Upload
kittiey
View
231
Download
4
Embed Size (px)
Citation preview
8/9/2019 17 Scada System
1/23
SCADA System
Component and Function
8/9/2019 17 Scada System
2/23
PSTI\SDP\AD
Agenda
SCADA Overview Power System Protocols
Is the Cyber threat real? Recommendations for SCADA
security R&D
Evolution of Communication System
&Right Click on choose penHyperlink
http://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(1%20related)%20cominication%20system.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(3%20related)%20Protocol.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(4%20related)%20e-security.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(2%20related)%20over%20view.pptx8/9/2019 17 Scada System
3/23
PSTI\SDP\AD
Supervisory Control and DataAcquisition (SCADA)
General Definition Industrial measurement and control system
consisting of: central host or master (MTU);
one or more field data gathering and control units orremotes (RTU's) collection of standard and/or custom software used to
monitor and control remotely located field dataelements.
Generally cover larger geographic areas Predominantly open-loop control characteristics
(may have some elements of closed-loop control and/orshort distance communications)
Use variety of communications systems (LAN,wireless, microwave, bus, point-to-point)
8/9/2019 17 Scada System
4/23
PSTI\SDP\AD
Distributed Control Systems(DCS)
General Definition Similar to SCADA systems, used predominately in
factories, treatment plants etc. Similar functions to SCADA, but the field data
gathering or control units are usually located withina more confined area. Communications often via a reliable and high speed
local area network (LAN). DCS system usually employs significant amounts of
closed loop control.
8/9/2019 17 Scada System
5/23
PSTI\SDP\AD
Secure SCADA and beyond
vWe think that there is a great deal to be done interms of operationalizing secure versions ofSCADA (Supervisory Control And DataAcquisition) and DCS (Digital Control Systems) forthe infrastructures considered, especially power,
natural gas, chemical and process control, etc.vHowever, the sense was that this infrastructure was
going to be gradually replaced by networkedembedded devices (possibly wireless) ascomputing and communication devices become
more user friendly and prevalent. Thus, the majorresearch recommendations were for an area thatwe named SecureNetworked EmbeddedSystems (SENSE).
8/9/2019 17 Scada System
6/23
PSTI\SDP\AD
SCADA of the Future Current SCADA
Closed systems, limited coordination, unprotectedcyber-infrastructure
Local, limited adaptation (parametric), manual control Static, centralized structure
Future requirements Decentralized, secure open systems (peer-to-peer,
mutable hierarchies of operation) Direct support for coordinated control, authority
restriction Trusted, automated reconfiguration
Isolate drop-outs, limit cascading failure, manageregions under attack
Enable re-entry upon recovery to normaloperation Coordinate degraded, recovery modes
Diagnosis, mitigation of combined physical, cyber attack Advanced SCADA for productivity, market stability,
manageability
8/9/2019 17 Scada System
7/23PSTI\SDP\AD
Embedded Software prevalent in all critical infrastructures.Critical to high confidence embedded software are opensource techniques for
Automated Design, Verification and Validation Verified design in a formal, mathematical sense Validated design in an engineering sense Certifiable design to allow for regulatory and certification
input High Confidence Systems
Narrow waisted middleware Trusted abstractions, limited interfaces Algorithms and protocols for secure, distributed
coordination and control
Security and composable operating systems Tamper Proof Software
Generative Programming Intelligent Microsystems: infrastructure of the future with
security co-design with hardware and software.
Secure Network Embedded System
8/9/2019 17 Scada System
8/23PSTI\SDP\AD
Layers of Secure NetworkEmbedded Systems
Physical Layer Attacks: jamming, tampering Defenses: spread spectrum, priority messages,
lower duty cycle, region mapping, modechange, tamper proofing, hiding.
Link Layer Attacks: collision, exhaustion, unfairness
Defenses: error correcting code, rate limitation,small frames
8/9/2019 17 Scada System
9/23PSTI\SDP\AD
Layers of Secure Network Embedded Systems
Network and Routing Layer
Attacks: neglect and greed, homing, misdirection, blackholes Defenses: redundancy, probing, encryption, egress
filtering, authorization, monitoring, authorization,monitoring, redundancy
Transport Layer
Attacks: flooding, desynchronization Defenses: client puzzles, authentication
Embedded System/Application Layer Attacks: insider misuse, unprotected operations,
resource overload attacks, distributed service
disruption Defenses: authority management (operator
authentication, role-based control authorization),secure resource management, secure applicationdistribution services
8/9/2019 17 Scada System
10/23PSTI\SDP\AD
Is the SCADA Cyber threatreal?
The threat is real and proven: A disgruntled ex-employee used a port scan and ping-sweep program to
identify active system ports and network IP addresses belonging to anoil company. On finding an active connection and an open port, heinitiated communication using various software tools downloaded fromthe Internet. He subsequently issued instructions to the remote system
and deleted sensitive system related to process control flow.
