Industrial Control Cross 11, Tapovan Enclave Nala pani Road, Dehradun 248001 Email: info@iskd.inContact : +918979066357, +919027669947.

Slides:



Advertisements
Similar presentations
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
Advertisements

Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Lecture 1: Overview modified from slides of Lawrie Brown.
Supervisory Control and Data Acquisition (SCADA) system security.
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.
K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
SCADA and Telemetry Presented By:.
Cyber Security of SCADA Systems Testbed Testbed Development Group Members: Justin Fitzpatrick Rafi Adnan Michael Higdon Ben Kregel Adviser: Dr. Manimaran.
SEC835 Database and Web application security Information Security Architecture.
Computer Crime and Information Technology Security
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 AUTOMATION  PLC  SCADA  INSTRUMENTATION  DRIVES & MOTORS.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Topics of presentation
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
1 ITGD 2202 Supervision:- Assistant Professor Dr. Sana’a Wafa Al-Sayegh Dr. Sana’a Wafa Al-SayeghStudent: Anwaar Ahmed Abu-AlQumboz.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
IT Security Policy: Case Study March 2008 Copyright , All Rights Reserved.
CONTROLLING INFORMATION SYSTEMS
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Understand Malware LESSON Security Fundamentals.
Battles in Cyber Space Dr Richard E Overill Department of Informatics.
NEXT GENERATION ATTACKS & EXPLOIT MITIGATIONS TECHNIQUES ID No: 1071 Name: Karthik GK ID: College: Sathyabama university.
Embedded System Design and Development Introduction to Embedded System.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
A Layered Solution to Cybersecurity Dr. Erfan Ibrahim Cyber-Physical Systems Security & Resilience Center National Renewable Energy Laboratory.
SCADA Supervisory Control And Data Acquisition Pantech Solutions Here is the key to learn more.
Artificial Intelligence In Power System Author Doshi Pratik H.Darakh Bharat P.
Information Systems Security
OPERATES SCADA OPERATION SYSTEM Explain the operational SCADA
Cyber Security in the Water Sector
CS457 Introduction to Information Security Systems
Automation Technologies SCADA SENSORS HMI
Latency and Communication Challenges in Automated Manufacturing
SOFTWARE TESTING Date: 29-Dec-2016 By: Ram Karthick.
Firmware threat Dhaval Chauhan MIS 534.
Lesson 3 SCADA.
Critical Security Controls
Global SCADA Market is Expected to Reach $48 Billion by 2024, Says Variant Market Research Bhavana Patel SEO Analyst Variant.
Operational Technology Information Technology
Agenda Control systems defined
Products/Solutions/Expertise of C-DAC Mumbai in Smart City Domain
SCADA for Remote Industrial Plant
PRESENTATION ON AUTOMATION,PLC AND SCADA
How SCADA Systems Work?.
The Client/Server Database Environment
Maintaining software solutions
NERC CIP Implementation – Lessons Learned and Path Forward
Ch > 28.4.
Programmable Logic Controllers (PLCs) An Overview.
Advanced Services Cyber Security 101 © ABB February, | Slide 1.
Bartosz Kajak, David Blanco,
INFORMATION SYSTEMS SECURITY and CONTROL
PLC / SCADA / HMI Controllers: Name : Muhammad Zunair Comsats University Date: 28-October-2018.
Wenyu Ren, Timothy Yardley, Klara Nahrstedt
Cyber Security of SCADA Systems Remote Terminal Units (RTU)
IT Software Cross 11, Tapovan Enclave Nala pani Road, Dehradun : ,
Cyber Security For Civil Engineering
Anatomy of Industrial Cyber Attacks
Presentation transcript:

Industrial Control Cross 11, Tapovan Enclave Nala pani Road, Dehradun 248001 Email: info@iskd.inContact : +918979066357, +919027669947

Supervisory Control and Data Acquisition (SCADA) system security Real time industrial process control systems to monitor and control remote or local industrial equipment Vital components of most nation’s critical infrastructures Risk of deliberate attacks!

