Beruflich Dokumente
Kultur Dokumente
net/publication/275045465
CITATIONS READS
0 72
1 author:
Ramesh Sivaraman
C4ISR Global Systems
9 PUBLICATIONS 0 CITATIONS
SEE PROFILE
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Ramesh Sivaraman on 18 April 2015.
Ramesh Sivaraman
Specialist
CYBER SECURITY-ICS
Brief Solution Summary
The page is left intentionally blank
Introduction
S3tel Inc. a leading solution integrator in the space of Homeland security and National Defense. As
part of the Critical National infrastructure protection solution portfolio, S3tel has inherited the
process and procedures based on standards and developed a comprehensive Intelligence acquisition
platform that integrates with third party cyber security products to provide complete situational
awareness and actionable intelligence for protecting the Industrial control/automation systems
For the past few years, there has been a huge focus on securing the Industrial control systems/SCADA
based Industrial process monitoring system as few attacks/disaster has been reported publicly.
Supervisory control and data acquisition (SCADA) networks contain computers and software that
perform critical tasks and provide essential services within critical infrastructure. These
infrastructures are
And the most important fact to note here is that these systems are deployed over a decade before
and most of them are legacy systems.
Hence they are prone for various cyber threats that could compromise and jeopardize a country in
many ways
Originally these systems are deployed to monitor the key parameters of production processes and to
operate their control to ensure the proper provisioning of critical services.
These systems were designed in an environment with the sole intent to monitor processes without
considering the security requirements and the needs to protect them from external threats. On top
of it, they are operating in an environment that is totally different from the one they have been
designed for.
Therefore their exposure to internet will be an obvious risk factor. Find below a typical layout
SCADA devices communicate with the control system using protocols such as DNP v3, ICCP and
MODBUS. MIS reports are passed to and from SCADA devices via the following interfaces:
Human–machine interface – the HMI allows an operator to view and react to process status
and events
Supervisory system – computers which monitor and send commands to control devices and
processes
Remote terminal units – RTUs convert signals from process sensors to digital data and relay
them to the supervisory system
Communications infrastructure – connects RTUs to the supervisory system
Access failure or compromise to these systems could result in severe physical damage, disruption
and financial loss to a company. Therefore, security of these SCADA systems shall be a high priority.
We have summarized the following Challenges and security concerns for better understanding
Security was not a major concern when Legacy ICS systems were developed
ICS system lifecycle is typically 15-20 years
ICS products are incorporating COTS technology from the business IT sector (Ethernet,
Windows OS, SQL, webservers, etc.)
Multi-vendor solutions at most ICS sites
Increasing need to share data between the enterprise, corporate, and DCS networks
Lack of experienced security personnel working on ICS’s
History of separate IT and ICS teams
Vulnerability to Denial of Service attacks
Backdoors and “holes” in the network perimeter
Devices with little or no security features (modems, legacy control devices, etc.)
Common communication protocols designed without security
Remote, unmanned sites with challenging physical security
Database security vulnerabilities (proprietary and / or 3rd party )
Lack of encryption and authentication
Improper or nonexistent patching of software and firmware
Unsecure coding techniques in product design
Non-existent cyber security procedures
Lack of control system-specific security protection / mitigation technologies
Security researchers with various vulnerability disclosure practices
Publicly available hacking tools make hacking easier for even “novices”
S3tel Solution
We provide a comprehensive solution to protect the SCADA that includes services and products.
Our solution will detect vulnerabilities with active and passive scanning and analysis, and host based
patch monitoring for enterprise networks. Key product lines include:
Security Center is fully integrated with proposed line of products and is used to manage the
information collected by the Log Correlation Engine, vulnerability scanners etc.