SlideShare a Scribd company logo

Mission Impact Assessment for Industrial Control Systems

Marina Krotofil
Marina Krotofil

Mission-oriented risk assessment approach

Engineering
1 of 51
Download to read offline
Marina Krotofil, Mona Lange European Network for Cyber Security University of Lübeck, Germany S4x15, Miami, USA – 15.01.15 Mission Impact Assessment for Industrial Control Systems
What we are doing PANOPTESEC o EU project aimed at automated cyber defense decision support system for critical infrastructure o Prevent, detect, manage and react to cyber incidents in real-time o Improve the situational awareness o Support the decision-making process
PANOPTESEC framework http://www.panoptesec.eu
Industrial Control Systems Physical application Curtesy: Compass Security Germany GmbH
Cyber-physical systems are IT systems “embedded” in an application in the physical world Cyber-Physical Systems Attack goals: o Get the physical system in a state desired by the attacker o Make the physical system perform actions desired by the attacker
Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
ICS security Continuous vulnerability disclosures and vulns for sale Patching treadmill Supply chain security IT-SCADA specific security solutions Ralph Langner: “The pro’s don’t bother with vulnerabilities; they use features to compromise the ICS” Vendors Result: Focus is on protecting the infrastructure
Process-related threats PROBLEM: there is no approach to determining the impact of a cyber threat on the operational goals Identification of failures and hazards o HAZOP o PHEA o FMEA (FMECA) o Etc. Raising awareness of intentional misuses o Stuxnet o Aurora o And some formally/informally rumored stories
Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
Process owners Asset owners Common opinion about each other ICS stakeholders Field equipment Level0 Process Level1Level2Level3Level4 Regulatory control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers
Process owners Asset owners ICS stakeholders Field equipment Level0 Process Level1Level2Level3Level4 Regulatory control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers We have a COMMON MISSION!!
Field instrumenation Level0 Process Level1Level2Level3Level4 Basic control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers Process owners Asset owners Shift in defense IT-centricity Cyber attack resilient missions We have a COMMON MISSION!!
Insider threat Business processes secure by design Easy target Clueless user Disgruntled employee Integrators, support, contractors…
Mission is a set of operational tasks to accomplish a certain purposive goal The goal of cyber security is to protect ongoing and planned missions (not cyber assets) Mission impact assessment is a threat assessment method to predict and evaluate the impact of cyber incidents on mission execution and accomplishment Terminology
Example
Example: attack on data flow Net. Admin Global mission: ensure/execution of nuclear program Mission: enrichment of uranium Task: maintain proper rotating speed of the centrifuge Business processes Cyber terrain Operational goals Operations · Failure modes · Hazards PLC Frequency converter Centrifuge Workflow Access policies · Users · Permissions Engineering station Linkage to cyber assets HMI DB Data flow Manufacturing workflow
SCADA hacker Data integrity: packet injection; replay; data manipulation; … DoS: DoS; DDoS; flooding; starvation;…. Operator Example: attack on data flow Operations · Failure modes · Hazards PLC Frequency converter Centrifuge Workflow Access policies · Users · Permissions Engineering station Linkage to cyber assets HMI DB Data flow Manufacturing workflow I am not controlling the process!!
Controllability SCADA hacker During the attack the hacker herself is process engineer, control engineer and process operator Observability
Process-related security properties HOLY TRINITY IT domain Process control
Process owners humor We need a model that relates the missions and resources …….
Process-related security properties HOLY TRINITY IT domain Process control Observability Controllability Operability
Process-related security properties HOLY TRINITY Observability Controllability Operability Information security Process control security CIA CO2
Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
Vocabulary
Mission impact analysis Cyber surface MissionviewITview Mission -> Task -> ->Activity -> Asset Activity(A2):= Pull alarm logs Activity(A1):= Configure alarm Switch Engineering workstation Router OPC Server Switch Bob and PLC or and Sensor Router Task:= Fault management Historian Task:= Fault diagnosis Task:= Alarm management Asset Alice Permission Permission Mission:= Eqipment monitoring
Mission impact analysisMissionviewITview Activity(A2):= Pull alarm logs Activity(A1):= Configure alarm Switch Engineering workstation Router OPC Server Switch Bob and PLC or and Sensor Router Task:= Fault management Historian Task:= Fault diagnosis Task:= Alarm management Asset Alice Permission Permission Mission:= Eqipment monitoring Continuous threat assessment
Impact dependency graph Assess impact on asset level of identified threat Quantify operational impact on activity, task and mission level based on impact dependency graph Mission impact analysis Vulnerability(ies) V Task Mission Activity 0.2 OPC Server A1 A2 PLC Engineering Workstation 0.3 0.2 Sensor Router Switch 0.1 0.1 0.1 Switch Router Historian 0.4 0.4 0.1 0.1 T0 V 0.6 0.4 T1 T2 V M0 Alice Bob Asset BobBob AliceAlice
Ontology
Example
Temporal relationships
Timing parameter Physical exploitation o Timing parameters of the attack itself o Time to disaster o Butterfly effect, snowball effect (timing interdependencies) (Criticality) risk assessment o Clean-up time o Damage recover time o Equipment replacement Business process assessment o Window of opportunity to launch an attack o Slowing down part(s) of the mission
Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence Emerging trends
Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence Emerging trends
Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Final remarks
Use case Threat: Smart meter worm [Davis, Black Hat 2009] o Infection during firmware update o Wireless propagation o Control over meter to attacker benefits
Approach initiation Mission statement Deliver accurate view of the power grid state List all possible mission disruptions 1. Incorrect load, phase, time, temperature information 2. Missing alarms, e.g. about power outages 3. Incorrect information about grid topology
Step 1 NISTIR7628GuidelinesforSmartGridCyberSecurityv1.0–Aug2010
Step 2 8-Meter
Step 3 http://earth2tech.files.wordpress.com/2008/04/silver-demo.jpg
Data flow analysis
Mission security boundaries Goal: protect mission boundaries o Mission-oriented network zoning for more flexible asset security protection Challenge: interconnectedness of assets linked to distinct missions of different levels of criticality Identification: reachability analysis
Reachability analysis 8 -Meter 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 Cesar Cerrudo „Hacking Traffic Control Systems“, 2014 Multipurpose worm from IOActive dudes (?)
Reachability analysis Mr. Johns
Modelling madness
Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Final remarks
Fresh story Make inventory of the business processes o ISO 27005 terminology Prioritize and determine critical to the operations Identify supporting assets Identify critical assets Perform risk assessment o Risk avoidance o Risk modification
Summary Emerging approach -> becomes more popular o But loads of research still needs to be done Actionable Sustainable
marina.krotofil@encs.eu lange@ifis.uni-luebeck.de Thank you

