Control Systems Security Working Group Report

Slides:

Advertisements

Similar presentations

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

Advertisements

Secure Systems Research Group - FAU Process Standards (and Process Improvement)

NERC CIPC March 16, 2006 Roadmap to Secure Control Systems in the Energy Sector U.S. Department of Energy Office of Electricity Delivery and Energy Reliability.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

© 2005, QEI Inc. all characteristics subject to change. For clarity purposes, some displays may be simulated. Any trademarks mentioned remain the exclusive.

Project Cyber Security Order 706 January 10, 2012 Most of the material presented has been compiled from NERC webinars and drafting team meetings.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

NIST framework vs TENACE Protect Function (Sestriere, Gennaio 2015)

Computer Security: Principles and Practice

September 2014 Lesson Learned Summary. September 2014 LLs 2 Three NERC lessons learned (LL) were published in September 2014 LL Redundant Network.

Chapter 8 Information Systems Controls for System Reliability— Part 1: Information Security Copyright © 2012 Pearson Education, Inc. publishing as Prentice.

Network security policy: best practices

Introduction to Network Defense

Security Guide for Interconnecting Information Technology Systems

Audit – Proof Information System Security Controls Wednesday, August 18, 2010 John R. Robles Tel:

SEC835 Database and Web application security Information Security Architecture.

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

Lessons Learned in Smart Grid Cyber Security

Implementing the New Reliability Standards Status of Draft Cyber Security Standards CIP through CIP Larry Bugh ECAR Standard Drafting Team.

Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.

הקריה למחקר גרעיני - נגב Nuclear Research Center – Negev (NRCN) Society of Electrical and Electronics Engineers in Israel (SEEEI) 2012 Eran Salfati, Amir.

Control Systems Security Working Group Report CIPC Meeting Denver, CO September 2005 Tom Flowers Public Release.

Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.

K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.

Unit 6b System Security Procedures and Standards Component 8 Installation and Maintenance of Health IT Systems This material was developed by Duke University,

Role for Electric Sector in Critical Infrastructure Protection R&D Presented to NERC CIPC Washington D.C. June 9, 2005 Bill Muston Public Release.

Lesson 9-Information Security Best Practices. Overview Understanding administrative security. Security project plans. Understanding technical security.

Appendix C: Designing an Operations Framework to Manage Security.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.

Chapter 2 Securing Network Server and User Workstations.

Security fundamentals Topic 2 Establishing and maintaining baseline security.

CIPC Executive Committee Update-1 CIPC Meeting Long Beach CA March 17, 2005 Pat Laird Vice Chair Public Release.

2 Gordon Barber March 14, 2003 Focus Group Committee Chairs F Cable: John Thrower (Cox Communications) F CLECs: Robert Smith (McLeod USA) F Equipment.

Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.

Information Security tools for records managers Frank Rankin.

Standards Certification Education & Training Publishing Conferences & Exhibits ISA Standards for Automation An Overview.

ASHRAY PATEL Securing Public Web Servers. Roadmap Web server security problems Steps to secure public web servers Securing web servers and contents Implementing.

Advancing National Wireless Capability Date: March 22, 2016 Wireless Test Bed & Wireless National User Facility Paul Titus Department Manager, Communications.

Cyber Security of SCADA Systems Testbed Development May1013 Group Members: Ben Kregel Justin Fitzpatrick Michael Higdon Rafi Adnan Adviser: Dr. Manimaran.

Society for Maintenance and Reliability Professionals (SMRP)

Risk management.

Cybersecurity - What’s Next? June 2017

Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.

Agenda Control systems defined

Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2011 Operations Security.

BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT

Joe, Larry, Josh, Susan, Mary, & Ken

NERC CIP Implementation – Lessons Learned and Path Forward

I have many checklists: how do I get started with cyber security?

NERC Cyber Security Standards Pre-Ballot Review

NRC Cyber Security Regulatory Overview

Understanding Existing Standards:

Focus Group Committee Chairs

IS4680 Security Auditing for Compliance

Role for Electric Sector in Critical Infrastructure Protection R&D

Cybersecurity Special Public Meeting/Commission Workshop for Natural Gas Utilities September 27, 2018.

Cyber System-Centric Approach To Cyber Security and CIP

CIPC Executive Committee Update-1

CSSWG Status Report March 17-18, 2005 CIPC Meeting Long Beach, CA

NERC Cyber Security Standard

How to Mitigate the Consequences What are the Countermeasures?

