Cybersecurity and Machine Tools

Slides:

Advertisements

Similar presentations

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.

Advertisements

The Case for Tripwire® Nick Chodorow Sarah Kronk Jim Moriarty Chris Tartaglia.

©2014 Bit9. All Rights Reserved The Evolution of Endpoint Security: Detecting and Responding to Malware Across the Kill Chain Chris Berninger, Sr. Solutions.

Chapter 5: Common Support Problems

David Flournoy Bit9 Mid-Atlantic Regional Manager

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Lecture 11 Reliability and Security in IT infrastructure.

IBM Security Network Protection (XGS)

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Network security policy: best practices

Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.

A First Course in Information Security

MSIT 458 – The Chinchillas. Offense Overview Botnet taxonomies need to be updated constantly in order to remain “complete” and are only as good as their.

Security Imperatives in a New Workplace Partnering to Protect Digital Information in the 21st Century Presented by Michael Ferris, Alaska Enterprise Solutions.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1. Windows Vista Enterprise And Mid-Market User Scenarios 2. Customer Profiling And Segmentation Tools 3. Windows Vista Business Value And Infrastructure.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

 Prototype for Course on Web Security ETEC 550.  Huge topic covering both system/network architecture and programming techniques.  Identified lack.

 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

Vijay Krishnan Avinesh Dupat. A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators.

©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Ether: Malware Analysis via Hardware Virtualization Extensions Author: Artem Dinaburg, Paul Royal, Monirul Sharif, Wenke Lee Presenter: Yi Yang Presenter:

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.

Lecture 19 Page 1 CS 236 Online 16. Account Monitoring and Control Why it’s important: –Inactive accounts are often attacker’s path into your system –Nobody’s.

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. PowerPoint to accompany Krar Gill Smid Technology of Machine.

Advanced Persistent Threats (APT) Sasha Browning.

Security and Assurance in IT organization Name: Mai Hoang Nguyen Class: INFO 609 Professor: T. Rohm.

Lecture 4 Page 1 CS 111 Online Modularity and Virtualization CS 111 On-Line MS Program Operating Systems Peter Reiher.

CISC 849 : Applications in Fintech Vaishnavi Gandra Dept of Computer & Information Sciences University of Delaware Extracting Cybersecurity Related Linked.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

Artificial Intelligence. Real Threat Prevention.

Reach us at Call: | Visit:

HIPS. Host-Based Intrusion Prevention Systems  One of the major benefits to HIPS technology is the ability to identify and stop known and unknown attacks,

Proactive Incident Response

CISOs Guide To Communicating WNCRY.

Securing Network Servers

Chapter 6: Securing the Cloud

Trusted Computing and the Trusted Platform Module

Lessons Learned in Managing IT Risk

Data and database administration

The next frontier in Endpoint security

Agenda Control systems defined

Journey to Microsoft Secure Cloud

Trusted Computing and the Trusted Platform Module

CheckPoint Accelerated CCSE NGX R65

Chapter 8 – Software Testing

Joe, Larry, Josh, Susan, Mary, & Ken

Introduction to Computers

SY0-501 BrainDumps CompTIA Security+ Certification Exam.

Risks & Reality Cyber Security Risks & Reality

Intercept X for Server Early Access Program Sophos Tester

11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Loaders and Linkers: Features

The Next Generation Cyber Security in the 4th Industrial Revolution

Panda Adaptive Defense Platform and Services

Contact Center Security Strategies

Bethesda Cybersecurity Club

The MobileIron® Threat Detection difference:

16. Account Monitoring and Control

Security in SDR & cognitive radio

Basic Dynamic Analysis VMs and Sandboxes

Presentation transcript:

Cybersecurity and Machine Tools Doc. No. 9203-F-0006 Cybersecurity and Machine Tools Bill Barkman Recommendations on Research Needs in Machining and Machine Tools Kevin Lamb 03/22/2018 Y/PM-16-151 Approved for Public Release Internal Use Only

Cybersecurity “Hot” Topics Stuxnet Wannacry Flaws in design of semiconductor chips

What Does This Have To Do With Machine Tools? Machine tools often exist in a networked environment that provides a link from the internet to the shop floor control system. When the Windows operating system is used as a “front end” for machine tool controls ( the so called “Operational Technology (OT) side”) it rarely receives the cybersecurity patches that are associated with the “Information Technology (IT) side”. “Non-Windows” controls can also have unrecognized vulnerabilities – “zero-days”

What Are The Risks To Machine Tool Users??? Information Loss – Exfiltration File Corruption – incorrect offsets or tool path errors (perhaps subtle) Firmware Corruption Production of faulty products that may not be recognized until they are “in the field.”

Example Attack Scenarios Modified In-tol/Out-tol settings during part program preparation Exfiltrating or modifying information on shop floor host Exfiltrating or modifying information on control system Modifying software or firmware, at the vendor factory, to introduce malware

What Are “Popular” Solutions? Establish a NIST SP 800-171 “compliant” environment. Compliance is an “illusion” and “reality” is that we have a dynamic threat environment. An unfunded mandate. Encryption is useful and a “two-edged” sword. These approaches can be challenging for many small to medium size manufacturing enterprises

What’s Really Needed? A secure, robust network environment for CNC machine tools. Network segmentation, effective password management, personnel training, intrusion/anomaly detection, etc. Embedded functionality that doesn’t place the full cybersecurity burden on manufacturers. Especially the small to medium size companies that have limited resources. Ability to “patch” software issues without disrupting control system functionality. “IT” vs “OT” Secure collaboration environments for interacting with partners in a supply chain. Network Monitoring to recognize problems “sooner than later.” Acknowledgement that cybersecurity is a major national security issue.

Research Opportunities Establish cybersecurity approaches that don’t place the full burden of “compliance” on machine tool users (enable CNC “safe” operation in a challenging cybersecurity environment). Address exfiltration of information Address corruption of information Address Artificial Intelligence tools for detecting “problems.”

Network Monitoring/Anomaly Detection Detect issues within local networks Automatic, anonymous data sharing of detected issues across industrial base Sharing threat information and “solutions” across supply chains

Exfiltration Systems that recognize attempts to extract information and quarantine the process, even if it is “embedded at the factory.” Develop “fail safe” techniques for removing information when needed.

Corruption At shop host or in CNC memory: compare with “master record.” Consider “hashing” to avoid embedded malware issues. At part program execution. Consider buffer/cache options.

Build Cybersecurity Into Control Embed typical IT cybersecurity tools/protocols Incorporate ability to easily upgrade control software Defeat embedded malware with inherent design features Base control design on the assumption that it is operating in a “hostile” environment. Assume undetected malware is embedded in the control

Artificial Intelligence Tools Recognize inappropriate behavior Incorporate “boot” routines that compare actual machine performance with desired performance Quasi-static displacements Dynamic performance monitoring

Questions