ICS-Security für KMUs...ICS-Security für KMUs Zukünftige Anforderungen für sichere industrielle...
Transcript of ICS-Security für KMUs...ICS-Security für KMUs Zukünftige Anforderungen für sichere industrielle...
-
ICS-Security für KMUs
Zukünftige Anforderungen für sichere industrielle Automatisierung in Österreich
Ing. DI(FH) Herbert Dirnberger, MA, CISMLeiter der Arbeitsgruppe – Sicherheit der industriellen Automation/SCADACYBER SECURITY AUSTRIAVerein zur Förderung der Sicherheit Österreichs strategischer Infrastruktur
IT-Security Community XChange, St. Pölten9. November 2012TLP:
Diese Arbeit wird unter den Bedingungen der Creative Commons Lizenz(CC BY-NC-ND) veröffentlicht. siehe http://creativecommons.org/licenses/by-nc-nd/3.0/at/
Copyright 20112 Cyber Security Austria
http://creativecommons.org/licenses/by-nc-nd/3.0/at/http://creativecommons.org/licenses/by-nc-nd/3.0/at/
-
Einleitung
50.000 KMUs50.000 KMUs
Industrielle Automatisierung
Sicherheit
Sicherheit
-
AGENDA
• Automatisierung
• Konvergenz
• Sicherheit
• Maßnahmen (KMUs, EU, Österreich)
• Cyber Security Austria
-
Industrielle Automatisierung
-
Automatisierung
http://www.youtube.com/watch?v=Kpvr2MVZjws&feature=plcp
http://www.youtube.com/watch?v=YFbBVzYaH_E
Bikinger, „Raffinerie Schwechat“, CC-Lizenz (BY 2.0)
Paul-Gerhard Koch, „Kaprun“Bikinger, CC-Lizenz (BY 2.0)
teakettle, „u1“, CC-Lizenz (BY 2.0)
http://creativecommons.org/licenses/by/2.0/de/deed.deAlle Bilder stammen aus der kostenlosen Bilddatenbank www.piqs.de
Fertigung Prozesse Gebäude
kritische Infrastruktur
Qualität Produktivität
http://www.youtube.com/watch?v=Kpvr2MVZjws&feature=plcphttp://www.youtube.com/watch?v=Kpvr2MVZjws&feature=plcphttp://www.youtube.com/watch?v=Kpvr2MVZjws&feature=plcphttp://www.youtube.com/watch?v=Kpvr2MVZjws&feature=plcphttp://www.youtube.com/watch?v=YFbBVzYaH_Ehttp://www.youtube.com/watch?v=YFbBVzYaH_Ehttp://www.youtube.com/watch?v=YFbBVzYaH_Ehttp://www.youtube.com/watch?v=YFbBVzYaH_E
-
Fachbegriffe der Automatisierung
Quelle: Wikipedia Quelle: Wikipedia
Quelle: Wikipedia Quelle: Wikipedia Quelle:http://produktion.de
SCADA/DCSPLC/SPS HMI
ICSIndustrial Control Systems
http://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/1/1f/s7300.jpghttp://produktion.dehttp://produktion.de
-
Automatisierung in 2 min
AktorSensor
Steuerung
BedienerInnen
Bussystem
HMI
Physikalischer Prozess
-
Konvergenz
-
Konvergenz IT und AT
Netzwerke
IT StandardsCOTS
„Gebäudeleittechnik as a Service“
mobil
Cloud
offene Systemeremote
wireless
Quelle: www.automotiveit.eu
Quelle: Wikipedia
Quelle: Wikipedia
Quelle: Wikipedia
Quelle: Wikipedia
BYOD
Cyber Physical Systems
http://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/6/6f/transponder2.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/6/6f/transponder2.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/6/6f/transponder2.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/6/6f/transponder2.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://en.wikipedia.org/wiki/File:Intelligenter_zaehler-_Smart_meter.jpghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.pnghttp://file://localhost/users/hdirnber//upload.wikimedia.org/wikipedia/commons/b/b6/wikipediafpandbd.png
-
Folgen der Konvergenz
• „Die Zeit der getrennten Systeme ist vorbei“
• Übergangsphase
• Know How- und Fachkräftemangel
• Security und Safety
T. Brandstetter
-
Sicherheit
-
Sicherheitsparadigma
Quelle: Wikipedia
machine
Quelle: www.imdb.de
information
protect the
A Survey of Cyber-Physical SystemsJianhua Shi Jiafu Wan* Hehua Yan, Hui Suo
School of Physics and Electronics Science School of Computer Science and Engineering College of Electrical EngineeringShanxi Datong University South China University of Technology Guangdong Jidian Polytechnic
Datong, China Guangzhou, China Guangzhou, [email protected] *Corresponding Author [email protected]
Abstract—Cyber-Physical Systems (CPSs) are characterizedby integrating computation and physical processes. The theoriesand applications of CPSs face the enormous challenges. The aimof this work is to provide a better understanding of this emergingmulti-disciplinary methodology. First, the features of CPSs aredescribed, and the research progresses are summarized fromdifferent perspectives such as energy control, secure control,transmission and management, control technique, systemresource allocation, and model-based software design. Then threeclassic applications are given to show that the prospects of CPSsare engaging. Finally, the research challenges and somesuggestions for future work are in brief outlined.