Cybersecurity ATD technical

Group Meeting Ming Hong Tsai Date :

Larry Bugh ECAR Standard Drafting Team Chair June 1, 2005

Crisis Response Task Force (CRTF) Proposal

PLANNING A SECURE BASELINE INSTALLATION

IT Management Services Infrastructure Services

ETSI Contribution to 3rd Meeting of EC Expert Group on RRS

Presentation transcript:

Control Systems Security Working Group Report Public Release Control Systems Security Working Group Report CIPC Meeting Denver, CO September 2005 Tom Flowers

CSSWG Activities Since D.C. August 10, 2005 Meeting in St. Louis (20) 2005 Work Plan Review & 2006-7 Initiatives Review NSTB Liaison Initiatives - Mitigation of 2004 Top Ten Vulnerabilities - AGA – 12 Testing at SNL & PNNL Security Guideline Information Security - Encryption (Email) Liaison Reports CSSWG Business Processes

CSSWG Activities Since D.C. 2005 Work Plan Review & 2006-7 Initiatives Ongoing 2005 Deliverables -(SG) Information Security – Encryption (Email) -(RD) 2005 Top 10 Vulnerabilities & Mitigations 12 emerging priorities in control system security identified Top Four under consideration: -(RD) “Zero Day” event detection/correlation (2006) -(SG) Physical & Cyber Incident Response (2006) -(RD) Wireless (802.11+) use in SCADA (2007) -(SG) Information Security – SCADA (2007)

CSSWG Activities Since D.C. Review NSTB Liaison Initiatives Mitigation Strategies for 2004 Top Ten Vulnerabilities “Potential Mitigation Strategies for the Top 10 Vulnerabilities Identified by NERC CSSWG” Discussion draft for the NERC CSSWG Meeting August 10, 2005 St. Louis, MO

2. Poorly designed Control System Networks that 1) fail to compartmentalize communication connectivity with corporate networks and other entities outside of the Control System electronic security perimeter; 2) fail to employ sufficient “defense in depth” mechanisms; 3) fail to restrict “trusted access” to the control system network; and 4) rely on “security through obscurity” as a security mechanism. Foundational Implement electronic perimeters. Disconnect all unnecessary network connections. Intermediate Implement concentric electronic perimeters. Use a completely autonomous network with no shared resources with non-control system networks. Advanced Implement virtual LANs, private VLANS, intrusion prevention, anomaly detection, smart switches, etc.

3. Misconfigured operating systems and embedded devices that allow unused features and functions to be exploited. Untimely implementation of software and firmware patches. Inadequate testing of patches prior to implementation. Foundational Conduct inventory. Ensure sufficient training of personnel responsible for component configuration and maintenance. Intermediate Evaluate and characterize applications. Patch management process: Hardware, firmware, software. Maintain full system backups and have procedures in place for rapid deployment and recovery. Maintain a working test platform and procedures for evaluation of updates prior to system deployment. Advanced Active vulnerability scans. (Caution: recommend use of development system so that on-line control systems are not compromised during the scan.) Disable, remove, or protect unneeded or unused services/features that are vulnerable.

CSSWG Activities Since D.C. Review NSTB Liaison Initiatives AGA – 12 Testing at SNL & PNNL “AGA - 12 Testing by the National SCADA Test Bed Program” Discussion draft for the NERC CSSWG Meeting August 10, 2005 St. Louis, MO

Scope Evaluate commercial versions of devices built to the American Gas Association (AGA)-12 Part 2 standard in a laboratory setting A variety of tests will be conducted using a representative assortment of equipment Serial communication focus Not formally approving nor certifying any devices: But will publish test environment, suite of tests performed, and test results Goal is to provide an environment that represents typical electrical industry installations

Elements Equipment to be tested Common test elements Baseline tests Functionality tests Interoperability tests Fail-over tests Stress tests Cryptographic security tests

CSSWG Activities Since D.C. Information Security - Encryption (Email) Re-energize the effort Re-constitute the team May not be ready by December CIPC meeting

CSSWG Activities Since D.C. Liaison Reports ISA (Flowers) PCSF/I3P/O&G (Flowers & Holstein) Telecom (Leffler) IEC/IEEE (Klein) Roadmap (Kenchington)

CSSWG Activities Since D.C. CSSWG Business Processes Voting members Associate members Review participation over the last year - Finding (1) Asset Owner/Operator participation must be increased while preserving a quorum or (2) Relax quorum requirements

CSSWG Activities Since D.C. From CIPC EC Report in Long Beach: WG/TF Chairs and EC are reviewing assignment of CIPC members to WG/TFs ensure adequate resources are in place to achieve deliverables ensure appropriate contribution of asset owners/operators balance contribution by individual CIPC members