Presentation is loading. Please wait.

Presentation is loading. Please wait.

3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from.

Published byChasity Teeling Modified over 10 years ago

Similar presentations

Presentation on theme: "3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from."— Presentation transcript:

1 3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from E. Bonaccorsi (LHCb), P. Charrue (CERN), P. Chochula (ALICE), S. Hartman (ORNL), T. Hakulinen (CERN), T. McGuckin (JLab), T. Sugimoto (Spring8), F. Tilaro (CERN), V. Vuppala (NSCL/MSU) ICALEPCS, Grenoble (France), October 11 th 2011

2 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 Security in a Nutshell Security is as good as the weakest link: ► Attacker chooses the time, place, method ► Defender needs to protect against all possible attacks (currently known, and those yet to be discovered) Security is a system property (not a feature) Security is a permanent process (not a product) Security cannot be proven (phase-space-problem) Security is difficult to achieve, and only to 100%-ε. ► YOU define ε as user, developer, system expert, admin, project manager BTW: Security is not a synonym for safety.

3 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 (R)Evolution, w/o security

4 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 (CS) 2 in HEP ― The Objectives Attendance: ~40 people Scope: ► All security aspects related with HEP control systems ► Control PCs, control software, controls devices, accounts, … Objectives: ► Raise awareness ► Exchange of good practices, ideas, and implementations ► Discuss what works & what not, pros & cons ► Report on security events, lessons learned & successes ► Update on progresses

5 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 September 2009 Attacks are FACT! April 2011 Mai 2011 Summer 2011

6 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 Security is a CHALLENGE… Off-the-shelf IT security not that easy: Patching, AV, shared passwords, network scans, … Priorities are different: Technical requirements + operational needs often collide with security.

7 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 Defense-in-Depth: Network security gives an excellent basis. …which can be OVERCOME! Compartmentalization of networks reduces cross-infections. Controls devices are insecure. Test them, make them fail and send them back to the vendor Defense-in-Depth: Network security gives an excellent basis.

8 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 Get Started: Two Approaches Top-Down: Going for full-blown ISO27000 certification. Kudos!! Bottom-Up: A thorough assessment involving all stakeholders

9 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 ONE Take-away This is a people’s problem. (Still) need for a “Change-of-Mind”. Establish a Security Culture!

10 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “3 rd CS2/HEP Workshop Summary” — Dr. Stefan Lüders — ICALEPCS2011 ― October 11 th 2011 Merci beaucoup!!! Thanks to all participants & esp. to the presenters. Well done, guys!!! Un merci spécial au comité local d’organisation!

Download ppt "3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from."

Similar presentations

Doc.: IEEE 802.11-09/0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced 802.11 Security Date: 2009-03-13 Authors:

Doc.: IEEE /0413r0 Submission March 2009 Dan Harkins, Aruba NetworksSlide 1 A Study Group for Enhanced Security Date: Authors:
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
1 The AU-ECA-AfDB Land Policy Initiative Progress Made & Way Forward Joan Kagwanja UNECA Land Governance in Support of the MDGs: Responding to New Challenges.

1 The AU-ECA-AfDB Land Policy Initiative Progress Made & Way Forward Joan Kagwanja UNECA Land Governance in Support of the MDGs: Responding to New Challenges.
UNCTAD Technical Assistance and Capacity Building in Trade Facilitation WTO, NGTF, 1 July 2009.

UNCTAD Technical Assistance and Capacity Building in Trade Facilitation WTO, NGTF, 1 July 2009.
Operational Programme I – Cohesion Policy 2007-2013 Event part-financed by the European Union European Regional Development Fund Evaluation Plan for Maltas.

Operational Programme I – Cohesion Policy Event part-financed by the European Union European Regional Development Fund Evaluation Plan for Maltas.
ENEF WG Risks / Bernard Fourest 12 September 2012 PRAGUEBRATISLAVA ENEF WG RISKS Current activities of the SWG Nuclear Installation Safety Bernard Fourest.

ENEF WG Risks / Bernard Fourest 12 September 2012 PRAGUEBRATISLAVA ENEF WG RISKS Current activities of the SWG Nuclear Installation Safety Bernard Fourest.
4 th Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 4 th (CS) 2 /HEP Workshop,

4 th Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 4 th (CS) 2 /HEP Workshop,
How things go wrong. The lucky one and the unlucky one Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France)

How things go wrong. The lucky one and the unlucky one Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France)
Business Planning & Strategy. What is going on? What are we good at? What is happening around us? How will we get there? Build networks Fundraise from.

Business Planning & Strategy. What is going on? What are we good at? What is happening around us? How will we get there? Build networks Fundraise from.
Khammar Mrabit Director Office of Nuclear Security

Khammar Mrabit Director Office of Nuclear Security
User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.

User Security for e-Post Applications Dr Chandana Gamage University of Moratuwa.
Disaster Recovery and Business Continuity Plan Testing: Practice Makes Perfect B.J. Block, Information Security AnalystMarch 22, 2007.

Disaster Recovery and Business Continuity Plan Testing: Practice Makes Perfect B.J. Block, Information Security AnalystMarch 22, 2007.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Lebanon 2013 1. Introduction Based on studies of its past disasters, Lebanon can be considered as a country vulnerable to earthquakes because of some.

Lebanon Introduction Based on studies of its past disasters, Lebanon can be considered as a country vulnerable to earthquakes because of some.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
Computer Account Hijacking Detection Using a Neural Network Nick Pongratz Math 340.

Computer Account Hijacking Detection Using a Neural Network Nick Pongratz Math 340.
HEPiX Orsay 27 th April 2001 Alan Silverman HEPiX Large Cluster SIG Report Alan Silverman 27 th April 2001 HEPiX 2001, Orsay.

HEPiX Orsay 27 th April 2001 Alan Silverman HEPiX Large Cluster SIG Report Alan Silverman 27 th April 2001 HEPiX 2001, Orsay.
CERN’s Computer Security Challenge

CERN’s Computer Security Challenge

Similar presentations

Ads by Google