Your SlideShare is downloading. ×
DuPont's Practices and Expectations - Tom Good
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

DuPont's Practices and Expectations - Tom Good

402
views

Published on


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
402
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Process Control Network Security Activities in DuPont ISA 2002 Panel on Control Systems Security Tom Good DuPont Engineering October 21, 2002
  • 2.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product direction
    Topics Covered
  • 3. What is a process control system?
    • The set of devices that directly control the manufacturing processes. Typically include:
      • DCS (Distributed Control Systems)
        • Continuous manufacturing
      • PLC (Programmable Logic Controllers)
        • Discrete manufacturing
      • SCADA (Supervisory Control and Data Acquisition System)
      • Hybrid systems
    • Within DuPont
      • Online analyzers
      • Online thickness gauging systems
      • Identification and tracking systems
      • etc.
  • 4. What is a Process Control Network in DuPont?
    • Process Control Network (PCN)
      • The PCN is a proprietary network that acts as the communication link between the operator consoles and the control devices like DCS controllers and PLCs.
      • The Ethernet network that links all critical manufacturing computer systems and devices.
  • 5. Architecture of the 80’s and early 90’s Process Controller Proprietary Control Network Operator Control Station Application Server Operator Console Process Controller Process Controller Operator Console Operator Console Not Secure Secure Modem
  • 6. Changing Technology Operating Systems: Data Communication: Information Flow: Computing Solutions: Architecture: Proprietary Proprietary Segmented Monolithic Closed Open Standard Protocols Integrated Modular Open Evolution of Technology
  • 7. Architecture of the late 90’s and present day Process Controller Proprietary Control Network Operator Control Station PC Application Server PC OPC Serve (PC) Process Controller Operator Control Station PCs Operator Control Station PC Process Controller Process Controller Not Secure Secure Firewall Process Control Ethernet LAN Application Server Site Ethernet LAN Ethernet Switch Desktop PC Desktop PC Desktop PC Modem
  • 8. Process Controller Proprietary Control Network Operator Control Station PC Application Server PC OPC Serve (PC) Process Controller Operator Control Station PCs Operator Control Station PC Process Controller Process Controller Not Secure Secure Firewall Process Control Ethernet LAN Application Server Modem Site Ethernet LAN Ethernet Switch Desktop PC Desktop PC Desktop PC Router Internet Firewall DuPont WAN Modem
  • 9.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product direction
    Topics Covered
  • 10. History of PCN Security Initiative in DuPont
    • Jan 00 - Formed work group to study PCN Security
    • Nov 00 - Published guidance document
    Ground up activity
  • 11. DuPont Realization
    • Lack of Cyber Security is a threat to our manufacturing assets:
      • Threat to safety both on and off-site
      • Threat to continuity of production
      • Threat to production equipment
      • Threat of adverse public opinion
    • Community can withdraw sanction for company to operate.
    • Technology exists to significantly reduce vulnerabilities of our PCNs
  • 12. History of PCN Security Initiative in DuPont
    • Jan 00 - Formed work group to study PCN Security
    • Nov 00 - Published guidance document
    • Aug 01 - Obtained support from IT Org.
  • 13. History of PCN Security Initiative in DuPont
    • Jan 00 - Formed work group to study PCN Security
    • Nov 00 - Published guidance document
    • Aug 01 - Obtained support from IT Org.
    • Oct 01 - Mandatory security policy
    Top Down Support from CIO
    • Nov 01 - Obtained corporate funds to address PCN security at all locations
  • 14.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product direction
    Topics Covered
  • 15. PCN Security Policy (Highlights)
    • All high and medium risk PCNs must be firewalled or disconnected from any external network (LAN, WAN, Internet).
      • High Risk PCNs secured by 12/31/02.
    • Access to PCN requires 2 factor authentication
    • Participate in corporate firewall program
      • Standard firewall w/std. configuration policy
      • Centralized firewall monitoring
      • Centralized backup for disaster recovery
  • 16. Existing Security Controls E-Pass = Two Factor Authentication (RSA)
    • Security Weaknesses
    • Over 500 entrances into Intranet perimeter
    • Lack workable authentication and authorization mechanism for control room operation at operators consoles
    • Weak Windows application authorization
  • 17. New Perimeter Based Security Controls E-Pass = Two Factor Authentication (RSA)
    • Security Strengths
    • Between Intranet and PCN perimeter
    • Secure authentication
    • Destination authorization
    • Security Weaknesses
    • Lack workable authentication and authorization mechanism for control room operation at operators consoles
