1 / 37

The Tofino Security Industrial Solution

The Tofino Security Industrial Solution. Making the Control System Intrinsically Secure. Agenda. Who Turned Out the Lights? Making the Case for Control System Security Plugging the Holes Understanding Defence-in-Depth Security

Olivia
Télécharger la présentation

The Tofino Security Industrial Solution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Tofino Security Industrial Solution Making the Control System Intrinsically Secure

  2. Agenda • Who Turned Out the Lights?Making the Case for Control System Security • Plugging the HolesUnderstanding Defence-in-Depth Security • The Tofino Industrial Security SolutionCreating Intrinsically Secure Control Systems • Questions & Answers

  3. Who Turned Out the Lights? Making the Case for Control System Security

  4. The Incident in Harrisburg, PA • Oct 2006 -a foreign-based hacker (via Internet) infiltrates the laptop of an employee at the Harrisburg water system. • Uses the employee’s remote access as the entry point into the SCADA system. • The hacker then installs malware and spyware in a SCADA HMI computer.

  5. But It Won’t Happen to My System… “Most public utilities rely on a highly customized SCADA system. No two are the same, so hacking them requires specific knowledge”. Scott Berinato; “Debunking the Threat to Water Utilities” CIO Magazine March 15, 2002

  6. Security Incidents in the Water Industry • Salt River Project SCADA Hack • Maroochy Shire Sewage Spill • Software Flaw Makes MA Water Undrinkable • Trojan/Keylogger on Ontario Water SCADA System • Viruses Found on Auzzie SCADA Laptops • Audit/Blaster Causes Water SCADA Crash • DoS attack on water system via Korean telecom • Penetration of California irrigation district wastewater treatment plant SCADA. • SCADA system tagged with message, "I enter in your server like you in Iraq."

  7. Security Incidents in the Oil Industry • Electronic Sabotage of Venezuela Oil Operations • CIA Trojan Causes Siberian Gas Pipeline Explosion • Anti-Virus Software Prevents Boiler Safety Shutdown • Slammer Infected Laptop Shuts Down DCS • Virus Infection of Operator Training Simulator • Electronic Sabotage of Gas Processing Plant • Slammer Impacts Offshore Platforms • SQL Slammer Impacts Drill Site • Code Red Worm Defaces Automation Web Pages • Penetration Test Locks-Up Gas SCADA System • Contractor Laptop Infects Control System

  8. Security Incidents in the Chemical Industry • IP Address Change Shuts Down Chemical Plant • Hacker Changes Chemical Plant Set Points via Modem • Nachi Worm on Advanced Process Control Servers • SCADA Attack on Plant of Chemical Company • Contractor Accidentally Connects to Remote PLC • Sasser Causes Loss of View in Chemical Plant • Infected New HMI Infects Chemical Plant DCS • Blaster Worm Infects Chemical Plant

  9. Security Incidents in the Power Industry • Slammer Infects Control Central LAN via VPN • Slammer Causes Loss of Comms to Substations • Slammer Infects Ohio Nuclear Plant SPDS • Iranian Hackers Attempt to Disrupt Israel Power System • Utility SCADA System Attacked • Virus Attacks a European Utility • Facility Cyber Attacks Reported by Asian Utility • E-Tag Forgery Incident in Power PSE • Power Plant Security Details Leaked on Internet

  10. Risking It All on the Great Wall Why Security Solutions Fail

  11. The Bastion Model of Security • A popular solution for industrial security is to install single firewall between business and the control system. • Known as the Bastion Model since it depends on a single point of security. • Other examples of the bastion model: • The Great Wall of China • The Maginot Line

  12. A Few Incorrectly Configured Firewalls… • Study of 37 firewalls from financial,energy,telecommunications, media, automotive, and security firms... “Almost 80 percent of firewalls allow both the "Any" service on inbound rules and insecure access to the firewalls. These are gross mistakes by any account.” A quantitative study of firewall configuration errors“Avishai Wool, " IEEE Computer Magazine, IEEE Computer Society, June 2004

  13. The Bastion Model Doesn't Work • The Slammer Worm infiltrated a: • Nuclear plant via a contractor’s T1 line; • Power utility SCADA system via a VPN; • Petroleum control system via laptop; • Paper machine HMI via dial-up modem. • Firewalls existed in at least three of these cases. * Industrial Security Incident Database June 2006

  14. Infected Remote Support Internet  Office LAN  Unauthorized Connections  Infected Laptops Mis-Configured Firewalls   Modems Plant Network Control LAN External PLC Networks   RS-232 Links Pathways into the Control Network

  15. How the Bad Guys Get In… • Corporate WANs & Business Networks • Directly from the Internet • Trusted third parties • Infected laptops being connected to the PCN

  16. Plugging the Holes Creating Defense in Depth Security Strategies

  17. A Perimeter Defence is Not Enough • We can’t just install a control system firewall and forget about security. • The bad guys will eventually get in. • So we must harden the plant floor. • We need Defence in Depth. Crunchy on the Outside - Soft in the Middle