Keywords – cyber-physical systems (CPSs); communications;computation; control
I. INTRODUCTIONCyber-Physical Systems (CPSs) integrate the dynamics of
the physical processes with those of the software andcommunication, providing abstractions and modeling, design,and analysis techniques for the integrated whole[1]. Thedynamics among computers, networking, and physical systemsinteract in ways that require fundamentally new designtechnologies. The technology depends on the multi-disciplinessuch as embedded systems, computers, communications, etc.and the software is embedded in devices whose principlemission is not computation alone, e.g. cars, medical devices,scientific instruments, and intelligent transportation systems [2].Now the project for CPSs engages the related researchers verymuch.
Since 2006, the National Science Foundation (NSF) hasawarded large amounts of funds to a research project for CPSs.Many universities and institutes (e.g. UCB, Vanderbilt,Memphis, Michigan, Notre Dame, Maryland, and GeneralMotors Research and Development Center, etc.) join thisresearch project [3, 4]. Besides these, the researchers fromother countries have started to be aware of significance forCPSs research. In [5-7], the researchers are interested in thisdomain, including theoretical foundations, design andimplementation, real-world applications, as well as education.As a whole, although the researchers have made some progressin modeling, control of energy and security, approach ofsoftware design, etc. the CPSs are just in an embryonic stage.
The rest of this paper is outlined as follows. Section IIintroduces the features of CPSs. From different perspectives,the research processes are summarized in Section III. SectionIV gives some classic applications. Section V outlines the
research challenges and some suggestions for future work andSection VI concludes this paper.
II. FEATURES OF CPSSGoals of CPSs research program are to deeply integrate
physical and cyber design. The diagrammatic layout for CPSsis shown in Figure 1. Obviously, CPSs are different fromdesktop computing, traditional embedded/real-time systems,today’s wireless sensor network (WSN), etc. and they havesome defining characteristics as follows [7-10].
Closely integrated. CPSs are the integrations ofcomputation and physical processes.
Cyber capability in every physical component andresource-constrained. The software is embedded inevery embedded system or physical component, andthe system resources such as computing, networkbandwidth, etc. are usually limited.
Networked at multiple and extreme scales. CPSs, thenetworks of which include wired/wireless network,WLAN, Bluetooth, GSM, etc. are distributed systems.Moreover, the system scales and device categoriesappear to be highly varied.