    • Weak Windows application authorization
  • 18.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product direction
    Topics Covered
  • 19. Security Project Activities
    • Front-End Loading
      • Inventory and characterize each PCN
      • Develop PCN network diagram
      • Conduct a Risk Analysis of vulnerabilities.
    • Design
      • Consider alternative security measures
    • Implement
      • Adopt appropriate security practices to comply with security policy
  • 20. Characterized PCN in spreadsheet (portion shown)
  • 21. Develop Logical PCN Block Diagram Site xyz Advanced Process Manager Honeywell LCN Honeywell TDC3000 System Plant Ethernet LAN NIM Cisco Router User Site Workstation (Win2K Professional) Redundant FHRS1 Resource Domain Controller (WinNT Server) DuPont Intranet Ethernet WAN High Performance Process Manager Redundant Honeywell Universal Station #1 Honeywell Universal Station 2-3 User Site Workstation (Win95/98) Honeywell GUS Win2K Prof. NIM Honeywell UCN
  • 22. Risk Assessment Key Learning - Involve all stakeholders to build consensus on vulnerability. Probability Criticality A = Very likely 1 = Severe impact B = Likely 2 = Major impact C = Not likely 3 = Minor impact D = Remote chance 4 = No impact Network Segment Threat Probability Internet, Wireless, Direct Dial-in A = Very likely Intranet, Secure Dial-in B = Likely Integrated PCN C = Not likely Isolated PCN D = Remote Chance Impact Category 1=Severe impact 2=Major impact 3=Minor impact 4=No impact Injury Loss of life or limb Requiring hospitalization Cuts, bruises, requiring first aid None Financial loss Millions $100,000s $1000s None Environmental release Permanent damage/ Off-site damage Lasting damage/ On-site damage Temporary damage/ Local damage None Interruption of production Weeks Days Hours None Public image Permanent damage Lasting blemish Temporary tarnish None
  • 23. Identified Assets Data Assets Application & Device Assets
  • 24. Mitigation Strategies Key Learning - Involve all stakeholders to build consensus on mitigation plan. PCN Application/Device Assets Criticality PCN Application/Device Assets 1 Severe 2 Major 3 Minor 4 None A— Very Likely Firewall required Firewall required Firewall required B—Likely Firewall required Firewall required Firewall required C—Not Likely Firewall required Firewall required Firewall required Probability D—Remote Chance
  • 25. (Asside - DNSAM)
    • DuPont developed a risk analysis process to meet the internal needs for process control systems.
    • Making available to industry.
    • Partnered with Rockwell Automation to offer DNSAM(DuPont Network Security Analysis Methodology) as part of their services business.
  • 26. Prioritize Implementation
    • Businesses set overall priorities for each PCN based upon:
      • Safety
      • Criticality to business
    Key Learning - Availability of business knowledgeable resources is required.
  • 27. Deployment Strategy for PCN Firewalls
    • Manage as one project worldwide
    • Standardize on single firewall vendor
    • Using single vendor to design, install, and commission all firewalls
    • Sites managing network re-engineering
    • Site ownership of firewall
    • Ongoing co-management of firewall
  • 28.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product directions
    Topics Covered
  • 29. Key Learnings
    • PCN vulnerabilities exist
      • More than 300 PCNs, > 200 connected to LAN
    • Need management endorsement and support
      • Commitment of resources and $ to mitigate vulnerabilities
      • Asset owner is accountable
    • Project Execution
      • Network analysis and re-engineering are the bottleneck for firewall deployment. (typically 3-4 mo.)
      • May require manufacturing shutdown depending upon system integration and nature of the process
  • 30. Key Learnings Cont’d Site Manufacturing IT & Security Organization Typical in many companies To be Successful
  • 31. Key Learnings Cont’d
    • PCN firewalls are the meeting point of two different cultures and security policies.
      • Co-accountability and co-responsibility for administration of PCN firewalls.
      • Security is an evergreen task
      • New cooperative team approach is needed to steer direction (Process control, IT, Security, Safety, Engineering)
  • 32.
    • Grounding - Process Control Systems
    • PCN Security - History of DuPont activities
    • Security policies for process control
    • PCN security mitigation program
    • Key learnings
    • Concern with product directions
    Topics Covered
  • 33. Product Direction Concerns
    • Web enable process information
      • Microsoft IIS many vulnerabilities (Not desired on PCN)
      • Full feature web based GUIs using Active X controls and other scripts (Difficult to protect PCN against malicious code)
    • Wireless connectivity to process information
      • 802.11b based products (subject to hacker access)
    • Not addressing secure authentication and authorization for control room operators
      • Must allow response to emergencies by designated operators
  • 34. ?

×