Upload
vominh
View
218
Download
1
Embed Size (px)
Citation preview
Safety System against Cyber AttackAddressing safety and security concerns
Fabio Beda
Confidential Property of Schneider Electric
Legal Disclaimer
• Copyright © Schneider Electric 2017
• The information contained herein is the property of Schneider Electric and any other use or disclosure of
such information is prohibited.
• This report shall not be reproduced, copied or used in whole or in part without prior written approval of
Schneider Electric.
• All rights reserved.
• The names, logos, and taglines identifying the products and services of Schneider Electric are proprietary
marks of Schneider Electric or its subsidiaries.
• All third party trademarks and service marks are the proprietary marks of their respective owners.
• Not for distribution.
• All dates are currently scheduled dates and are subject to change.
Page 2Confidential Property of Schneider Electric |
What is a Safety Instrumented System (SIS)?
Formal Definition:
SIS – “Instrumented System used to implement one or more safety
instrumented functions (SIF). A SIS is composed of any combination
of sensor(s), logic solver(s), and final element(s).”
[IEC61511 / ISA 84.01]
Informal Definition:
Instrumented Control System that detects “out of control” conditions
and automatically returns the process to a safe state
“Last Line Of Defence”
(Not basic process control system (BPCS)
Page 4Confidential Property of Schneider Electric |
Know the risks - Incidents that define Process Safety
Evolving Standards
2003 2010 20161996 1997
ISA SP84
Safety Lifecycle, Quantitative Approach
IEC61508
Safety Lifecycle, Quantitative and Qualitative Approach
IEC61508
2nd Edition
ANSI/ISA 84.01 = IEC61511
Functional Safety, SIS for the Process industry
(Except for Grandfather Clause)
IEC61511
2nd Edition
Nothing is more important than safety to the process control industry. Standards continue to
evolve as the industry continues to learn and improve.
Where would I need a SIS?
ESD Emergency ShutDown System
F&G Fire and Gas System
BMS/BPS Burner Management System/Burner Protection System
HIPPS High Integrity Pressure Protection System
TMC Turbo Machinery Control System
Emergency Shutdown Fire and Gas High Integrity Pressure Protection Burner Management
Boiler protection Pipeline protection Turbomachinery
control
Know the risks
Page 7Confidential Property of Schneider Electric |
Process
Safety
(IEC61511)
Cyber
Security
(IEC62443)
Digital
Events
Outside
the fence
Process
Events
Inside
the fence
Protect
Man from the machine
Protect
Machine from man
Know the risks
Page 8Confidential Property of Schneider Electric |
Process
Safety
(IEC61511)
Process
Events
Inside
the fence
Protect
Man from the machine
• Safety per IEC 61508
• Freedom from unacceptable risk of harm (to
people, equipment, environment) from the
Equipment Under Control
• Risk is probabilistic : Process hazards Risk
Reduction Factor SIL
• SIL is a function of dangerous undetected
failure rate & Proof test interval
– This is an inherent property of the Safety Logic
Solver
Know the risks
Page 9Confidential Property of Schneider Electric |
Cyber
Security
(IEC62443)
Digital
Events
Outside
the fence
Protect
Machine from man
• Security per IEC 62443
• Freedom from risk of incident
• Incident = event in which a particular threat
exploits a vulnerability
• is the ease of exploiting a vulnerability that
causes or can cause deterioration of function
of the system i.e. includes the attacker’s
property
• includes compromise of availability, integrity,
confidentiality / stealing
• Thus includes business and operation risk
Security Profiles
GS EP INS 135 – Clause 5.1
Security Level Definition
(IEC62443)
SL 1 Casual or coincidental violation
SL 2Intentional violation using simple means with low resources, generic skills
and low motivation
SL 3Intentional violation using sophisticated means with moderate resources,
IACS specific skills and moderate motivation
SL 4Intentional violation using sophisticated means with extended resources,
IACS specific skills and high motivation
Page 10Confidential Property of Schneider Electric |
Safety
Integrity
Level
Safety Probability of
