Specification of Countermeasures for CYRAIL

Slides:

Advertisements

Similar presentations

Module 1 Evaluation Overview © Crown Copyright (2000)

Advertisements

Lecture 1: Overview modified from slides of Lawrie Brown.

© BT PLC 2005 ‘Risk-based’ Approach to Managing Infrastructure a ‘Commercial Prospective’ Malcolm Page BT UK AFCEA Lisbon 2005.

Lecture 11 Reliability and Security in IT infrastructure.

Computer Security: Principles and Practice

Risk Management.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

Lessons Learned in Smart Grid Cyber Security

1 Chapter 9 E- Security. Main security risks 2 (a) Transaction or credit card details stolen in transit. (b) Customer’s credit card details stolen from.

CSC 386 – Computer Security Scott Heggen. Agenda Security Management.

Slide 1 Using Models Introduced in ISA-d Standard: Security of Industrial Automation and Control Systems (IACS) Rahul Bhojani ISA SP99 WG4 Meeting.

BY MOHAMMED ALQAHTANI (802.11) Security. What is ? IEEE is a set of standards carrying out WLAN computer communication in frequency bands.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 1 – Overview.

Computer Security: Principles and Practice

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.

Protecting Students on the School Computer Network Enfield High School.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Information Security Governance and Risk Chapter 2 Part 2 Pages 69 to 100.

Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.

Emerging and Evolving Cyber Threats Require Sophisticated Response and Protection Capabilities  Advanced Algorithms  Cyber Attack Detection and Machine.

Joe Budzyn Jeff Goeke-Smith Jeff Utter. Risk Analysis  Match the technologies used with the security need  Spend time and resources covering the most.

1 I ntegrated S ite S ecurity for G rids WP2 – Site Assessment Methodology, 20 June 2007 WP2 - Methodology ISS e G Integrated Site Security.

IS3220 Information Technology Infrastructure Security

CYSM Risk Assessment Methodology Co-funded by the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme.

Integrating the Healthcare Enterprise The Integration Profiles: Basic Security Profile.

Jeff Warnock COSC 352 Indiana University of Pennsylvania Spring 2010.

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Security and resilience for Smart Hospitals Key findings

Proactive Incident Response

Principles Identified - UK DfT -

CS457 Introduction to Information Security Systems

3 Do you monitor for unauthorized intrusion activity?

Cyber Physical System Security

An Overview on Risk Management

ISSeG Integrated Site Security for Grids WP2 - Methodology

Cybersecurity - What’s Next? June 2017

Design for Security Pepper.

and Security Management: ISO 28000

Information Technology Sector

Integrated Management System and Certification

IP Security IP sec IPsec is short for Internet Protocol Security. It was originally created as a part of IPv6, but has been retrofitted into IPv4. It works.

Leverage What’s Out There

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Security Engineering.

Jee sook, Eun May 2004 Presented in IEEE 802.1af - key management

ATIS Cybersecurity DOCUMENT #: GSC13-GTSC6-12 FOR: Presentation

Information and documentation media systems.

NERC CIP Implementation – Lessons Learned and Path Forward

I have many checklists: how do I get started with cyber security?

Hazard and Vulnerability Assessment

ISO/IEC 27001:2005 A brief introduction Kaushik Majumder

Chapter 10: Supporting and Maintaining Desktop Applications

How to assess the risks? Irene Arsuaga CYRAIL Final Conference

How to Mitigate the Consequences What are the Countermeasures?

Cybersecurity ATD technical

Enhanced alerting and collaborative incident management

Lorenzo Biasiolo 3°AI INFORMATION SECURITY.

Final Conference 18 Set 2018.

Albeado - Enabling Smart Energy

Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham

CMGT/431 INFORMATION SYSTEMS SECURITY The Latest Version // uopcourse.com

CMGT 431 CMGT431 cmgt 431 cmgt431 Entire Course // uopstudy.com

What is Cybersecurity Office of Information Technology

Presentation transcript:

Specification of Countermeasures for CYRAIL What countermeasures to mitigate the risks from the risk analysis?

Objective of countermeasures specification Identify threats and vulnerabilities 76 threats identified (ISO 27005 standard & threat analysis) Determine impact Safety, Finance, Operational Determine likelihood Time, Expertise, Knowledge, Opportunity, Equipment Calculate unmitigated risk Risk = Impact x Likelihood Determine Security Level Target To identify the most critical security zones Identify countermeasures To mitigate the risks Analysis of the residual risk Below tolerable risk?

Widely-distributed software - Software Methodology Countermeasures are specified by zone and by threat. Each countermeasure is defined according the security level target of the zone. Example of the Command-onboard zone: Threat Vulnerability Risk Asset Countermeasures Corruption of data Widely-distributed software - Software Corrupting the data an attacked can change the software to create fake information in the asset BTS Logging and monitor device. Define a management policy for patches (systematic, periodic or ad hoc) that is suited to the functional constraints. For example, define priorities for deployment of patches, verify ascending compatibility, and interoperability. Use Reliable NTP (internal real time reference) RBC Logging and monitor device. Local ERTMS Control CF BTS REQ Use an electronic certificate to timestamp data Applying application programs to the wrong data in terms of time - Software These countermeasures may restrict the functionality of the system and therefore, they must not impact the safety of the system. => Focus on the assessment of the fail-safe concept to fall back to a safe operational mode. In some cases, no countermeasure is available to a threat. It is usually due to the fact that the affected asset cannot embed cyber security related countermeasure.

Synthesis of Countermeasures Cyber countermeasures Other countermeasures

Countermeasure examples (conduits) Type Countermeasure Assets Risk Threat Threat class Process & Human actions Set some Key Performance Indicator (KPI) in order to evaluate the level of Quality of Service served by the system and logging. Monitor and alert the gap between normal activities and abnormal activities. Define Thresholds and send an alert. ERTMSBalise The track-to-train communication is jammed Electromagnetic radiation T.RA Occupancy The interlocking-to-track communication is jammed Signalling The communication between zones connected to the Signalling network is jammed Data Protection Control integrity of message with a robust security algorithm (). Use double authentication. Make sure that integrity is controlled by the server and not by the End user.