Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
-
Upload
digital-bond -
Category
Technology
-
view
250 -
download
1
description
Transcript of Sharing Plant Data with Phones, Tablets and the Cloud (Englsh)
Sharing Plant Data With Phones, Tablets and the
Cloud
Dale PetersonDigital Bond, Inc.
[email protected]: @digitalbond.com
Two Reasons
Why would a remote user or application need access to an ICS?
1. Monitor or use the ICS dataPotential Impact: Loss of confidentiality of ICS data
2. Control the ICSPotential Impact: Loss of availability and integrity of ICS
Big Data in The Cloud
• GE On Site Monitoring (OSM)• 15 Terabyte Database• 93 Million Fleet Operation Hours• More than 30,000 Hours Every Day• More than 1500 Turbines (now 1800+)• Early warning of 60+ Failures• $70M Customer Savings in 2011
Source: 2012 GE Data Sheet
GE Security
• Two-factor authentication• VPN tunnel• Firewall• IDS/IPS and anti-virus• Background checks
But … it is an extremely high value target because it can shut down 1800 power plants
Vendors As Targets / Watering Holes
Google Finds Everything
How can we get the benefits of this type of monitoring and data analysis
without putting the availability andintegrity of the ICS at risk?
Push the ICS Data Out!
GE Security
ICS Data On Mobile Devices
• Same as the cloud example
PUSH IT OUT
PI Server Examples
• OSIsoft PI is market leader in Historian by far
• Accepts almost any type of ICS data
• Other solutions are GE Proficy and vendor specific solutions
PI Coresight
Transpara Visualization
• http://demo.transpara.com
I Need The ICS Data!
• Answer … yes, we can provide that without risking the integrity or availability of the ICS– Here is how we do it– Here is what it costs to provide the data in the
format you requested– Business decision if the benefit of the data is
worth the investment
Control
• Almost every ICS has the need for emergency remote access with a control capability– It will be done poorly and insecurely if not
available– There are times where the risk of not having
immediate access is greater than the risk of allowing remote access
– Keyword: Emergency
Emergency Remote Access
• Create ICS Remote Access DMZ• Deploy a Jump Server
– Many solutions available• Physical disconnection• Require Operator to enable connection
– Build process around establishing connection– Have physical connection timeout– Review logs for “emergency” use
Assertion
A motivated and moderately skilled attacker could easily gain continuous access to the
ICS from the Internet.
How? Compromise an enterprise network computer or mobile device
that accesses the ICS.
ICS Spear Phishing
• Three pipeline companies participated• Only company name provided to
researchers• Goal: Compromise PC’s with remote access
to the control system (SCADA)
Why Remote Access to ICS
• Convenience and Cost• Convenience
– People don’t want to go to a control area– Easy to change if risk is understood
• Cost– Reduced staffing, necessary people are not on
site– Partial solution: make data available and have
remote support call in operational changes
Don’t Give Up
• ARC Advisory Group on Iconics App
HMI in The Cloud?
• Will we see Operator Stations / HMI and other ICS components run in the cloud?
• What are the security implications of this?
• One thought – If an ICS owner/operator is not going to secure and maintain the ICS, the risk of the HMI in the Cloud may be less than the owner/operator hosting and running the ICS– Think small organizations with limited IT &
security
Questions