failure on
demand
SIL 1 90% to 99% 1% to 10%
SIL 2 99 to 99.9% 0.1% to 1%
SIL 3 99.9% to 99.99% 0.01% to 0.1%
SIL 4 >99.99%0.001% to
0.01%
Most stringent
Cyber Security Safety
Page 11Confidential Property of Schneider Electric |
Cyber Security Risk Assessment
Page 12Confidential Property of Schneider Electric |
Industrial Information System (SII)
Measure
Control Protect
Operate Engineer Maintain
Enterprise Information System (SIE)
Resource
PlanningScheduling Finance
Maintenance
Management
Asset
Management
Environment,
Health, Safety
Incident
Management
Work
Authorization
Performance
and ReportingI
T
O
T
Risk Assessment
Risk Assessment
• Difficult to identify ICSS assets and assess vulnerabilities
• Challenge to determine the impact or consequence
• Difficult to estimate the likelihood or frequency
Expertise
Expertise
The current threat landscape
Page 13Confidential Property of Schneider Electric |
Cybersecurity landscape
Page 14Confidential Property of Schneider Electric |
ICS cybersecurity marketMillion
$USD
Source: ARC estimates
0
5,000
10,000
2014 2015 2016 2017 2018 2019 2020
Hardware Software Services
50,000
150,000
250,000
350,000
450,000
550,000
2012 2013 2014 2015 2016 2017
Over 500,000 new
malware per day
AV-Test.org Jan 2017
• NSA hacking tools stolen – Vault7
• Equifax – 143 million affected
• UBER – 50 million affected
• Critical industrial system attacks:
o Petya – 2,000 companies
(2017 Food & beverage)
o Wannacry - 150 countries
(2017 Medical & manufacturing)
• Food & beverage, energy, manufacturing:
o 2017 Cadbury factory
o 2017 Saint Gobain
o 2015 & 2016 Ukraine power grid
Recent industrial cyber incidents:
New malware created
Cybersecurity Market growth at 12.8% CAGR and Services at 15.7% CAGR
Today’s biggest threat vector
Page 15Confidential Property of Schneider Electric |
Page 16Confidential Property of Schneider Electric |
Perimeter security?
Physical security?
Layer 1 security?
Endpoint security?
Encryption?
Remote access?
Gaining the security edgeWhere should we focus our efforts?
Strategic Attack aimed at disrupting industrial
activities for:
- Monetary
- Competitive
- Espionage
- political or social gain
- or even as result of personal grievance
Page 17Confidential Property of Schneider Electric |
Gaining the security edgeWhere should we focus our efforts?
Cybersecurity Services & Solutions
Confidential Property of Schneider Electric
Connected Products
Edge Control
Apps, Analytics & Services
EcoStruxure
Platform
En
dto
En
d
Cyb
ers
ecu
rity
Clo
ud
an
d/o
r
On
Pre
mis
e
GridBuilding Data Center Industry
GRIDDATA CENTER PLANT MACHINEBUILDING POWER
EcoStruxure: 3 Innovation Layers, 4 End Markets, 6 Architectures
Page 4Confidential Property of Schneider Electric |
Policy and
Procedure
Physical
Network(s)
Application(s)
Host
Peer to Peer
Device SIS Logic Solver
Interconnectivity between safety
devices
Engineering, maintenance and
operator workstations
Cabinets, key switches,
physical access
Defence in Depth
Software Application:
engineering, operator,
maintenance, data analytics.
SIS to non safety systems
(DCS, HMI, Comms servers
etc.)
Standards, Compliance,
Best practices
Training and AwarenessPage 20Confidential Property of Schneider Electric |
Differentiation:
• Depth in IT
• Depth in OT
• Flexible solutions
• Custom design
Defense in depth:
• People
• Process
• Technology
Cybersecurity solutionsSecuring the operational lifecycle
Policy & Procedure
Asset Inventory
Gap Analysis
Risk & Threat
Compliance
Defense in Depth
Secure Architecture
Asset Management
Policy & Procedure
Security Assurance
Level
Policy & Procedure
Hardware & Software
System Hardening
Solution Integration
Knowledge Transfer
System Upgrades
Security Patches
Awareness &
Training
Incident Response
Penetration Testing
TrainSecurity
Awareness
Security
EngineerSecurity
Administrator
Advanced
Expert
People
Technology
Process
Assess Design Implement Monitor Maintain
Firewall Security
Device Mgmt.
Unified Threat Mgmt.
NIPS Device
Security Mgmt.
SIEM Security
Device Mgmt.
Page 22Confidential Property of Schneider Electric |
International standards compliance
Page 23Confidential Property of Schneider Electric |
Thank You
Find us at Desk 11