Nessun titolo diapositiva - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Nessun titolo diapositiva

Description:

1. Securing Critical Infrastructure - Grenoble October 26, 2004 ... 'Security for Information Systems and Intranets in Electric Power Systems' ... – PowerPoint PPT presentation

Number of Views:20
Avg rating:3.0/5.0
Slides: 19
Provided by: Bro128
Category:

less

Transcript and Presenter's Notes

Title: Nessun titolo diapositiva


1
Emerging Standards and Methodological Issues for
the Security Analysis of Power System
Information Infrastructures
Emerging Standards
Methodological Issues
Giovanna Dondossola Olivier Lamquet Automati
on Information Technology http//www.cesi.it/

CESI
Marcelo Masera Joint Research Centre Institute
for the Protection and Security of the Citizen
http//cybersecurity.jrc.it http//www.jrc.cec.eu
.int
Securing Critical Infrastructure - CRIS
2004 Grenoble - October 26, 2004
2
Outline
  • References
  • IEC TR 62210
  • Methodology
  • Architectural Patterns
  • Ongoing work


3
References Electronic Security of SCADA systems
  • Critical Information Infrastructure Protection
  • National Infrastructure Security Co-ordination
    Centre - NISCC
  • forum SCADA and Control Systems Information
    Exchange
  • CERT-UK for SCADA
  • SCADA Incident Database
  • British Columbia Institute of Technology - BCIT
  • Testing platform of SCADA vulnerability
  • Vulnerability analysis of SCADA protocols
  • Firewall in SCADA systems
  • Industrial Security Incident Database
  • CISCO Critical Infrastructure Assurance Group -
    CIAG
  • Idaho National Engineering and Environmental
    Laboratory -INEEL/SNL
  • SCADA National Test Bed


4
References International Standard Committees
  • Joint Working Group Cigrè D2/B3/C2 01
  • Security for Information Systems and Intranets
    in Electric Power Systems
  • IEC Technical Committee 57
  • Power Systems Management and Associated
    Information Exchange
  • Working Group 15 Data and communication
    security
  • North american Electric Reliability Council -
    NERC
  • Security Guidelines for the Electricity Sector
  • Vulnerability and Risk Assessment Methodology
  • Electric Power Research Institute - EPRI
  • Infrastructure Security Initiative
  • IEEE Power Engineering Society (PES) Power System
    Communications Committeee (PSCC)
  • new Working Group Information Security Risk
    Assessment
  • American Gas Associations
  • Series of AGA-12 reports


5
IEC TR 62210 Introduction
  • Title Power system control and associated
    communications - Data and communication security
  • Starting point
  • Increasing use of ICT Public Information
    Network for the Supervision and Control of Power
    Systems
  • Currently used protocols lack security functions
  • Purpose
  • To make power systems actors aware of cyber
    security issues
  • To provide recommendations to all the IEC working
    groups in order to develop standards for security
    of the new communication protocols
  • To make a security analysis of the communications
    protocols within the authority of TC57
    (specifically the IEC 60870-5 series, the IEC
    60870-6 series, the IEC 61850 series, the IEC
    61970 series, and the IEC 61968 series) through
    the development of protection profiles
  • To undertake the development of technical reports
    on end-to-end security

6
IEC TR 62210 Key points (1)
Corporate security process
7
IEC TR 62210 Key points (2)
Model of communications inside electrical power
system
Business information flow
Radio, PLC, Private, Leased, POTS
Communication topology
8
IEC TR 62210 Key points (3)
  • Proposal of a methodological support for a
    security analysis based on user consequence
    construction of a cause-to-consequences tree
    which will be used as input to Protection
    Profiles and Security Targets documents
    elaborated with reference to ISO15408 (CC)

1-Identification of the stakeholders and of their
stake (business process)
2- Selection of consequences that can affect the
system
3- Identification of events that can cause the
consequences to be realised
4- Identification of primary causes or security
threats
9
IEC TR 62210 Key points (4)
  • A first contribution to security analysis within
    TR 62210
  • To focus on application layer security issues
  • To subdivide threats into concentric categories
  • Documentation of sets of possible threats
    organised with reference to the security
    objective they can affect Confidentiality,
    Integrity, Denial of Service, Non repudiation and
    Administration

10
IEC TR 62210 Key points (5)
  • Recommendations for future work of TC57 working
    groups
  • To refine categories of business processes and of
    consequences
  • To analyse security issues for layers besides
    Application layer
  • To make a security analysis for different
    communication protocols under the scope of TC57
  • IEC 60870-6 TASE 2 (communications betwen
    telecontrol centres) has the highest priority
  • Development of Protection Profiles and
    consequencesdiagrams for the protocols under
    study
  • To identify the architectural patterns of systems
    inside TC57 and make a security analysis of these
    patterns, which can be used as template for any
    security analysis of a particular system

11
Methodology Overview
ISO 17799
CESI-JRC approach
Assets
Vulnerabilities
Data Sources
Threats
Loss
Attacks
  • Phases
  • Pre-assessment
  • Vulnerability Assessment
  • Threat Assessment
  • Attack Assessment
  • Security Failure Identification

Security Failures
Security Objectives Requirements
System Architecture
12
Methodology Pre-Assessment
  • System description
  • Name
  • Manager
  • Scope
  • Function
  • Behaviour
  • Context
  • Consequences
  • Safety, Privacy, Business
  • Processes
  • Technique, Service, Market
  • Security Policy
  • System description
  • Sybsystems and Stakeholders
  • Internal Subsystems
  • External Subsystems
  • Stakeholders
  • Dependency Topology
  • Assets
  • physical
  • software
  • information
  • auxiliary services
  • business services
  • Informative Flows

13
Methodology Vulnerability Assessment
  • A three step phase
  • Hypothesis, Check, Synthesis
  • Hypothesis
  • Table Vulnerabilities per Assets A/V
  • Checklist of categories
  • Check vulnerability characterisation
  • asset
  • category
  • exploitation range
  • attributes
  • cascading range
  • severity
  • likelihood
  • Synthesis
  • Index Robustness R(A)
  • Profile Robustness RP

CESI-JRC approach
14
Methodology Threat Assessment
  • A three step phase
  • Hypothesis, Check, Synthesis
  • Hypothesis
  • Table Threats per Vulnerability V/T
  • Checklist of categories
  • Check Threat Template
  • asset
  • vulnerability
  • mode
  • category
  • agent
  • motivation, severity, likelihood
  • Synthesis
  • Index Exposure E(V)
  • Profile Exposure EP

CESI-JRC approach
15
Architectural Patterns Power Substation Site
16
Architectural Patterns Distribution System
Operator Centre
17
Ongoing work
  • Threat Assessment
  • Attack Assessment
  • DMS architectural patterns
  • Tool support
  • Application of the methodology to the
    architectural patterns
  • Derivation of attack plans

18
Conclusions
  • state of the art of security analysis in
    industrial control is weak
  • conceptual frameworks are needed
  • specific methodologies have to be developed
  • Project
  • Network21, The Network for the 21st Century
  • Public Interest Energy Research Programme founded
    by the
  • Italian Ministry of the Productive Activities

Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Nessun titolo diapositiva" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!