Industrial Security , Mannheim, VDI. Tino Hildebrand Head Marketing & Promotion SIMATIC HMI Industrial Automation Systems Siemens AG

Industrial Security Wie sichern Sie Ihre Produktionsanlagen vor Angriffen aus dem Internet „Industrial Security to guarantee top performance in produc...
Author: Jeffry Burke
3 downloads 3 Views 4MB Size
Industrial Security Wie sichern Sie Ihre Produktionsanlagen vor Angriffen aus dem Internet „Industrial Security to guarantee top performance in production“ 09.02.2012, Mannheim, VDI Tino Hildebrand Head Marketing & Promotion SIMATIC HMI Industrial Automation Systems Siemens AG

© Siemens AG 2012. All Rights Reserved.

CERT (Computer Emergency Response Team): Global Network for cyber security issues and requests The organizational background for CERT organizations

CERT cooperation Department of Homeland Security (DHS)

ƒ The first CERT was founded in 1988 as a consequence of the first Internet Worm

National Cyber Security Division (NCSD)

ƒ Approx. 250 CERT organizations worldwide representing both governmental and private organizations Control Systems Security Program (CSSP)

ƒ Trusted information exchange via the FIRST (Forum of Incident Response and Security Teams) organization, new parties must be introduced by at least two existing members

Industrial Control System CERT (ISC-CERT) Focus :Control Systems only

cooperates with

US-CERT Focus: All IT- related issues related to US

ƒ Expected rules of cooperation between FIRST members are defined in FIRST operational framework

Page 2

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Current CERT landscape showing Siemens CERT and other exemplary CERT organizations Communication between Siemens & ICS-CERT

CERT cooperation Worldwide CERT network (over250 governmental/ private CERT organizations)

ƒ Siemens CERT is first contact point for cyber security issues and requests concerning Siemens internal IT as well as product issues and requests

US-CERT CERT-Bund(Part of BSI) GovCERT.NL ICS-CERT

ƒ Information is exchanged via trusted, encrypted channels (data) or telephone ƒ ICS-CERT has so far notified Siemens CERT with several vulnerabilities which were disclosed by researchers to them

UKCERT

CERT.CC Siemens CERT

AusCERT Product CERT Service

Corporate CERT Service

CNCERT

Source: CERT/CC

Page 3

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security What are the current publications all about?

Remember “Stuxnet” in 2010? ƒ Stuxnet was a highly sophisticated piece of malware ƒ Combined known and unknown vulnerabilities ƒ Designed to sabotage industrial processes

Page 5

2012-02-13

I IA AS S MP / Tino Hildebrand

What are this new SIMATIC “vulnerability”? ƒ Test of automation vendor components by ICS-CERT CERT ICS

= Computer Emergency Response Team(s) = Industrial Control Systems

ƒ Negative test results are sent as “alerts” to vendors ƒ Vendors patch weaknesses and/or warn customers

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Vulnerability Disclosures – Trends and Growth Reasons for a strong growth of vulnerability disclosures Trends ƒ Applications shifting to Cloud Computing approaches ƒ Increased use of Mobile Devices Weak members in the corporate security chain (top down) ƒ Employee ƒ Smartphone ƒ Laptops ƒ PC workstations ƒ Network infrastructure ƒ Mobile storage devices ƒ Tablet PC ƒ Computer centre ƒ Policies and guidelines ƒ Printer ƒ Production systems Page 6

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Why is Industrial Security so important? Industrial Security for protection of production plant and automation systems ƒ Possible threat scenarios: ƒ ƒ ƒ ƒ ƒ

Spying on data, recipes,… Sabotage of production plant Plant downtime e.g. caused by virus and malware Manipulation of data or of application software Unauthorized use of system functions

ƒ Possible effects of a security incident: ƒ ƒ ƒ ƒ ƒ

Page 7

Risk of death and serious injury Environmental impact Loss of intellectual property Loss of production or impaired product quality Damage to company image and financial loss

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security has to cover a broad range of objectives

Market security requirements ƒ Security requirements are driven by Process Automation (e.g. Pharmacy, FDA) and Energy Industry: ƒ Automated asset management of used components ƒ Automated identification of status of production ƒ (Legal) Proof of authorized exchange of devices ƒ OEM request: copy protection (even if reverse engineering is used) of their Software Components

Requirements in integrated security for automation products ƒ Know How Protection ƒ Access Protection and User Management ƒ Communication Security ƒ System Integrity ƒ Process security for the whole Supply Chain ƒ Additional Malware/Spyware protection