Complex at multiple temporal and spatial scales. InCPSs, the different component has probably inequable
Figure 1. Diagrammatic layout for CPSs
In Proc. of the Int. Conf. on Wireless Communications and Signal Processing, Nanjing, China, November 9-11, 2011
process/system
Quelle: http://www.cps-cn.org/Conference/CPS_Survey.pdf
network IT
human
SECURTIY
SAFETY
(game)
http://www.imdb.dehttp://www.imdb.dehttp://www.cps-cn.org/Conference/CPS_Survey.pdfhttp://www.cps-cn.org/Conference/CPS_Survey.pdf
-
Security und Safety
Embedded Security
IT Security
Network Security
Information Security
SCADA Security
ICS Security
Cyber Security
Prozess SicherheitSafety
Sicherheit
IndustrialIT Security
Risiko MgtBCM
Physical Security
Cyber war
Security
-
Security by obscurity
• Insellösungen
• „Silodenken“
• unkoordiniert
• unnötig komplex
und abhängig
• angewandtes Home Office
• „Sicherheit ist zu teuer“
ka2706, „Stooop!!“, CC-Lizenz (BY 2.0)
http://creativecommons.org/licenses/by/2.0/de/deed.deBild stammt aus der kostenlosen Bilddatenbank www.piqs.de
http://creativecommons.org/licenses/by/2.0/de/deed.dehttp://creativecommons.org/licenses/by/2.0/de/deed.de
-
Gefahren und Risiken
GefahrenTechnische DefekteOrganisatorische MängelHöhere GewaltMenschliche FehlerInsider AttackenWirtschaftsspionageCyber Attacken
RisikenQualitätsminderungProduktionsausfallKollateralschädenÜberlastung von PersonalRechtsstreitigkeitenReputationsverlustKnow How Verlust, LeaksErpressung
-
Innovative Angriffsvektoren
• Passive information gathering
• meta... Tools
• Botnet as a Service
• People
Organization
Infrastructure
Timothy Krause, „Security guard“, CC-Lizenz (BY 2.0)http://creativecommons.org/licenses/by/2.0/de/deed.deBild stammt aus der kostenlosen Bilddatenbank www.piqs.de
Herbert Dirnberger, Auszug aus Screenshot der Webseite http://www.shodanhq.com
Open Source Intelligence & SCADA
http://www.shodanhq.comhttp://www.shodanhq.com
-
Verantwortung
-
Verantwortung
NormenStandardsGesetzgeber
BetreiberEndkunde
Aus- und Weiterbildung
IntegratorenDistributoren
Hersteller
-
Maßnahmen
-
10 ICS-Security Maßnahmen für KMUs
(1) Sensibilisierung und Bewusstsein schaffen, Management einbinden
(2) Verantwortung definieren
(3) Budget und Ressourcen bereitstellen
(4) Zugangskontrollen und -schutz installieren
(5) Backup erstellen und Recovery prüfen
-
10 ICS-Security Maßnahmen für KMUs
(6) Dokumentation laufend überarbeiten
(7) Segmentierung durchführen
(8) Anti Malwareschutz einsetzen
(9) Komplexität reduzieren
(10)Integration von ICS-Security im Managementsystem durchführen
Ausgabe 4/2012, verfügbar ab 13.11.2012http://www.automation-security.de
http://www.automation-security.dehttp://www.automation-security.de
-
ENISA
• Europaweite ICS Strategie
• Good Practice Guide
• ICS Security plan templates
• Stärkung von Bewusstseinund Training
• Common test bedICS Security cert. Framework http://www.enisa.europa.eu/
http://creativecommons.org/licenses/by/2.0/de/deed.dehttp://creativecommons.org/licenses/by/2.0/de/deed.de
-
Notwendige Maßnahmen (national + EU)
• Stärkung von Aus- und Weiterbildung
• Schaffung einer eindeutigen Terminologie
• Bildung von Standards, Gesetzen, Normen,
Richtlinien, Zertifizierungen, ...
• Berücksichtigung des Internationalen
Rahmens - ISA 99, ISO 27000, ...
-
Aktivitäten der Cyber Security Austria
-
Arbeitsgruppe SCADAIndustrial Automation
• Sensibilisieren und Bewusstsein schaffen
Management, Führungskräfte, Mitarbeiter,...
• Mitarbeit bei Standards, Gesetzen, Normen,
Richtlinien, Zertifizierungen, ...
• Entwicklung von Design Pattern
• Stärkung Aus-, Weiterbildung und Lehre
• Bildung einer eindeutigen Terminologie
-
DANKE
Ing. DI(FH) Herbert Dirnberger, MA, CISM
herbert.dirnberger@cybersecurityaustria.atwww.cybersecurityaustria.at
speziell auch an die Kollegen Joe, Florian, David, Rüdiger, Franz, Herbert und Paul
http://www.cybersecurityaustria.athttp://www.cybersecurityaustria.at