Presentation is loading. Please wait.

Presentation is loading. Please wait.

3 rd Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop,

Published byVincent Ryan Modified over 8 years ago

Similar presentations

Presentation on theme: "3 rd Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop,"— Presentation transcript:

1 3 rd Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France) October 9 th, 2011

2 3 rd Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France) October 9 th, 2011 Year 1 after Stuxnet

3 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 Security in a Nutshell Security is as good as the weakest link: ► Attacker chooses the time, place, method ► Defender needs to protect against all possible attacks (currently known, and those yet to be discovered) Security is a system property (not a feature) Security is a permanent process (not a product) Security cannot be proven (phase-space-problem) Security is difficult to achieve, and only to 100%-ε. ► YOU define ε as user, developer, system expert, admin, project manager BTW: Security is not a synonym for safety.

4 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 (R)Evolution, all over again!!!!

5 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 (R)Evolution, all over again!!!! In the wake/hype/rush/panic… after Stuxnet: Attackers and analysts turn to control systems Security companies claim expertise in control systems Control system vendors provide (immature) solutions

6 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 Use case: ► Measuring your consumption at home ► Online with the grid: Optimizing the power usage ► Publicly accessible, off-the-shelf, open networks Risks: ► Exploitation of meter vulnerabilities: registration process, firmware, data, … ► Loss of confidentiality: customer data available to others ► Loss of integrity: manipulation of reading data ► Loss of availability: data not available in a timely manner ► Misuse as attack platform The Bad Example: Smart Meters courtesy of M. Tritschler (KEMA)

7 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 Use case: ► Measuring your consumption at home ► Online with the grid: Optimizing the power usage ► Publicly accessible, off-the-shelf, open networks Risks: ► Exploitation of meter vulnerabilities: registration process, firmware, data, … ► Loss of confidentiality: customer data available to others ► Loss of integrity: manipulation of reading data ► Loss of availability: data not available in a timely manner ► Misuse as attack platform The Bad Example: Smart Meters courtesy of M. Tritschler (KEMA) We had this before  : Modems in the 80’s Windows PCs in the 90’s (before XP SP2) …and can do better!!

8 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 Scope: ► All security aspects related with HEP control systems ► Control PCs, control software, controls devices, accounts, … ► Planning aspects, implementation aspects, operational aspects, … Objectives: ► Raise awareness ► Exchange of good practices, ideas, and implementations ► Discuss what works & what not, pros & cons ► Report on security events, lessons learned & successes ► Update on the progress made since the last workshop If there are questions, feel free to ask at anytime!!! The agenda is very flexible to accommodate any changes ! (CS) 2 in HEP ― The Objectives

9 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 (CS) 2 in HEP ― The Agenda http://indico.cern.ch/ conferenceDisplay.py? confId=57050

10 Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 Dr. Stefan Lüders — 3 rd CS2/HEP Workshop ― October 9 th 2011 (CS) 2 in HEP ― The Agenda http://indico.cern.ch/ conferenceDisplay.py? confId=57050 Enjoy!

Download ppt "3 rd Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop,"

Similar presentations

Secure Email and Web Browsing Sébastien Dellabella – Computer Security Team.

Secure and Web Browsing Sébastien Dellabella – Computer Security Team.
4 th Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 4 th (CS) 2 /HEP Workshop,

4 th Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) 4 th (CS) 2 /HEP Workshop,
How things go wrong. The lucky one and the unlucky one Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France)

How things go wrong. The lucky one and the unlucky one Dr. Stefan Lüders (CERN Computer Security Officer) 3 rd (CS) 2 /HEP Workshop, Grenoble (France)
3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from.

3 rd Control System Cyber-Security Workshop A Summary of this year’s meeting Dr. Stefan Lüders (CERN Computer Security Officer) with contributions from.
David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.

David Grochocki et al.  Lures Potential attackers  Smartmeters do two way communication  Millions of Meters has to be replaced  Serious damages just.
Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
Control Systems Under Attack !? …about the Cyber-Security of modern Control Systems Dr. Stefan Lüders (CERN Computer Security Officer) Openlab Summer Student.

Control Systems Under Attack !? …about the Cyber-Security of modern Control Systems Dr. Stefan Lüders (CERN Computer Security Officer) Openlab Summer Student.
AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.

AVG- Protecting those who are vulnerable.  Free Anti-Virus Software ◦ J.R. Smith President of AVG oversees a lineup of antivirus products used by 110.
Understand Virtualized Clients 10753 Windows Operating System Fundamentals LESSON 2.4.

Understand Virtualized Clients Windows Operating System Fundamentals LESSON 2.4.
Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Introduction to Service-Oriented Architecture. Outline Definition Features Examples of SOA Web Service Standards Example Pros and Cons Integration with.

Introduction to Service-Oriented Architecture. Outline Definition Features Examples of SOA Web Service Standards Example Pros and Cons Integration with.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.

Security Architecture Dr. Gabriel. Security Database security: –degree to which data is fully protected from tampering or unauthorized acts –Full understanding.
Control System Cyber-Security in Industry Dr. Stefan Lüders (CERN IT/CO) (CS) 2 /HEP Workshop, Knoxville (U.S.) October 14th 2007.

Control System Cyber-Security in Industry Dr. Stefan Lüders (CERN IT/CO) (CS) 2 /HEP Workshop, Knoxville (U.S.) October 14th 2007.
A First Course in Information Security

A First Course in Information Security
[Name / Title] [Date] Effective Threat Protection Strategies.

[Name / Title] [Date] Effective Threat Protection Strategies.
Information Systems Today, 2/C/e ©2008 Pearson Education Canada Lecture Outline eCommerce Highlights of Electronic Business 2-1.

Information Systems Today, 2/C/e ©2008 Pearson Education Canada Lecture Outline eCommerce Highlights of Electronic Business 2-1.
Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Copyright © 2006 CyberRAVE LLC. All rights reserved. 1 Virtual Private Network Service Grid A Fixed-to-Mobile Secure Communications Framework Managed Security.

Similar presentations

Ads by Google