SCADA Systems 1990: mainframe computer supervision 1970: general purpose operating systems 1990: off the shelf computing Highly distributed with central control Field devices control local operations

SCADA Components Corporate network segment Typical IT network SCADA network segment Servers and workstations to interact with field devices Human-machine interfaces Operators Software validation Field devices segment Programmable Logic Controllers (PLC) Remote Terminal Units (RTU) Intelligent Electronic Devices (IED)

SCADA and PLC Overview

Process Control System (PCS)

Safety Systems

SCADA Incidents Flaws and mistakes 1986: Chernobyl Soviet Union 56 direct death, 4000 related cancer death 1999: Whatcom Creeks Washington US pipeline rupture Spilling 237,000 gallons of gasoline that ignited, 3 human life and all aquatic life 2003: North East Blackout of US and Canada Affected 55 million people, 11 death 2011: Fukushima Daiichi nuclear disaster Japan Loss of human lives, cancer, psychological distress

Attackers Script kiddies Hackers Organized crime Disgruntled insiders Competitors Terrorists Hactivists Eco-terrorists Nation states

Programmable Logic Controllers Computer based solid state devices Control industrial equipment and processes Regulate process flow Automobile assembly line Have physical effect

Related Work Security working groups for the various infrastructure sectors of water, electricity and natural gas US Departments of Energy and Homeland Security: investigation into the problem domain of SCADA systems

Traditionally vendors focused on functionality and used physical security measures An attempt was made to try to “match” physical security mechanisms online Vulnerabilities: Classification by affected technology Classification by error or mistakes Classification by enabled attack scenario

SCADA and PLC Security Increased risk to SCADA systems, introduces another element of risk to the PLC and all of the control elements PLC’s dictate the functionality of the process PLC programming software and SCADA control software can be housed on the same machine The newest PLC hardware devices allow for direct access to the PLC through the network

SCADA and PLC Security

SCADA and PLC Security Prior to the Stuxnet attack (2010): it was believed any cyber attack (targeted or not) would be detected by IT security technologies Need: standard be implemented that would allow both novice and experience PLC programmers to verify and validate their code against a set of rules. How do we show that PLC code and be verified and validated to assist in the mitigation of current and future security risks (errors)?

Application of Touch points External Review 3. Penetration Testing 1. Code Review (Tools) 6. Security Requirements 4. Risk-Based Security Tests 2. Risk Analysis Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Tests and Test Results

PLC Security Framework (PLC-SF)

PLC Security Framework (PLC-SF)

PLC Security Framework (PLC-SF) Components: PLC Security Vulnerability Taxonomy Design Patterns Severity Chart Engines: Taxonomy Engine Design Pattern Engine Severity Engine

Vulnerabilities Analysis Attack Severity Analysis Building the Vulnerability Taxonomy Potential Exploitation of Coding Errors Modeling PLC Vulnerabilities

Attack Severity Analysis – Severity Chart Each row of the Severity Chart represents a different level of security risk, within the PLC error found The error levels range from A – D, with A being the most severe and D being the least severe Each column represents the effects which can occur in the PLC and those that can occur in the SCADA system PC

Attack Severity Analysis – Severity Chart Effects in PLC Effects in Scada A PLC Code will not perform the desired tasks Will not allow for remote operation of the process B Serious hindrance to the process The process could experience intermittent process failure C Adversely effects PLC code performance. A minimal cost effect to the project, but a “quick fix” is possible Data shown on the SCADA screen is most likely false D Effects the credibility of the system, but the PLC code is operable Incorrect data could be randomly reported, cause a lack of confidence in the system

Attack Severity Analysis – Severity Chart Severity Classifications: Severity Level A: Could potentially cause all, or part, of a critical process to become non-functional. Severity Level B: Could potentially cause all, or part, of a critical process to perform erratically. Severity Level C: Denote a “quick fixes” Severity Level D: Provide false or misrepresented information to the SCADA terminal.

Building the Vulnerability Taxonomy Purpose: To aid the process of detecting these vulnerabilities in the PLC code Intended to be extensible Created such that it can be expanded as: Future versions of PLC’s are created New errors are found

Building the Vulnerability Taxonomy

Potential Exploitation of Coding Errors Error Type Taxonomy Classification Malicious User Oppurtunity Process Critical / Nuisance Duplicate objects installed Alterations of one or more of the duplicate objects Process Critical Unused objects Pre-loaded variables allow for an immediate entry point into the system Scope and Linkage Errors Installation of jump to subroutine command which would alter the intended file to file interaction Logic errors Immediate entry point to logic level components such as timers, counters, and arithmetic operations Hidden Jumpers Would allow for a placement point for a system bypass

Would allow for a placement point for a system bypass Software-based exploits of SCADA Understanding of industrial control systems Specification-based Attacks againts Boolean Operations and Timers (SABOT)

SABOT Attack Encode understanding of the plant’s behavior into a specification SABOT downloads existing control logic from the victim SABOT finds mapping between the specific devices and the variables within the control logic SABOT generates malicious PLC payload

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.