Download presentation
Presentation is loading. Please wait.
Published byCaroline Flowers Modified over 9 years ago
1
Control System Cyber-Security Workshop Exchanging ideas on HEP security Dr. Stefan Lüders (CERN Computer Security Officer) (CS) 2 /HEP Workshop, Kobe (Japan) October 11th 2009
2
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 About Security… Security is as good as the weakest link: ► Attacker chooses the time, place, method ► Defender needs to protect against all possible attacks (currently known, and those yet to be discovered) Security is a system property (not a feature) Security is a permanent process (not a product) Security is difficult to achieve, and only to 100%-ε ► YOU define ε as user, developer, system expert, admin, project manager BTW: Security is not a synonym for safety
3
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Overview
4
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 (R)Evolution of Control Systems standard desktop PCs
5
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Standard Vulnerabilities standard desktop PCs
6
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Why worry ?
7
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Threat or No Threat ?? Cracked road-sign in Texas (2009) U.S. electrical grid in jeopardy (April 2009) Going for real money (August 2009) Malware infected PCs (October 2009) U.S. congress faces this Wind of Change !
8
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 LHC First Beam Day Hmm… A defaced web-page at an LHC experiment… A “flame” message to some Greek “competitors”… …on 10/09/2008: Just coincidence ?
9
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Who owns the consequences ? How long does it take you to reinstall your system, if requested right now ? Are you prepared to take full responsibility? Can you allow for loss of ► functionality ► control or safety ► efficiency & beam time ► hardware or data ► reputation…?
10
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “CS2/HEP Workshop” — Dr. Stefan Lüders — CS2/HEP Workshop ― October 11 th 2009 Scope: ► All security aspects related with HEP control systems ► Control PCs, control software, controls devices, accounts, … ► Planning aspects, implementation aspects, operational aspects, … Objectives: ► Raise awareness ► Exchange of good practices, ideas, and implementations ► Discuss what works & what not, pros & cons, incidents & successes If there are questions, feel free to ask at anytime!!! The agenda is very flexible to accommodate any changes ! (CS) 2 in HEP ― The Agenda http://indico.cern.ch/conferenceDisplay.py?confId=57050
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.