Upload File

scada.pdf

prev
next
out of 18
Download scada.pdf

Upload: ugur-aydemir

Post on 15-Oct-2015

37 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • SCADA

  • 1. SCADA2.SCADA3. SCADA System4. SCADA System Interface5. SCADA 6. Misconception about SCADA System Security 7. Security Vulnerabilities Affecting SCADA System8. SCADA Security Strategy - Network Rings of Defense9. SCADA System10. SCADA Configuration & Technical Controls11. SCADA System Attack Simulation 1/2/3 12. SCADA System 13. SCADA Technical Assessment Topics14. SCADA Security Plan

  • SCADA

    Supervisory Control And Data Acquisition Initial, .

    . SCADA Data.

    SCADA , , , , , , , , , .

    1.

    2. 1. , , 2. /, 3.4.5.6.Plant

  • SCADA1. Remote Terminal Units (RTU)RTU.

    2. RTUsMTU Data (Fiber Optic), (Dial-up)Modem.

    3. Master Terminal Units (MTU)MTU(Control Center). , KeyBoardMouseMTU .

  • SCADA System(Ex. )

    MODICON(Modular Digital Controller), Computer, RS-485(), ABB() , Ethernet , PC

    PLC(Programmable Logic Controller) Digital Signal, Server Control PC, ControlPC PLC .

  • SCADA System Interface

    System Control Log Visual Control System

    SCADA System System Ethernet IT

  • SCADA 1. Cyber terror. Microstan 2D, 3D autocad 2000 . 9 The national strategy To SECURE CYBER SPACE.

    2. 19981998 12, SCADA System. 489 400 5.3. 2000 4 SCADA System 2000 4, , Vitek Boden. 2 40 .

  • Misconception about SCADA System Security

    Misconception # 1The SCADA system resides on a physically separate stand-alone network

    Misconception # 2Connections between SCADA systems and other corporate networks are protected by strong access controls

    Misconception # 3

    SCADA systems require specialized knowledge, making them difficult for network intruders to access and control

  • Security Vulnerabilities Affecting SCADA System1. Common Vulnerabilities

    Web Site System, ,

    DNS Server Zone-Transfer IP, E-mail Transfer

    2. Network Structure FTP, WEB, Mail Server Network Firewall, IDS, VPN

    Network Segment Firewall Network

    3. Lack of Real-Time Monitoring Network Log IDS

    4. SCADA Control System User Interface VB, RAD Tool Data

    ODBC Interface Enterprise Information System TCP/IP Protocol

  • SCADA Security Strategy - Network Rings of DefenseAttacks can originate from

    1) either Internet Paths through the corporate network to the SCADA network.2) within the SCADA network from either upstream(applications) or downstream(RTUs) paths.

    Corporate Network SCADA Network

    Policies & ProceduresApplications

    Operating SystemProxy

    FirewallBorder Router

    SCADAPolicies &

    Procedures

    SCADA ApplicationOperating Systems

    SCADA Internal NetworkFirewall

    SCADANetworkNetwork

    Attacks DirectSCADANetwork Attacks

    External Exposure

    Internal ExposureExternal

    ExposureInternal Exposure

  • SCADA System1. Enterprise Information System Control System

    2. Control System Utility Tool

    3. Control System Vendor Port

    4. Remote management tool Control System Control

  • SCADA Configuration & Technical Controls

    Corporate Network

    Network for SCADA

    OperationsPartners,

    Energy Trading

    Remote Access

    Control (C) Control (B)

    Control (A)

    Operators

    Acquired data users

    Control (D)

    OperationsPartners,

    Energy TradingOther

    CorporatePartners Internet

    OtherCorporatePartnersInternet

  • SCADA System Attack Simulation 1

    DMZ Web Server Mail Server IP Internal Network Internal Firewall SCADA System

  • SCADA System Attack Simulation 2

    Control Scenario Server PC Virus Firewall ID Password

  • SCADA System Attack Simulation 3

    DMZ Access SCADA System Control System SCADA SystemPLC(Programmable Logic Controller) Line Signal Packet Capture Command Signal Control ( PLC Command)

  • SCADA System 1. Control System. .