Industrial Security addresses end customers, machine builders and system integrators requirements Page 9

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Office and Industrial World with different requirements Requirements that a Security solution must meet in an industrial context ƒ 24/7/365 availability has top priority ƒ Open standards for seemless communication and functionality

Office Security

Industrial Security

ƒ Common standards, e.g. Microsoft systems software, as basis of automation solutions ƒ Constant operability and assured system access ƒ System performance

Confidentiality

Availability

Integrity

Integrity

Availability

Confidentiality

ƒ Protection against mal-operations and sabotage ƒ Know-how protection ƒ System and data integrity ƒ Continuous communication between office and production IT systems for real time monitoring and controlling ƒ Data transfer in real time for efficient production processes ƒ Support throughout the lifecycle of a plant ƒ Security trail and change management

Page 10

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security Why to implement a security strategy instead of having just security measures? Great Wall “Unconquerable” wall single layer of protection no more checkpoints behind the wall

No single security measure is good enough to prevent intrusions !

Defense in Depth multiple layers of protection each layer supports the other layers for every transition between two layers an attacker must spend time and effort Page 12

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security “Defense in Depth” strategy - Creating multiple layers of protection Potential Threat

Physical Security - Physical access to facilities and equipment

Policies & procedures -Security management processes -Operational Guidelines -Business Continuity Management & Disaster Recovery

Security cells & DMZ -Secure architecture based on network segmentation

DCS

Firewalls and VPN - Implementation of Firewalls as the only access point to a security cell

‘Defense in Depth’ because you should not rely on just one measure

System hardening

- adapting system from default to secure

User Account Management - Administration of operator und user rights (role based access control)

Patch Management Malware detection and prevention - Anti Virus and Whitelisting

Page 13

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security “Defense in Depth” strategy - Example

Prevention: • Firewall • VPN

Reaction: • IDS • IPS • Virus Scanner

Tolerant: • Embedded hardening

A safe and trustworthy operation needs more than one security layer - embedded security is needed Page 14

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Fundamental Industrial Security levels

Plant security ƒ Access blocked for unauthorized persons ƒ Physical prevention of access to critical components Plant IT security ƒ Controlled interfaces between office and plant network e.g. via firewalls ƒ Further segmentation of plant network ƒ Antivirus and whitelisting software ƒ Maintenance and update processes Access protection ƒ User authentication for plant or machine operators ƒ Integrated access protection mechanisms in automation components Industrial Security levels according to current standards and regulations

Security solutions in an industrial context must take account of all protection levels Page 15

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Automation Cells guarantee high productivity and ensure security requirements Complete plant security

Internet

Secure automation cells ƒ Structured actions as part of a comprehensive security concept are required on several different levels. ƒ One important protection level is to create secure automation cells by segmenting the network and restricting communication between the cells. ƒ Open communication between different automation components within a secure automation cell is state-ofthe-art and standardized (It is, for example, quite common to run production via OPC.)

= secure communication between automation cells

Page 16

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Automation Cells guarantee high productivity and ensure security requirements Complete plant security

Internet Secure automation cells

Secure automation cells ƒ Structured actions as part of a comprehensive security concept are required on several different levels. ƒ One important protection level is to create secure automation cells by segmenting the network and restricting communication between the cells. ƒ Open communication between different automation components within a secure automation cell is state-ofthe-art and standardized (It is, for example, quite common to run production via OPC.)

= secure communication between automation cells

Page 17

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Management OEM / System integrators

Requirements that operators of industrial automation systems must meet: ƒ Security guidelines and processes, ƒ Risk management in terms of security ƒ Information and document mgmt. ƒ etc. System-side requirements in terms of . ƒ Access protection, user control ƒ Data integrity and confidentiality ƒ Controlled data flow, ƒ etc.

Component suppliers

ƒ Measures and processes that prevent unauthorized access of persons to the surrounding area of the plant ƒ Physical access protection for critical automation components (e.g. locked control cabinets)

Operators

Industrial Security needs contribution by everyone

Requirements that components of an automation system must meet in terms of ƒ Product development processes ƒ Product functionalities

Page 18

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security Fundamental Industrial Security levels

Plant security ƒ Access blocked for unauthorized persons ƒ Physical prevention of access to critical components Plant IT security ƒ Controlled interfaces between office and plant network e.g. via firewalls ƒ Further segmentation of plant network ƒ Antivirus and whitelisting software ƒ Maintenance and update processes Access protection ƒ User authentication for plant or machine operators ƒ Integrated access protection mechanisms in automation components Industrial Security levels according to current standards and regulations

Security solutions in an industrial context must take account of all protection levels Page 20

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Siemens Industrial Security approach

Industrial Security Siemens Industrial Security approach

Implementation of practicable and comprehensive Security Management in terms of the technology used as well as the engineering and production processes. The interfaces to office IT and the Internet/Intranet are subject to clearly defined regulations - and are monitored accordingly.

