17 Scada System

8/9/2019 17 Scada System

1/23

SCADA System

Component and Function


2/23

PSTI\SDP\AD

Agenda

SCADA Overview Power System Protocols

Is the Cyber threat real? Recommendations for SCADA

security R&D

Evolution of Communication System

&Right Click on choose penHyperlink
http://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(1%20related)%20cominication%20system.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(3%20related)%20Protocol.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(4%20related)%20e-security.pptxhttp://c/Documents%20and%20Settings/Karim/Desktop/Studied/17(2%20related)%20over%20view.pptx


3/23

PSTI\SDP\AD

Supervisory Control and DataAcquisition (SCADA)

General Definition Industrial measurement and control system

consisting of: central host or master (MTU);

one or more field data gathering and control units orremotes (RTU's) collection of standard and/or custom software used to

monitor and control remotely located field dataelements.

Generally cover larger geographic areas Predominantly open-loop control characteristics

(may have some elements of closed-loop control and/orshort distance communications)

Use variety of communications systems (LAN,wireless, microwave, bus, point-to-point)


4/23

PSTI\SDP\AD

Distributed Control Systems(DCS)

General Definition Similar to SCADA systems, used predominately in

factories, treatment plants etc. Similar functions to SCADA, but the field data

gathering or control units are usually located withina more confined area. Communications often via a reliable and high speed

local area network (LAN). DCS system usually employs significant amounts of

closed loop control.


5/23

PSTI\SDP\AD

Secure SCADA and beyond

vWe think that there is a great deal to be done interms of operationalizing secure versions ofSCADA (Supervisory Control And DataAcquisition) and DCS (Digital Control Systems) forthe infrastructures considered, especially power,

natural gas, chemical and process control, etc.vHowever, the sense was that this infrastructure was

going to be gradually replaced by networkedembedded devices (possibly wireless) ascomputing and communication devices become

more user friendly and prevalent. Thus, the majorresearch recommendations were for an area thatwe named SecureNetworked EmbeddedSystems (SENSE).


6/23

PSTI\SDP\AD

SCADA of the Future Current SCADA

Closed systems, limited coordination, unprotectedcyber-infrastructure

Local, limited adaptation (parametric), manual control Static, centralized structure

Future requirements Decentralized, secure open systems (peer-to-peer,

mutable hierarchies of operation) Direct support for coordinated control, authority

restriction Trusted, automated reconfiguration

Isolate drop-outs, limit cascading failure, manageregions under attack

Enable re-entry upon recovery to normaloperation Coordinate degraded, recovery modes

Diagnosis, mitigation of combined physical, cyber attack Advanced SCADA for productivity, market stability,

manageability


7/23PSTI\SDP\AD

Embedded Software prevalent in all critical infrastructures.Critical to high confidence embedded software are opensource techniques for

Automated Design, Verification and Validation Verified design in a formal, mathematical sense Validated design in an engineering sense Certifiable design to allow for regulatory and certification

input High Confidence Systems

Narrow waisted middleware Trusted abstractions, limited interfaces Algorithms and protocols for secure, distributed

coordination and control

Security and composable operating systems Tamper Proof Software

Generative Programming Intelligent Microsystems: infrastructure of the future with

security co-design with hardware and software.

Secure Network Embedded System


8/23PSTI\SDP\AD

Layers of Secure NetworkEmbedded Systems

Physical Layer Attacks: jamming, tampering Defenses: spread spectrum, priority messages,

lower duty cycle, region mapping, modechange, tamper proofing, hiding.

Link Layer Attacks: collision, exhaustion, unfairness

Defenses: error correcting code, rate limitation,small frames


9/23PSTI\SDP\AD

Layers of Secure Network Embedded Systems

Network and Routing Layer

Attacks: neglect and greed, homing, misdirection, blackholes Defenses: redundancy, probing, encryption, egress

filtering, authorization, monitoring, authorization,monitoring, redundancy

Transport Layer

Attacks: flooding, desynchronization Defenses: client puzzles, authentication

Embedded System/Application Layer Attacks: insider misuse, unprotected operations,

resource overload attacks, distributed service

disruption Defenses: authority management (operator

authentication, role-based control authorization),secure resource management, secure applicationdistribution services


10/23PSTI\SDP\AD

Is the SCADA Cyber threatreal?

The threat is real and proven: A disgruntled ex-employee used a port scan and ping-sweep program to

identify active system ports and network IP addresses belonging to anoil company. On finding an active connection and an open port, heinitiated communication using various software tools downloaded fromthe Internet. He subsequently issued instructions to the remote system

and deleted sensitive system related to process control flow.