    2. RTU IED IP . .

    3. Device Protocol (ex. UCA/MMS & DNP),

    4. Legacy System Legacy System.

    5.

    6. IDS Control Utility Protocol. , TCP/IP PLC Line Pattern.

  • SCADA Technical Assessment Topics

    Server hardening Network equipment access controls Server access controls Physical security Console security Secure communications Authorization according to principles of least privilege & segregation of responsibilityWireless Local Area Networks

    D

    Firewall topology & rule base ; other Internet controls like content filtering Authentication Auditing & logging Intrusion detection Wireless Local Area Networks Operating System hardening

    C

    The security of common points of management (e.g. SNMP, Consoles) Trust relationships at the Operating System(OS) level Protection of key shared resource infrastructure(e.g. Domain Name Services)

    B

    Location & sensitivity of data Topology Network Access Controls System access controls User Authentication User Entitlements Auditing & logging Intrusion detection Physical controls

    A

    Technical Assessment TopicsControl Points

  • SCADA Security Plan1. Security Policy

    Cyber Terror Cyber war Control System Control System PC Server Virus Control System Solution

    2. Security Technic DMZ VPN Server E-mail File/Directory Locking SCADA Control


LOW-COST AUTOMATION AND SCADA - Sevier Riverold.sevierriver.org/presentations/papers/pacificrim/scada.pdf · Hydropower Research (IWHR) and the irrigation district, Reclamation staff

ANEXO II - SCADAbibing.us.es/proyectos/abreproy/20231/fichero/ANEXOS%2FII-+SCADA.pdf · ANEXO II CONTROL REMOTO SUPERVISOR DE UNA COLUMNA DE PLATOS PARA DESTILACIÓN BINARIA ANEXO

Impact of SCADA on Research Projects at the Center for … of Scada.pdf · 2017-05-04 · Impact of SCADA on Research Projects at the Center for Petroleum Security at the University

Splunk*as*aPlaorm*for* Operaonal*Intelligence* …dataedge.ie/wp-content/uploads/2016/09/Splunk-SCADA.pdf · Leading*Plaorm*for*Industrial*Data Search Alert% Visualize Predict% Develop%

Arquitectura de Sistemas de Control - epsevg.upc.edu Sistemas SCADA.pdf · Sistemas SCADA. Supervisión de procesos Mediante la supervisión de un proceso se intenta asegurar el buen

5.1 Etiquetas de variables - Universidad de Sevillabibing.us.es/proyectos/abreproy/70609/descargar_fichero/5.+Interfaz+SCADA.pdf · Automatización y control de una planta experimental

Industrial Automation - Iníciounivasf.edu.br/~joseamerico.moura/pag_autom_arquivos/SCADA.pdf · Industrial Automation ~ 127 ~ Chapter 9. SCADA 9.1. Introduction and Brief History

THOR SCADA - vector-servicos.comvector-servicos.com/download/folders/ThorView-Scada.pdf · SISTEMA DE SUPERVISÃO DE TELEMETRIA WEB THOR VIEW O Thor View é um programa desenvolvido

SCADA - ecaths1.s3.amazonaws.comecaths1.s3.amazonaws.com/siiunt/937845270.Clase6-SCADA.pdf · SCADA: Funciones Principales Adquisición de datos, para recoger, procesar y almacenar

Introduction to SCADAatcplc.com/?download=pengenalan-scada.pdf · Elemen –elemen SCADA Sensor dan ... – Wireless LAN – GSM Network ... Human Machine Interface Graphic Displays

US DOT, Pipeline and Hazardous Materials Safety ...osfm.fire.ca.gov/pipeline/pdf/conference/scada.pdf · US DOT, Pipeline and Hazardous Materials Safety Administration, ... – SCADA