Australia March 2000, a failure at a pumping station caused up to 264,000gallons of raw sewage to flow onto the grounds of a local tourist resortand eventually into a storm sewer. The problems were traced todisruptions in the communitys new computerized sewage controlsystem. On 23 April 2000, police intercepted former employee VitekBoden, less than an hour after another control system malfunction. Asearch of his vehicle found a two-way radio and antennae, a remotetelemetry system, and a laptop computer.
8/9/2019 17 Scada System
11/23PSTI\SDP\AD
Is the SCADA Cyber threatreal?
In August 2003, the Nuclear RegulatoryCommission confirmed that in January2003, the Microsoft SQL Server wormknown as Slammerinfected a privatecomputer network at the Davis-Bessenuclear power plant in Oak Harbor, Ohio,disabling a safety monitoring system fornearly 5 hours.Note: the plant was off-line at the time.
8/9/2019 17 Scada System
12/23PSTI\SDP\AD
The Bad News
Time&M
one
y
Sophistication of Cyber Defenses
It is only a matter of time and money, they will get in!
Difficulty inHacking a
System
8/9/2019 17 Scada System
13/23
PSTI\SDP\AD
Source : http://standeyo.com/News_Files/NBC/Terrorist_cells.html
Terrorist Cells inthe US
Updated September 3, 2003
DEYO NOTE: Terrorists are a very real and growingthreat in America and to American interests aroundthe world. It should be assumed these are not the only
cell locations within the US and that they are subjectto change.
http://standeyo.com/News_Files/NBC/Terrorist_cells.htmlhttp://standeyo.com/News_Files/NBC/Terrorist_cells.html8/9/2019 17 Scada System
14/23
PSTI\SDP\AD
Is the Terrorist Threat Real?
Yes, the Terrorist threat is real!
The mid-East Terrorist have: Means to carry out an attack Motivation Ability to access our systems
Access to technical documentation Low barriers to success
8/9/2019 17 Scada System
15/23
Cyber Trends
8/9/2019 17 Scada System
16/23
PSTI\SDP\AD
Overview of Attack Trends
Trend 1Automation; speed of attack tools A. Scanning for potential victims. B. Compromising vulnerable systems C. Propagate the attack.. D. Coordinated management of attack
tools.Trend 2Increasing sophistication of
attack tools A.Anti-forensics. B. Dynamic behavior. C. Modularity of attack tools.
Trend 3Faster discovery ofvulnerabilities
Trend 4Increasing permeability offirewalls
IPP (the Internet Printing Protocol) andWebDAV (Web-based DistributedAuthoring and Versioning)
ActiveX controls, Java, and JavaScript . (See
http://www.cert.org/reports/activeX_report.pdf.)
Trend 5 Increasingly asymmetric threatTrend 6 Increasing threat from infrastructure attacksAttack 1 Distributed denial of serviceAttack 2 WormsAttack 3 Attacks on the Internet Domain Name SystemCache poisoningCompromised data
Denial of serviceDomain hijackingAttack 4 Attacks against or using routers
Routers as attack platformsDenial of service.Exploitation of trust relationship between routers.
SCADA is susceptible to all the IT threats because of enterprise integration
8/9/2019 17 Scada System
17/23
8/9/2019 17 Scada System
18/23
PSTI\SDP\AD
Policy vs. Cyber Attacks Sound policy is a core element of the cyber security management
system. Without it, extensive implementations of routers, firewallsand intrusion detection systems are misguided..
80% of attacks show weakness in internal processes Unauthorized modems Disgruntled employee You hired a terrorist Unauthorized access In-sufficient attention to security (leave the door open)
Security assessment is viewed as a one-time-event that lacks ametric to allow comparison over time nor assess readiness Initial vigilance degrades over time Doesnt keep up with changing cyber threats
No amount of technology will make up for lack of soundpolicy.
8/9/2019 17 Scada System
19/23
Recommended Long Term
R&D for SCADA
8/9/2019 17 Scada System
20/23
PSTI\SDP\AD
Needed SCADA R&D
Standards and Methodology:
Issue: Inability to test the security ofinfrastructure systems and to describe the
industrys security readiness in a consistentmanner.
R&D Focus: Develop SCADA/process controlsecurity standards and methodologies to
enable assessment of security readinessover time.
8/9/2019 17 Scada System
21/23
PSTI\SDP\AD
Needed SCADA R&DModeling and Analysis: Issue: Inability to model the entire infrastructure
and represent the interdependences R&D Focus : Develop scalable and extensible
models of the critical infrastructure to enableplanning, simulation, and predictions ofresponse to changes. Models should enableanalysis of the impacts of:
economics, human interaction, organizational structure, technology development accidental & malicious faults
8/9/2019 17 Scada System
22/23
PSTI\SDP\AD
Needed SCADA R&DNext Generation SCADA Platforms: Issue: Multiple generation of legacy systems
control the Nations infrastructures. Realitiesof low industrial investments in both capital
improvements and research and development(R&D). R&D Focus: Develop strategies to drive the
rapid evolution of SCADA/process controlsolutions. R&D must provide a robust,scalable, evolvable and secure solution.
8/9/2019 17 Scada System
23/23
PSTI\SDP\AD
Thank You
BySANJAY D. PATIL
Assistant DirectorNPTI