Presentations
Software Errors: Critical Oversights in Critical Infrastructure Protection
Critical infrastructure operators depend on SCADA and process control systems to deliver accurate, real-time data for analysis and to relay control requests promptly. Errors in the software that runs these systems can result in transmission of stale or incorrect data or in discarding or modification of control requests. Such failures impede the operator's ability to assess the state of the system and to control it reliably. Finding and eliminating errors in software therefore plays an essential role in ensuring that PCS operations remain robust and secure. At this session, you will learn about DEADBOLT, an I3P tool that improves PCS vendors' ability to discover and address software errors before deployment.
Motivated Adversaries: What Operators Need to Know
Process control systems are threatened not only by "Hit Enter" types of attacks, such as worms and viruses, but also by motivated adversaries, whose strikes are chillingly effective. Like skilled chess players, these adversaries watch how their opponent reacts before making the next move. A motivated adversary also knows how to compromise a system's troubleshooting heuristics, rendering them ineffectual to the operator and using them to personal advantage. This session introduces the Operator Response Training Simulator (OPSIM), a tool to help operators understand not only how motivated adversaries work, from attack design to execution, but also how to appropriately troubleshoot and respond to such an attack with minimal operational impact.
Best Practices in Firewall Configuration: Checking for Compliance
Firewalls control the flow of network traffic through a PCS system, traffic that carries both data and command information. Studies show that firewall misconfiguration is common, so the traffic allowed by a network of firewalls may be different from what is intended or expected. Participants in this session will learn about the I3P's Access Policy Tool (APT), which utilizes configuration best-practice recommendations from NIST (and others) to check against the rules that actually govern traffic in a control system. Participants will also learn how APT was developed to meet the needs of a stakeholder whose PCS system involves over 50 firewalls and how APT performed on that system.
Monitoring PCS Networks: A Sound Strategy for Enabling and Maintaining Security
Interconnectivity between business and process-control networks--enabled by the use of TCP/IP in field-level protocols--exposes process-control networks to serious attacks. This session focuses on a distributed monitoring architecture (SecSS) for the Modbus protocol that offers a successful counter-strategy to such attacks. The architecture employs a distributed network of sensors that relay field protocol data to a central database. The use of a central database enables the development of solutions where (i) global activity and communications can be carefully and effectively monitored and (ii) software integration with high-level PCS and IT security tools becomes a possibility. In addition, SecSS is scalable, distributable and designed to have minimal impact on network bandwidth.
Location-Based Access Control of PCS Operators
Operator workstations within a control center are vulnerable to attack both remotely and by malicious insiders. This session will show how a system, utilizing commercially available technologies, can provide role-based access control without impacting the operational constraints of the process control environment. Learn how an unauthorized insider can be prevented from issuing unapproved commands, how an outside attack would have to be coordinated with an authorized user's location, which is easily identifiable, and how a novel technique can identify who issued a critical command for forensic purposes.
PCS (and Corporate) Risk: It’s Not Just About Availability
Doing a risk assessment of your Process Control System (PCS) network? Looking for vulnerabilities that could be exploited to make network resources unavailable? That’s good, but is it enough? Confidentiality may be a bigger deal than you think. At this session, you will hear how Confidentiality, Integrity, and Availability concerns can vary within a plant, and how they can affect corporate risks. Learn how the Risk-to-Mission Assessment Process (RiskMAP) handles all three concerns (C, I and A) as it translates between the techno-speak of PCS network risk assessments and the corporate language of business risks.