SIMATIC HMI - riad.pk.edu.plriad.pk.edu.pl/~lscislo/doc/kursy/scada.pdf(MS SQL-Server) pozwala na dost ęp do zasobów danych archiwalnych i przekazywanie ich do innych poziomów sterowania,

Vijeo Citect Technical Overview - Adaptive Engineering Pvt Ltd Citect SCADA.pdf · Modbus, Vijeo Citect, PlantStruxure, Schneider Electric, Vijeo Citect Lite, Modicon Quantum, TSX

Diseño e implementacion de plataforma SCADA.pdf

An Introduction to SCADA Systems and Substation Automation System SCADA.pdf · 132 kV Kurichu-Bongaigaon Over 16 links of 132/33/11 KV Radial links with Nepal Net import by Nepal

SCADA - Para PDFecaths1.s3.amazonaws.com/iv1/994360128.Apuntes 10 - SCADA.pdf · SCADA monitoriza el desempeño general de dicho lazo. El sistema SCADA también puede mostrar gráficas

2014 2. Peralatan Pada Sistem SCADA.pdf

Vijeo Citect Technical Overview - adaptive-engg.comadaptive-engg.com/Content/Downloads/Vijeo Citect SCADA.pdf · 4 5 Schneider Electric's Vijeo Citect ™ is the operating and monitoring

ejemplo Sistema SCADA.pdf

CITECT HMI/SCADA - irantvto.irresearch.irantvto.ir/uploads/83_314_CITECT HMI - SCADA.pdf · 2009. 6. 27. · هﺎﮔرﺎﻛﺮﻫ ياﺮﺑ هﺎﮕﺘﺳد 1 رﻮﺘﻛژوﺮﭘ

SCADA TECHNOLOGY: Conventional, Hosted and … Manlongat - Scada.pdf · Supervisory Control and Data Acquisition SCADA TECHNOLOGY: Conventional, Hosted and Hybrid

VERSION 2 STANDARDS / MANUALS / GUIDELINES FOR SMALL … CONTROL,SCADA.pdf · STANDARDS / MANUALS / GUIDELINES FOR SMALL HYDRO DEVELOPMENT ... 2.5 Monitoring and Protection for Micro

2007 Sistemas SCADA.pdf

Definisi SCADA - otomasi.elektro.pnj.ac.idotomasi.elektro.pnj.ac.id/wp-content/uploads/2017/01/Lab-Scada.pdf · pemograman, dan pengaplikasian software SCADA. Vijeo Citect dapat diaplikasikan

What is SCADA ? 1. Introduction - Futuronixfuturonix.in/download/scada.pdf · servers either directly or via networks or fieldbuses that are proprietary (e.g. Siemens H1), or non-proprietary

Sistemas SCADA - webdelprofesor.ula.vewebdelprofesor.ula.ve/nucleovigia/lisbethpe/page/is/archivos/SCADA.pdf · computadores que permiten ... La RTU se conecta al equipo físicamente

Appendix 1L Ugum Water Treatment Plant Detailed SCADA ...guamwaterworks.org/Adobe Files/WRMP/vol1/Appendix 1L-SCADA.pdf · Ugum Water Treatment Plant Detailed SCADA Assessment

MACS-SCADA. HollySys-Scada.pdf · MACS-SCADA is a software platform which is applied to developing large scale SCADA Systems. It provides all kinds of infrastructure for general distributed

Supervisory Control And Data Acquiiiisitionlcr.uns.edu.ar/electronica/introducc_electr/2010/clases/scada.pdf · scada Ess u s ste a que co ecta datos p ove e tes de d e e tes se so

안전에관한주의 - ::: (주)필드 :::fieldfa.com/images/SCADA.pdf · Can adapts internet as the standard network for excellent expansibility ... Over 1,500 copies are sold every

SCADAlistrik pada rele jarak. aApabila terjadi gangguan pada zona transmisi / penghantar yang menghubungkan dua gardu induk, maka rele jarak akan merasakan adanya 36 ...unhas.ac.id/tahir/BAHAN-KULIAH/ELIN/SCADA/SCADA.pdf ·