2012 scada protection x assintel nov2012 tieghi scada security
DESCRIPTION
Presentazione del seminario su SCADA Security tenuto in Assintel il 22.11.12 (vedi qui link http://www.assintel.it/eventi/836.jspTRANSCRIPT
![Page 1: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/1.jpg)
Proteggere da incidenti cyber i Sistemi di controllo nell’industria e infrastrutture
Enzo M. Tieghi [email protected]
![Page 2: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/2.jpg)
Enzo Maria Tieghi
• Amministratore Delegato di ServiTecno
(da oltre 20 anni software industriale)
• Consigliere AIIC, attivo in associazioni e gruppi di studio
per la cyber security industriale (ISA99 member)
• In Advisory Board, gruppi e progetti internazionali su
Industrial Security e CIP (Critical Infrastructure Protection)
• Co-autore ed autore pubblicazioni, articoli e memorie
2
![Page 3: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/3.jpg)
Enzo Maria Tieghi
• Amministratore Delegato di ServiTecno
(da oltre 20 anni software industriale)
• Consigliere AIIC, attivo in associazioni e gruppi di studio
per la cyber security industriale (ISA s99 member)
• In Advisory Board, gruppi e progetti internazionali su
Industrial Security e CIP (Critical Infrastructure Protection)
• Co-autore ed autore pubblicazioni, articoli e memorie
3
![Page 4: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/4.jpg)
Identifichiamo e definiamo il perimetro
IT Security & Control System Protection: dove?
![Page 5: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/5.jpg)
Il 21/2/2012 sul Blog di Clusit
“Sicuramente” (blog.clusit.it) Due settimane da Incubo per la Cyber Security (in Olanda)!
![Page 6: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/6.jpg)
Shodan, Moxa, Password…
![Page 7: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/7.jpg)
Mai provato a controllare
se il vostro impianto ed iI
sistema che lo controlla
siano protetti contro….
![Page 8: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/8.jpg)
Errori Umani
Rotture HW / SW
Sabotaggi
Interruzioni di corrente
Fuoco?
![Page 9: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/9.jpg)
Infatti, sappiamo tutti
che, senza adeguate
contromisure, i rischi
crescono e possono
portare a:
![Page 10: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/10.jpg)
Interruzione del servizio
Perdita di prodotto e produzione
Perdita di I.P.
Problemi di Safety/impatti su ambiente
Impatti sulla qualità del servizio
Fermate dell’impianto
![Page 11: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/11.jpg)
![Page 12: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/12.jpg)
Ecco alcuni punti:
• Seg/Seg (i.e. ISA99/IEC62443 std)
• Performance Monitoring
• Change Control, Configuration Mgmt
Version & Backup Management
• In prospettiva: Cloud, Mobile, BYOD ….
![Page 13: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/13.jpg)
No alle “reti piatte”: Seg/Seg
Segmentation & Segregation
![Page 14: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/14.jpg)
Zones & Conduits (ISA99/IEC62443)
![Page 15: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/15.jpg)
Esempio di “Security Architecture”
Enterprise
Control
Network
Manufacturing
Operations
Network
Perimeter
Control
Network
Control
System
Network
Process
Control
Network
Source: Byres - Tofino
![Page 16: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/16.jpg)
Protezione di Zone & Conduits con
Firewalls (multilayered defence)
Corporate Firewall
Industrial Firewall
Source: Byres - Tofino
![Page 17: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/17.jpg)
![Page 18: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/18.jpg)
…
The purpose of monitoring
performance is to enable
the delivery of a
consistent and timely
service to system users;
this aligns closely with
ITIL®, which looks at
Performance Monitoring
as a sub-process of
Performance Management
in the context of the
continuous improvement
of Capacity Management
…
![Page 19: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/19.jpg)
Ho una copia completa di back-up
del sistema (e dei dati) ?
Ho mai provato il recovery?
![Page 20: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/20.jpg)
Chi ha fatto cambiamenti sul
mio impianto?
Ai PLC, DCS, SCADA?
Quando?
Dove?
![Page 21: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/21.jpg)
C’è un unico repository ove
recuperare la versione autentica del
programma e della documentazione
necessarie per eventuali ripartenze?
![Page 22: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/22.jpg)
Possiamo chiedere un confronto
dettagliato con la notifica di tutte le
differenze?
![Page 24: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/24.jpg)
Introduzione
alla Security
Esempio di rete “con protezioni”
![Page 25: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/25.jpg)
SCADA
Server
Client Scada-Historian-KPI
1
3
4
6
7
Mobile BI- KPI/
Allarmi
RTU su APN
Privata/Pubblica
2
5
Datacenter/Historian
Server
KPI/
ALM
Server
CLOUD, MOBILE,
BYOD….
![Page 26: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/26.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
![Page 27: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/27.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
![Page 28: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/28.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
![Page 29: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/29.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
![Page 30: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/30.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
![Page 31: 2012 Scada Protection X Assintel Nov2012 Tieghi SCADA Security](https://reader034.vdocuments.net/reader034/viewer/2022052202/5575d44ad8b42a917e8b4b70/html5/thumbnails/31.jpg)
AIIC – Associazione Italiana esperti Infrastrutture Critiche
•GdL "Sicurezza dei Sistemi Idrici", coordinatori Roberto Setola e Enzo Maria Tieghi •GdL "Sicurezza dei Sistemi SCADA", coordinatore Stefano Panzieri www.infrastrutturecritiche.it