Much has been said about this subject in the last few years,
yet little is being done. Most utilities have looked at the subject quietly,
done some work in the area, and taken limited steps to preclude significant
common mode failures due to cyber intrusions.
But few would pass a rigorous audit, and many systems, (generation,
T&D, and ISO), have external or internal connections that can be used
remotely to make dangerous or damaging changes either intentionally or by
accident. NERC and FERC struggle with how
much is enough. What should you be doing
now? What have industry leaders
done? This session will put these
questions into perspective so that you can take appropriate action, if you have
not already dealt with this issue.
P041-“Control Systems Security”
Timothy
McCreary and Allen Hsu, HF Controls Corp
Power and process plants’ chief operations goal is to make
product. The heart of most plant
operations is the I&C system. With
the march towards open architecture, the I&C system is more vulnerable than
ever to system security attacks (denial of service, virus attacks and others),
thus jeopardizing plant operations.
Plant staff must spend large amounts of time and money setting up and
monitoring a variety of security strategies to counter the threats and actual
attacks to the system. This time and
money is a drain on the financial performance of a plant and distracts valuable
operations resources from their real goals:
product. The pendulum towards
complete open architecture may have swung too far. Not all aspects of proprietary hardware and
software are necessarily ‘bad’.
P031-”Top 10 Process Control System
Cyber Vulnerabilities”
Bob Webb,
Consultant,
The North American Electric Reliability Council (NERC) Control
Systems Security Working Group (CSSWG) has issued a Top 10 Cyber Security
Vulnerabilities list along with proposed mitigation approaches. The NERC list is not specific to plant
process control systems including DCSs, PLCs, and field instrumentation. This
paper reviews the NERC Top 10 list and mitigation approaches in the context of
a typical DCS based power plant control system, suggesting alternatives where
appropriate. The suggestions are based
on actual field experience and ISA SP99’s Manufacturing and Control Systems
Security work.
P029-”Control Systems Security”
Ron Derynck,
Verano
Control system security is an important issue
and with the NERC CIP standards coming into play, power station owners will
need to respond. But security is only one aspect of the larger goal of
maintaining control system availability. System performance, application
health, and network integrity - as well as security - all combine to determine
availability.
Power plant control systems normally exhibit stable, predictable
characteristics. Any deviation indicates either a performance problem or a
possible security breach. Attempted penetrations, viruses, worms and Trojans
leave telltale signs that can be detected. This presentation examines how an
integrated security solution can protect the control network perimeter and
detect the anomalies – whether health or security related – that are early
indicators that system availability is at risk.
Detecting and aggregating anomaly information allows network
engineers to be alerted while there is still time to react and collects the
information needed for NERC incident reporting. Selecting from a set of
pre-planned lock-down levels allows perimeter protection to be adjusted based
on current threat levels.
When appropriately designed, taking into consideration limitations
of older control systems such as low bandwidth and restricted CPU resources, an
integrated security solution can be safely added to legacy control systems.
This approach can be an attractive alternative to an expensive control system
upgrade solely to address security concerns.
P034-“Mitigations for Security
Problems found in Control Systems Networks”
May Permann,
John Hammer, Kathy Lee,
The Department of Homeland Security (DHS)
National Cyber Security Division (NCSD) established the Control Systems
Security Center (CSSC) to help industry and government improve the security of
the control systems used in the nation’s critical infrastructures. One of the main objectives of this program is
to identify vulnerabilities in these control systems and their
mitigations. In on-site assessments, the
INL has observed that though industry is aware of the need for security,
security procedures and devices are not always implemented correctly. This paper will discuss common problems and
vulnerabilities seen in on-site assessments of control systems and suggest
mitigation strategies. The intent is to
provide asset owners information to better protect their systems from these common
security flaws
P035-“Survivable Wireless Ad Hoc
Networks for the Power Industry”
William
Miller, Maximum Control Technologies
Survivable
routing protocols are able to provide service in the presence of attacks and
failures. The strongest attacks that protocols can experience are attacks where
adversaries have full control of a number of authenticated nodes that behave arbitrarily
to disrupt the network, also referred to as Byzantine attacks. The
survivability of an ad hoc (mesh) wireless routing protocol in the presence of
several Byzantine attacks, i.e. black holes, flood rushing, wormholes and
overlay network wormholes will be discussed. Traditional wireless routing
protocols assume that all nodes can be trusted, fail to defend against such
attacks. This presentation will discuss the use of a secure routing protocol
that insures that only trusted nodes are allowed to participate in the network.
If a node fails or exhibits un-trusted behavior, it can be excluded. The
protocol must adapt to an environment which usually exhibits multi-path conditions
and further provides proactive action to insure continuous operation. The
metrics required will be reviewed with respect to reliability and security for
wireless networks in the power industry.