PC-based systems (HMI, engineering and PC-based controls) must be protected with the aid of anti-virus software, whitelisting (positive lists) and integrated security mechanisms.

The control level is protected by various integrated security functions. Communication must be monitored and can be intelligently segmented by means of firewalls.

The Siemens Industrial Security approach is based on five key points that cover the main aspects of protection in all Industrial Security levels. Page 21

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Siemens offering

Industrial Security Services

Security Management

Products & Systems

Professional consulting from the initial planning steps, through implementation and operation of a tailor-made solution, right up to its modernization

ƒ Analysis of weak points

Within operations there is a clear need for processes and policies that cover all aspects for security

ƒ Operational guidelines form an essential part of every Industrial Security concept

Well thought-out concepts for the security of PCs, controllers and networks, fully in keeping with the spirit of Totally Integrated Automation

ƒ Integral security in PCs and controllers

ƒ Design of customized security solutions

ƒ Security products for networking and communication

Siemens supports in selectively implementing these measures – within the scope of an integrated range for industrial security Page 22

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security Security Management

Industrial IT Security Services

Security Management

Products & Systems

Security Management

Security Management Process

ƒ Security management and operational guidelines form an essential part of every Industrial Security concept ƒ Security measures have to be defined depending on the identified threats and risks to the plant

1 Risk analysis

ƒ Achievement and continuous preservation of the necessary security level needs a consequent security management process containing ƒ risk analysis with definition of mitigation measures ƒ coordination of organizational / technical measures ƒ regular / event-based repetition of the risk analysis.

4

2

Validation & improvement

ƒ Industrial Security must be established at suppliers, integrators and operators likewise. ƒ Products, plants and processes have to be compliant with existing due diligence based on laws, standards, internal guidelines and state of the art.

3

Policies, Organizational measures

Technical measures

Operational guidelines covering organizational and technical measures Page 24

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security “Defense in Depth” strategy - Creating multiple layers of protection Potential Threat

Physical Security - Physical access to facilities and equipment

Policies & procedures -Security management processes -Operational Guidelines -Business Continuity Management & Disaster Recovery

Security cells & DMZ -Secure architecture based on network segmentation

DCS

Firewalls and VPN - Implementation of Firewalls as the only access point to a security cell

‘Defense in Depth’ because you should not rely on just one measure

System hardening

- adapting system from default to secure

User Account Management - Administration of operator und user rights (role based access control)

Patch Management Malware detection and prevention - Anti Virus and Whitelisting

Page 27

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Physical Security

ƒ Ignoring the risk of physical security could undo all other security measures ƒ Restrict physical and unauthorized access to ƒ Facilities and buildings ƒ Control and equipment rooms ƒ Cabinets ƒ Devices, PCs (USB, CD/DVD) ƒ Switches, cables and wiring ƒ LAN Ports, WiFi,… ƒ Controller, IO System, PS, etc. Page 28

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Policies, Procedures,Training: Most critical path of an effective security strategy Management buy-in ƒ Defined Responsibilities ƒ Control System specific: ƒ Remote access & Service Laptops ƒ Portable Media ƒ Patch Management Strategy ƒ Malware Protection ƒ Mitigation and Disaster Recovery Plan ƒ Change Management & documentation ƒ Maintenance of Security Measures (e.g. FW rules) ƒ Regular Auditing of implemented measures ƒ Raise security awareness of personnel ƒ Provide training on policies and procedures Page 29

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Security Cells and DMZ: Key to a Secure System Architecture ƒ Limits the effect of a security threat to the local cell ƒ Internal network structure will not be visible from outside ƒ Access to the security cell only via clearly defined access points

Page 30

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Firewalls and VPN: Secure access to the security cell Virtual Private Networks (VPN) with Data Encryption secure connections between cells through an unprotected network SCALANCE S for encypted, authenticated data exchange between devices through the IPsec tunnel in the VPN The data exchange/communication is protected against: ƒ eavesdropping ƒ espionage and manipulation

