored DO line
Galaxy RepositoryInTouch file server
TSE serverIDE
AOS PlatformDI Network Object
PLCs
Non TCP/IP based PLC Network
Process Control Network
Current Designs of Secure Architectures: PCN
This is all the same logon/admin domain.The PCN is susceptible to Corp Net
failure and attacks.
![Page 50: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/50.jpg)
50
Current Wonderware Architecture Guidance
Secure Area(Effective DMZ)
The whole domain is an“End Device”
![Page 51: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/51.jpg)
51
Current Wonderware Architecture Guidance
Only one single point of ingress/egress
![Page 52: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/52.jpg)
52
Current Wonderware Architecture Guidance
ActiveDirectoryManages Users
and PCN DomainSecurity
![Page 53: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/53.jpg)
53
Current Wonderware Architecture Guidance
Only minimaltraffic passes
here
![Page 54: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/54.jpg)
54
Current Wonderware Architecture Guidance
This network only carries PCN traffic.No corporate spending projections.
No emails to Aunt Hildebrandt.No web surfing to see how my stocks are doing.
![Page 55: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/55.jpg)
55
Data Communications and Protocols► Getting data securely from one place to another
requires some forethought and understanding
► Data is usually binary, hexadecimal, or text (ASCII)
► Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual
Private Network (VPN) which uses IPSec as a tunneling protocol
![Page 56: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/56.jpg)
56
Data Communications and Protocols
IPSec co-processor and firewall cards installed here.
![Page 57: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/57.jpg)
57
Data Communications and Protocols
IPSec Appliance (small router) installed here
![Page 58: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/58.jpg)
58
Data Communications and Protocols
Edge Device (represents a single router or router pair)
![Page 59: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/59.jpg)
59
Data Communications and Protocols► Getting data securely from one place to another
requires some forethought and understanding
► Data is usually binary, hexadecimal, or text (ASCII)
► Data can be secured by Encrypting with an algorithm Common encryption methods include a Virtual
Private Network (VPN) which uses IPSec as a tunneling protocol
Limiting it through specific ports with DCOM Config
• Certain ports are used by every software manufacturer that has to have access to security or domain services, including Kerberos, Terminal Services, HTTP; anything whether TCP or UDP
• DCOM is also used to request or start services or programs (using RPC), which makes it viewed by some IT departments as something that cannot be used
![Page 60: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/60.jpg)
60
OSI Model and the Security Schemes
DCOM and port selection occurs in this layer above the TDI. (Transport Driver Interface) It is difficult to secure the processes.
IPSec Occurs in this layer mostly below the TDI and at the kernel level and the data is secure before it gets into the machine.
![Page 61: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/61.jpg)
61
Final Solution Requirements May Include:
► Retention of forensic information to support investigation/legal litigation
► Secure connectivity to wireless devices
► Doing these exercises will ensure that major elements are considered and incorporated into the final design and include People
Process
Policies
Products
![Page 62: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/62.jpg)
62
Security Considerations
► Site Networks and Control System Security Approach View from management and technical perspective
Address solutions from the IT and Process Control System perspectives
Design/develop multiple layers of network, system, and application security
Ensure compliance with industry, regulatory,and international standards
![Page 63: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/63.jpg)
63
Total Security Design Considerations
► Following these steps will prevent Process Control Networks (PCNs) from being implemented in pieces that will result in inconsistent or unsafe security designs Develop security policy
Define requirements to implement a secure process environment
Develop plan to implement security
Implement the PCN without tightening down the machines
Only after the above steps are complete…
Apply the security policies and plan once the PCN is operating correctly!
![Page 64: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/64.jpg)
64
Final Solution Thoughts: Creating Infrastructure
► Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc.
![Page 65: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/65.jpg)
65
Final Solution Thoughts: Creating Infrastructure
► Review the types of available authenticators that you may want to use Password, Biometric, Key Card, etc.