  18. Defence-in-Depth Strategy • “By defense-in-depth strategy, we mean the protection measures composed of more than one security control to protect the property.” • “By the use of this kind of multi-layer measures, another layer will protect the property even if one layer is destroyed, so the property is protected more firmly.” Yokogawa Security Standard of System TI 33Y01B30-01E

  19. The Solution in the IT World • Your desktop has flaws so you add security software: • Patches • Personal Firewalls (like ZoneAlarm) • Anti-Virus Software • Encryption (VPN Client or PGP) • This is a good idea for PCs in the control system… • But you can’t add software to your DCS, PLC or RTU…

  20. Distributed Security Appliances • Add hardware instead - a security appliance designed to be placed in front of individual control devices (such as PLC, DCS, RTU etc). • Protects the control device from any unauthorized contact, probing, commands, etc.

  21. Layers 1/2 Defence (Device) Layers 3/4 Defence (Control System) Layer 5 Defence (Enterprise) Distributed Security Appliances Internet Attacks Internet Infected Business PC   Internet Firewall Business Network DMZ Business/Control System Firewall Distributed FW  Infected HMI Distributed FW Cluster of PLCs SCADA RTU DCS Controllers

  22. The Tofino Industrial Security Solution Creating Intrinsically Secure Control Systems

  23. Key Tofino™ Components • Tofino™ Security Appliance • Tofino™ Loadable Security Modules (LSM) • Tofino™ Central Management Platform (CMP)

  24. Corporate Intranet Tofino™ Central Management Platform IDS Module Being Loaded to Appliance Status Being Sent to CMP Router Tofino™ Appliance Monitoring DCS Network Tofino™ Appliance Protecting PLC Cluster of DCS Controllers HMI Station SCADA RTU PLC Controllers The Tofino™ Architecture

  25. Tofino™ Security Appliance • Industrially hardened hardware appliances. • Installed in front of individual and/or networks of HMI, DCS, PLC or RTU control devices that require protection.

  26. Tofino™ Loadable Security Modules • LSMs are software plug-ins providing security services such as: • Firewall, • Intrusion detection system (IDS), • VPN encryption. • Each LSM is downloaded into the security appliance to allow it to offer customizable security functions, depending on the requirements of the control system. • The Firewall LSM is available now. • Others will be released through 2008.

  27. Tofino™ Central Management Platform • The CMP is a Windows-based centralized management server. • Provides database for monitoring, supervision and configuration of each security appliance.

  28. Key Tofino Features Intrinsically Secure Designed for Industry

  29. Hardware specifications: Temperature -40C to 70C Dual Power Supply Form factor similar to common I/O or barriers Form Factor and Robustness Dual Digital Inputs Serial Port Option (Q2 2008) Ethernet Ports DIN Rail Mount Secure USB Ports Dual 9-32 VDC

  30. Zero Configuration Deployment Model • Field technician need do no more than: • Attach the firewall to the DIN Rail • Attach instrument power • Plug in network cables • Walk away… • Tofino is completely transparent to the process network on startup.

  31. Simple to Operate • Plug security appliance onto the control network in front of a PLC, DCS or HMI station: • Select the appropriate device from a central database where each device’s protocols andvulnerabilities are recorded. • Guides administratorto load appropriate rules to protect that specific device.

  32. Intuitive Rule Generator Globally control specific types of communications Preconfigured to block known device flaws Create a list of devices that can “talk” to a protected device and allowed protocols

  33. One management station can monitor and manage hundreds of firewalls, deployed in remote locations. Reports with encrypted heartbeat (like a fieldbus) to report status and events. Administration and Global Management

  34. Loadable Security Modules (LSM) allow multiple security functions to be deployed in one appliance. In 2007 the Firewall LSM is available Through out 2008 IDS and VPN/Encryption will be released New modules can be deployed at any time. More Than Just a Firewall List of available modules for download

  35. Sample Tofino Use Cases • Satellite Control Networks • Protection from Alien Control Networks • Protection Of Safety Systems • Protection from External Networks • Protection from Insecure Networks • Protection for Unpatchable Systems • Protection of Wireless Systems • Protection of OPC Traffic • Future – Full Scale Network Separation

  36. Tofino – Intrinsically Secure • More than a firewall - LSM’s can provide security solutions tailored to specific plant floor situations. • Designed with the environment, staff capabilities and needs of industry in mind. • A truly distributed security solution, yet can be easily managed from a central location. • Flexible enough to be used by a small plant or a multi-national organization with 1000’s devices scattered around the globe.

  37. Byres Security Inc. Lantzville, BC 250 390 1333 info@byerssecurity.com http://www.byressecurity.com MTL Instruments Edmonton, Alberta 780 485-3139 Tofino@mtl-inst.com http://www.mtl-inst.com Questions

More Related