Page 31

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy System Hardening ƒ Commercially available PCs contain a lot of software that is not used by the process control system ƒ Many viruses are written against common software like Internet Explorer, Media Player, Active X, Javascript,… ƒ Adapt an out of the box system from default to secure: ƒ Disable or lock down USB, CD/DVD, unused communication ports ƒ Remove and disable unnecessary applications, protocols and services e.g. e-mail, Games, Autorun, Screensaver, Messenger,… ƒ Apply latest MS Patches ƒ SSC Siemens Security Console (DCOM, FW, limiting file registry, sharing, and database access) ƒ Bios PW and limit desktop and system access

ƒ„IP hardened“ equipment ensures that critical automation components do not fail when subjected to communication stress Page 32

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Preventing a wide range of attacks: Patch Management ƒ

90% of all successful cyber security attacks are based on vulnerabilities for which patches have already been released

ƒ

Only 2% of all equipment is completely patched (source: Secunia)

ƒ

PCS 7/WinCC support for MS Security Patches ƒ

New MS Security Patches are tested for compatibility with latest/supported versions of PCS 7

ƒ

Test results published via Newsletter and FAQ http://support.automation.siemens.com/WW/view/en/18490004

ƒ

Patch Deployment via centralized Patch Server located in a perimeter network (DMZ) and Windows Server Update Serv. (WSUS)

ƒ

Setup of Patch Groups and Procedures for updating online (redundant system)

Page 33

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Malware detection and prevention: Virus Scanner & Whitelisting

ƒ The following virus scanners are approved: ƒ Trend Micro Office Scan ƒ Symantec Endpoint Protection ƒ McAfee VirusScan Enterprise

ƒ To avoid a negative impact on performance or response time of the system, follow the recommended setup guidelines for PCS 7/ WinCC based Control systems ƒ Whitelisting to Stop unauthorized applications and malware ƒ Whitelisting software creates or holds a list of programs and applications that are allowed to be executed on a PC ƒ Software that is not part of the „Whitelist“ will not be executed

ƒ Benefits ƒ no pattern updates required Æ less maintenance ƒ effective protection against zero-day exploits Page 34

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security - “Defense in Depth” strategy Summary ƒ Segmentation in Security Cells and DMZ

Enterprise Control Network

ƒ Cell access via Front & Back FW only Office PC

Office PC

WSUS or WWW IT - Firewall

WAN

WSUS AV Server Whitelisting Console

Front - Firewall

ƒ All Ports and Media Drives disabled ƒ PC hardening ƒ Latest MS Patches ƒ Role-Based Access Control and

Perimeter Netzwork (DMZ)

Quarantine - PC Back - Firewall

User Account Management with least privilege principle ƒ Anti Virus & Whitelisting ƒ File and data transfer to and from PCS 7 via „Quarantine PC“ and FTP/SFTP in DMZ

OS Client

OS Client Process Control Network (DCS)

OS Server

OS Server

Engineering Station

ƒ Remote access via secure communication, dedicated Access points and defined support user accounts ƒ and… ƒ Policies and Procedures !

Page 35

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Industrial Security

ƒ Introduction ƒ Technological challenges ƒ How to implement Industrial Security ƒ Siemens to support your Industrial Security strategy ƒ The Defense in Depth Strategy in detail ƒ Summary

© Siemens AG 2012. All Rights Reserved.

Industrial Security More security where it matters in industrial automation

Security at the control level

Security at the communication level

Security Management

IT Link to the Office World

PC based security functions

Î see the website Page 37

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Summary

ƒ Industrial Security is not only a topic of technical implementation, but starts from security awareness across all layers of management and employees ƒ Security is an ongoing task and must be ensured through all lifecycle phases Industrial Security

ƒ There is no 100% security – Security is a process involving management, operators, integrators and suppliers and not only a product for sale ƒ Siemens Industry Automation provides products, systems and solutions as well as professional services to ensure overall Industrial Security for customers

Page 38

2012-02-13

I IA AS S MP / Tino Hildebrand

© Siemens AG 2012. All Rights Reserved. Industry Sector

Thank you for your attention!

Tino Hildebrand Head Marketing & Promotion SIMATIC HMI I IA AS S MP

Phone: +49 (911) 895 7964 Fax: +49 (911) 895 15 3949 Cellular: +49 (173) 707 3246 E-Mail: [email protected]

© Siemens AG 2012. All Rights Reserved. 20120209_IndustrialSecurity_VDI_Mannheim_Hildebrand_EN.ppt

Suggest Documents