► Final Review: Compliance with your company’s established Security Policy
► Make sure the devices that you select for the solution will do what they are supposed to in relation to your established security policies and requirements Firewalls, Routers, Switches Domain Controllers Physical Networks Remote Access Devices Wireless Access
![Page 66: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/66.jpg)
66
Security Program Performance Management
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
![Page 67: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/67.jpg)
67
Security Program Performance Management
Awareness & Assessment
Policy & Procedures
Security Solution
Security Program Performance Management
► Continual Monitoring and Alerting
► Yearly Review and Auditing
► Periodic Testing and Validation
► Continual Updating of Security System Requirements
![Page 68: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/68.jpg)
68
Security Lifecycle Project Management
Procure or Build Security
Countermeasures
Define Risk Goals
Assess & Define Existing System
Design or Select Countermeasures
Conduct Risk Assessment & Gap Analysis
![Page 69: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/69.jpg)
69
Security Lifecycle Project Management
Procure or Build Security
Countermeasures
Define Risk Goals
Assess & Define Existing System
Design or Select Countermeasures
Define Integration Test Plan
Define Component Test
Plans
Define System Validation Test
Plan
Conduct Risk Assessment & Gap Analysis
![Page 70: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/70.jpg)
70
Security Lifecycle Project Management
Procure or Build Security
Countermeasures
Finalize Operational
Security Measures
Test Countermeasures
Perform Pre-Installation Integration Test
Define Risk Goals
Assess & Define Existing System
Design or Select Countermeasures
Define Integration Test Plan
Perform Validation Test on Installed
System
Define Component Test
Plans
Define System Validation Test
Plan
Conduct Risk Assessment & Gap Analysis
![Page 71: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/71.jpg)
71
Security Lifecycle Project Management
Procure or Build Security
Countermeasures
Reevaluate Security
Countermeasures (Break-in or Major
Plant Change)
Periodic Auditand Compliance
Measures
Routine Security Reporting and
Analysis
Finalize Operational
Security Measures
Test Countermeasures
Perform Pre-Installation Integration Test
System Goes Operational
HereDefine Risk Goals
Assess & Define Existing System
Design or Select Countermeasures
Define Integration Test Plan
Perform Validation Test on Installed
System
Define Component Test
Plans
Define System Validation Test
Plan
Conduct Risk Assessment & Gap Analysis
![Page 72: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/72.jpg)
72
Security Program Performance Management
► Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets
Excessive numbers of Logon attempts is a good indicator
Do your own packet monitoring and set up alarms for out of parameter or unusual activity
Educate your personnel—all users of the systems—to look for and report anything unusual or out-of-the-ordinary
![Page 73: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/73.jpg)
73
Security Program Performance Management
► Establish ways to identify attacks before they occur Honeypots lure attackers away from actual assets
Excessive numbers of Logon attempts is a good indicator
Do your own packet monitoring and set up alarms for out of parameter or unusual activity
Educate your personnel—all users of the systems—to look for and report anything unusual orout-of-the-ordinary
► Monitoring and Alerts also give metrics on the health of the PCN and security systems If unusual activity is noted, fix it before it brings
the system down
![Page 74: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/74.jpg)
74
Security Program Performance Management
► The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not
make sense in a PCN/SCADA environment
![Page 75: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/75.jpg)
75
Security Program Performance Management
► The policies and procedures should be reviewed annually to insure compliance with established or updated corporate security policies New policies may have been adopted that do not
make sense in a PCN/SCADA environment
► Audit your metrics to be sure they make sense Some attacks can be long-term and can be
disguised within expected data
Some regulatory agencies may require audits of your PCN/SCADA security in the future
• Start doing this on your own before it is required so you can understand your processes when the time comes!
![Page 76: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/76.jpg)
76
In Summary…
► You must understand the corporate security policies They should be formal policies and they should be
written out—if not, it could be a slippery slope
![Page 77: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/77.jpg)
77
In Summary…
► You must understand the corporate security policies They should be formal policies and they should be
written out—if not, it could be a slippery slope
► The application integration must be constructed with the corporate security policies in mind In some cases it will not be possible to adhere to
corporate IT policies because of cumulative poor IT security definition practices or deficient network design
Mitigation strategies should be addressed up front for any perceived security breaches• Common mitigation strategies include asking why a
specific security policy is in place and doing a risk analysis of this perceived threat
• Additional mitigation strategies include burying the perceived breach inside of a secure layer or DMZ
![Page 78: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/78.jpg)
78
Additional Resources► Best Practices Guidelines V1.0 document from the
Microsoft Manufacturing Users Group, available at
http://www.omac.org/wgs/MfgInfsrct/MSMUG/msmug_default.htm
► Microsoft Security Guidance
http://www.microsoft.com/security/guidance
► ArchestrA Community
http://www.ArchestrA.biz
► GAO Documents (GAO-04-354 and GAO-04-321)
► Department of Homeland Security
http://www.dhs.gov/dhspublic/
► ISA
http://www.isa.org/
![Page 79: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/79.jpg)
79
Additional Resources► Antivirus Technical Article
http://www.wonderware.com/support/mmi/comprehensive/kbcd/html/t002098.htm
► Wonderware Security White Paper
http://dominoext.wonderware.com/PublicWWR5/PromoCol.nsf/wwwhite/0E58BBBF3F73885388257003005A5641/$file/SecurityWP_May16_color_Final.pdf
► Wonderware Security Resource Center
http://www.wonderware.com/support/security/
![Page 80: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/80.jpg)
80
Please drop me an email if you have any security related questions.
Your Presenter has been…
Customer Security Guidance
![Page 81: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/81.jpg)
81
Thank You Very Much!
► The complete Basic Security Class is available online.
► Look for the schedule of all the Online Seminars at:
www.wonderware.com/Training
![Page 82: Security Considerations in Process Control and SCADA Environments](https://reader033.vdocuments.site/reader033/viewer/2022061220/54bc2ff24a7959346d8b45d3/html5/thumbnails/82.jpg)
82
Thank You Very Much!
QUESTIONS?
Customer Security Guidance