cyber security focus in abb: a key issue · sdl introduction training ... deployment guidelines....
TRANSCRIPT
Cyber Security focus in ABB: a Key issue
03 Luglio 2014, Roma
1° Conferenza Nazionale Cyber Security
Marco Biancardi, ABB SpA, Power System Division
• ABB introduction
• ABB Cyber Security organization & processes
• Security in ABB Life Cycles
• ABB Partnership
Cyber Security in ABBAgenda
145,000 employees in about 100
countries
$39 billion in revenue (2012)
Formed in 1988 merger of Swiss and
Swedish engineering companies
Predecessors founded in 1883 and
1891
Publicly owned company with head
office in Switzerland
A global leader in power and automation technologiesLeading market positions in main businesses
Power Products
Power Systems
Discrete Automation and Motion
Process Automation
$10.7 billion
36,000
employees
$7.9 billion
20,000
employees
$9.4 billion
29,000
employees
$8.2 billion
28,000
employees
(2012 revenues)
Low Voltage Products
$6.6 billion
31,000
employees
Electricals, automation, controls and instrumentation for power generation and industrial processes
Power transmission
Distribution solutions
Low-voltage products
Motors and drives
Intelligent building systems
Robots and robot systems
Services to improve customers
productivity and reliability
ABB’s portfolio covers:
How ABB is organizedFive global divisions
The foundation of Cyber SecurityWhat does it mean for ABB as an organization
Corporate foundation
Aw
are
ne
ss
Re
se
arc
h
Incid
en
t
Re
sp
on
se
IT S
ec
uri
ty
Tra
inin
g
Ma
na
gm
en
t
Su
pp
ort
Organizational priority at top management level
Global, cross-functional and long-term initiative
Formally established - it is not just a side task
Starts with improving people awareness and
operational readiness
Ex
tern
al
Ou
tre
ac
h
International standardization and regulation
ABB actively supports and drives the development of
international standards and regulations, for example:
Reference Title
IEC 62443 /
ISA 62443
Security for industrial automation and
control systems
IEC 62351 Power systems management and
associated information exchange - Data and
communications security
NERC CIP-
002 to -011
Critical Infrastructure Protection
IEEE 1686 Standard for Substation Intelligent
Electronic Devices (IEDs) Cyber Security
Capabilities
ABB involvement
For a more comprehensive overview of
cyber security standards, guidelines and regulations,
see http://inside.abb.com/cybersecurity
Cyber security is a process, not a project or productOrganizational readiness across the entire life cycle
Design
Implementation
Verification
Release
Support
Design
Engineering
FAT
Commissioning
SAT
Services and support for
• Operation
• Maintenance
• Review
• Upgrade
Product life cycle Project life cycle Plant life cycle
ABB follows international and national standards and
industry best practices to address cyber security
across the entire life cycle.
Product Lifecycle - Design & Implementation
Security Training depending on role:
SDL Introduction Training
Secure Design
Threat Modeling
Secure Coding
Security Testing
And more advanced training
Cyber Security Training for Developers
Formally established, centralized and independent security
test center
Leveraging state-of-the-art open source, commercial and
proprietary robustness and vulnerability analysis tools
Close collaboration with ABB developers providing in-depth
analysis and recommendations
Regular system tests at INL SCADA test bed (First Vendor!!!)
Product Lifecycle - VerificationState-of-the-art cyber security testing
Project Lifecycle – Engineering / CommissioningDeployment Guidelines
Plant Lifecycle - MaintenancePatch Management – Example
Validation of Microsoft security updates All relevant updates are tested for compatibility
Dedicated Security Test Lab covers supported versions
Other 3rd party SW (e.g. Adobe Reader, McAfee ) Released from SW vendor without schedule
Verified with next Microsoft Security Update
Verification status published the same way a Microsoft Security
Updates
Similar process for other ABB products
Plant Lifecycle - Maintenance
Minimize customer risk
This requires
Cultural change: Accept that vulnerabilities exist
(having a vulnerability is acceptable, improperly
handling them is not!)
Formal processes and policies
Proper communication at the right time
ABB has established a formal process and
vulnerability handling has top priority
To report a vulnerability:
Vulnerability handling & Incident response
Co
mm
un
ica
tion
First
Response
Initial Triage
Investigation
ReMediumtio
n
Notification
• Exclusively focused on OT since 2002
• Pioneering automation systems
management for security, compliance
and change management
• Turnkey technology and service
solution
• Multiple applications, one
platform
• Vendor agnostic
• Purpose built
• 10,000+ technology deployments
• 400+ customers
• 25+ countries
Industrial Defender at a Glance
Industrial Defender ranked #1 two years in a row by
independent analysts, and
the only choice for ICS
security, compliance, and
Change Management
ABB Partnership
Industrial Defender
Conclusions
As technology leader, ABB fully understands the
importance of and its role in Cyber Security for
industrial automation and control systems.
ABB is actively anticipating the security challenges
imposed by the changing landscape of the markets.
ABB is constantly adapting its systems to the latest
developments in security and is engaging with
external partners for security testing and consulting.
ABB has been involved in cyber security for control
systems for over a decade – long before the hype.
Contact informationQuestions, Comments, etc.
www.abb.com/cybersecurity