Australia March 2000, a failure at a pumping station caused up to 264,000gallons of raw sewage to flow onto the grounds of a local tourist resortand eventually into a storm sewer. The problems were traced todisruptions in the communitys new computerized sewage controlsystem. On 23 April 2000, police intercepted former employee VitekBoden, less than an hour after another control system malfunction. Asearch of his vehicle found a two-way radio and antennae, a remotetelemetry system, and a laptop computer.


11/23PSTI\SDP\AD

Is the SCADA Cyber threatreal?

In August 2003, the Nuclear RegulatoryCommission confirmed that in January2003, the Microsoft SQL Server wormknown as Slammerinfected a privatecomputer network at the Davis-Bessenuclear power plant in Oak Harbor, Ohio,disabling a safety monitoring system fornearly 5 hours.Note: the plant was off-line at the time.


12/23PSTI\SDP\AD

The Bad News

Time&M

one

y

Sophistication of Cyber Defenses

It is only a matter of time and money, they will get in!

Difficulty inHacking a

System


13/23

PSTI\SDP\AD

Source : http://standeyo.com/News_Files/NBC/Terrorist_cells.html

Terrorist Cells inthe US

Updated September 3, 2003

DEYO NOTE: Terrorists are a very real and growingthreat in America and to American interests aroundthe world. It should be assumed these are not the only

cell locations within the US and that they are subjectto change.
http://standeyo.com/News_Files/NBC/Terrorist_cells.htmlhttp://standeyo.com/News_Files/NBC/Terrorist_cells.html


14/23

PSTI\SDP\AD

Is the Terrorist Threat Real?

Yes, the Terrorist threat is real!

The mid-East Terrorist have: Means to carry out an attack Motivation Ability to access our systems

Access to technical documentation Low barriers to success


15/23

Cyber Trends


16/23

PSTI\SDP\AD

Overview of Attack Trends

Trend 1Automation; speed of attack tools A. Scanning for potential victims. B. Compromising vulnerable systems C. Propagate the attack.. D. Coordinated management of attack

tools.Trend 2Increasing sophistication of

attack tools A.Anti-forensics. B. Dynamic behavior. C. Modularity of attack tools.

Trend 3Faster discovery ofvulnerabilities

Trend 4Increasing permeability offirewalls

IPP (the Internet Printing Protocol) andWebDAV (Web-based DistributedAuthoring and Versioning)

ActiveX controls, Java, and JavaScript . (See

http://www.cert.org/reports/activeX_report.pdf.)

Trend 5 Increasingly asymmetric threatTrend 6 Increasing threat from infrastructure attacksAttack 1 Distributed denial of serviceAttack 2 WormsAttack 3 Attacks on the Internet Domain Name SystemCache poisoningCompromised data

Denial of serviceDomain hijackingAttack 4 Attacks against or using routers

Routers as attack platformsDenial of service.Exploitation of trust relationship between routers.

SCADA is susceptible to all the IT threats because of enterprise integration


17/23


18/23

PSTI\SDP\AD

Policy vs. Cyber Attacks Sound policy is a core element of the cyber security management

system. Without it, extensive implementations of routers, firewallsand intrusion detection systems are misguided..

80% of attacks show weakness in internal processes Unauthorized modems Disgruntled employee You hired a terrorist Unauthorized access In-sufficient attention to security (leave the door open)

Security assessment is viewed as a one-time-event that lacks ametric to allow comparison over time nor assess readiness Initial vigilance degrades over time Doesnt keep up with changing cyber threats

No amount of technology will make up for lack of soundpolicy.


19/23

Recommended Long Term

R&D for SCADA


20/23

PSTI\SDP\AD

Needed SCADA R&D

Standards and Methodology:

Issue: Inability to test the security ofinfrastructure systems and to describe the

industrys security readiness in a consistentmanner.

R&D Focus: Develop SCADA/process controlsecurity standards and methodologies to

enable assessment of security readinessover time.


21/23

PSTI\SDP\AD

Needed SCADA R&DModeling and Analysis: Issue: Inability to model the entire infrastructure

and represent the interdependences R&D Focus : Develop scalable and extensible

models of the critical infrastructure to enableplanning, simulation, and predictions ofresponse to changes. Models should enableanalysis of the impacts of:

economics, human interaction, organizational structure, technology development accidental & malicious faults


22/23

PSTI\SDP\AD

Needed SCADA R&DNext Generation SCADA Platforms: Issue: Multiple generation of legacy systems

control the Nations infrastructures. Realitiesof low industrial investments in both capital

improvements and research and development(R&D). R&D Focus: Develop strategies to drive the

rapid evolution of SCADA/process controlsolutions. R&D must provide a robust,scalable, evolvable and secure solution.


23/23

PSTI\SDP\AD

Thank You

BySANJAY D. PATIL

Assistant DirectorNPTI

17 Scada System

Documents

Transcript of 17 Scada System