• Alessio L.R. Pennasilico, Referente Sikurezza.org, CD e CTS CLUSIT

• Enzo Maria Tieghi, Referente ANIPLA, ISPE, AIIC, Socio CLUSIT

Come proteggere reti e sistemi di Automazione, Controllo e Telecontrollo da rischi informatici nell'industria e nelle utility

SMAU 2009 21 Ottobre 2009Fieramilanocity, Milano

I relatori – Alessio L.R. Pennasilico aka mayhem

• Security Evangelist @

• Board of Directors:

Associazione Informatici Professionisti, CLUSIT Associazione Italiana Professionisti Sicurezza Informatica, Italian Linux Society, LUGVR, Sikurezza.org, Hacker’s Profiling Project

I relatori – Enzo Maria Tieghi• Amministratore Delegato di ServiTecno

(da oltre 20 anni software industriale)

• Attivo in associazioni e gruppi di studio per la cyber security industriale (ISA s99 member)

• In Advisory Board, gruppi e progetti internazionali su Industrial Security e CIP (Critical Infrastructure Protection)

• Co-autore ed autore pubblicazioni, articoli e memorie

3

Sistemi di Automazione

IO

BUS (rete di campo? Ethernet? IP?)

PLC ed I/O distribuiti: reti/bus Profibus, Profinet, LonW, DeviceNet, Modbus, Bacnet,

ASI, Can, ecc.

Dispositivi di I/O: Sensori, Attuatori,

Comandi, Allarmi, …

Controllo

Supervisione

- SCADA

- HMI

- DCS

SCADA/HMI: Visualizzazione, Alarmi,Trend,

Controllo

Production

SCADA & dati dagli impianti

Packaging HVAC UtilitySecondaryPrimary

MES/ BusinessSystem

iHistorian

Reti di fabbrica & IT

Incidenti del passato (+ altri recenti… del 2008/9…)

• Al contrario di quanto si potrebbe normalmente pensare, diversi sono gli incidenti avvenuti in questo mondo, partendo dai lontani anni ‘80 sino a casi decisamente recenti.

Whatcom Falls Park• “About 3:28 p.m., Pacific daylight time, on June 10,

1999, a 16-inch-diameter steel pipeline owned by Olympic Pipe Line Company ruptured and released about 237,000 gallons of gasoline into a creek that flowed through Whatcom Falls Park in Bellingham, Washington. About 1.5 hours after the rupture, the gasoline ignited and burned approximately 1.5 miles along the creek. Two 10-year-old boys and an 18-year-old young man died as a result of the accident. Eight additional injuries were documented. A single-family residence and the city of Bellinghamís water treatment plant were severely damaged. As of January 2002, Olympic estimated that total property damages were at least $45 million.”

Technical details• “The Olympic Pipeline SCADA system

consisted of Teledyne Brown Engineering20 SCADA Vector software, version 3.6.1., running on two Digital Equipment Corporation (DEC) VAX Model 4000-300 computers with VMS operating system Version 7.1. In addition to the two main SCADA computers (OLY01 and 02), a similarly configured DEC Alpha 300 computer running Alpha/VMS was used as a host for the separate Modisette Associates, Inc., pipeline leak detection system software package.”

SCADA can save lives

• “5. If the supervisory control and data acquisition (SCADA) system computers had remained responsive to the commands of the Olympic controllers, the controller operating the accident pipeline probably would have been able to initiate actions that would have prevented the pressure increase that ruptured the pipeline.”

http://www.cob.org/press/pipeline/whatcomcreek.htm

Dove intervenire…

Seg&Seg: segmentazione e segregazione

Segmentazione secondo ISA s99 con Zone & Conduit

DataServer

File/PrintServer

App.Server

WorkstationLaptop computer

Router

Plant A Zone

Controller Controller

I/O I/O

App.Server

DataServer

Maint.Server

Plant A Control ZoneFirewall

DataServer

File/PrintServer

App.Server

WorkstationLaptop computer

Router

Plant B Zone

DataServer

File/PrintServer

App.Server

WorkstationLaptop computer

Router

Plant C Zone

MainframeWorkstationLaptop computer Server Server

Enterprise Zone

Firewall

Enterprise Conduit

Plant Control Conduit

Controller Controller

I/O I/O

App.Server

DataServer

Maint.Server

Plant B Control ZoneFirewall

Firewall

Plant Control Conduit

Controller Controller

I/O I/O

App.Server

DataServer

Maint.Server

Plant C Control ZoneFirewall

Firewall

Plant Control Conduit

Antivirus/Malware ?

E le patch?

Manutenzione remota con VPN ?

Accesso Remoto, VPN, ecc.

Hardending: cosa serve davvero?

Rinforzare: Hardening

Applicazione

Infrastruttura

S.O. e sw di base

Verificare lo “stato di salute” Log &

Monitoring

E se proprio ci capita qualcosa…

• Back-up & Recovery• SMS - Change Control &

Configuration Management

Reti Cablate e Reti Wireless

Il wireless arriva in fabbrica

Smart Control Systems

Smart Analytical

Smart FinalControl

Smart AssetOptimization

Smart Safety

Smart Measurement

Smart MachineryHealth

Smart Wireless

25

Esempio di rete “protetta”

Ergonomia / 1

• Donald A. Norman, La caffettiera del masochista• James Reason, L’errore umano

Ergonomia / 2

Evitare diConfondersi…

Ergonomia / 3

http://www.metroland.org.uk/signal/amer01.jpg

Eravamo abituati a…

Ergonomia / 4

Ora lavoriamo

In modo diverso.

http://www.ihcsystems.com/section_n/images/efficientdredgingnewsapril2005_Page_09_Image_0002.jpg

Dove trovo qualche suggerimento?

Clusit: “Introduzione alla protezione di reti e sistemi di controllo e automazione (DCS, SCADA, PLC, ecc.)”

sul sito www.clusit.it

Alessio L.R. Pennasilicoapennasilico@clusit.it

Enzo Maria Tieghietieghi@servitecno.it