Recommended

ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
SCADA Presentation
SCADA PresentationSCADA Presentation
SCADA PresentationEric Favetta
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended Larry Vandenaweele
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALMarina Krotofil
 
SCADA Security
SCADA SecuritySCADA Security
SCADA Securityamiable_indian
 

Recommended

ICS security
ICS securityICS security
ICS securityAhmed Shitta
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolShah Sheikh
 
SCADA Presentation
SCADA PresentationSCADA Presentation
SCADA PresentationEric Favetta
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended Larry Vandenaweele
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA Jeffrey Wang , P.Eng
 
BlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALBlackHat_2015_Slides_Krotofil_FINAL
BlackHat_2015_Slides_Krotofil_FINALMarina Krotofil
 
SCADA Security
SCADA SecuritySCADA Security
SCADA Securityamiable_indian
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2David Spinks
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009Narinrit Prem-apiwathanokul
 
Scada security
Scada securityScada security
Scada securitysommerville-videos
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security PresentationFilip Maertens
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSChris Sistrunk
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
BSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseBSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseChris Sistrunk
 
Improving SCADA Security
Improving SCADA SecurityImproving SCADA Security
Improving SCADA SecurityNarinrit Prem-apiwathanokul
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Defcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesDefcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesMarina Krotofil
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomPositive Hack Days
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityChris Sistrunk
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Ataki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowychAtaki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowychPawel Rzepa
 
DataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da AssessoDataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da AssessoMarcelo Oliveira
 

More Related Content

What's hot

SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security PresentationFilip Maertens
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen MillerAVEVA
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSChris Sistrunk
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
BSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseBSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseChris Sistrunk
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Digital Bond
 
Defcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesDefcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesMarina Krotofil
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomPositive Hack Days
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityChris Sistrunk
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 

What's hot (20)

CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009
 
Scada security
Scada securityScada security
Scada security
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICS
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
BSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA DefenseBSidesAugusta ICS SCADA Defense
BSidesAugusta ICS SCADA Defense
 
Improving SCADA Security
Improving SCADA SecurityImproving SCADA Security
Improving SCADA Security
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)Using Assessment Tools on ICS (English)
Using Assessment Tools on ICS (English)
 
Defcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slidesDefcon through the_eyes_of_the_attacker_2018_slides
Defcon through the_eyes_of_the_attacker_2018_slides
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanisms
 
Dmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a TelecomDmitry Kurbatov. Five Nightmares for a Telecom
Dmitry Kurbatov. Five Nightmares for a Telecom
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS Security
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 

Viewers also liked

Ataki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowychAtaki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowychPawel Rzepa
 
DataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da AssessoDataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da AssessoMarcelo Oliveira
 
Paragyte mobile brochure
Paragyte mobile brochureParagyte mobile brochure
Paragyte mobile brochureKevin Arora
 
1º Webinar Sisloc - Renegociação de Título
1º Webinar Sisloc - Renegociação de Título1º Webinar Sisloc - Renegociação de Título
1º Webinar Sisloc - Renegociação de TítuloSisloc
 
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020IndexBox Marketing
 
智能广域网及开源项目更新
智能广域网及开源项目更新智能广域网及开源项目更新
智能广域网及开源项目更新Bertrand Duvivier
 
Salesmanagerleadtraining 12698753627422-phpapp01
Salesmanagerleadtraining 12698753627422-phpapp01Salesmanagerleadtraining 12698753627422-phpapp01
Salesmanagerleadtraining 12698753627422-phpapp01LLoyd Lofton L.U.T.C.
 
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...Aurum Equity Partners LLP
 
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicos
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicosBenefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicos
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicosBitCake Studio
 
Почему нужна лицензия
Почему нужна лицензияПочему нужна лицензия
Почему нужна лицензияcnpo
 
Attacks on RSA using Lattice reduction techniques (LLL)
Attacks on RSA using Lattice reduction techniques (LLL)Attacks on RSA using Lattice reduction techniques (LLL)
Attacks on RSA using Lattice reduction techniques (LLL)David Wong
 
Atualização Cadastral - Como fazer
Atualização Cadastral - Como fazerAtualização Cadastral - Como fazer
Atualização Cadastral - Como fazerPrestus®
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016Marina Krotofil
 
Statistical database, problems and mitigation
Statistical database, problems and mitigationStatistical database, problems and mitigation
Statistical database, problems and mitigationBikrant Gautam
 
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020IndexBox Marketing
 

Viewers also liked (20)

Ataki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowychAtaki po stronie klienta w publicznych punktach dostępowych
Ataki po stronie klienta w publicznych punktach dostępowych
 
DataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da AssessoDataCare - Software de Qualidade de Dados da Assesso
DataCare - Software de Qualidade de Dados da Assesso
 
Paragyte mobile brochure
Paragyte mobile brochureParagyte mobile brochure
Paragyte mobile brochure
 
1º Webinar Sisloc - Renegociação de Título
1º Webinar Sisloc - Renegociação de Título1º Webinar Sisloc - Renegociação de Título
1º Webinar Sisloc - Renegociação de Título
 
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020
EU: Prepared Explosives – Market Report. Analysis and Forecast to 2020
 
智能广域网及开源项目更新
智能广域网及开源项目更新智能广域网及开源项目更新
智能广域网及开源项目更新
 
SYSTEM INTERACT
SYSTEM INTERACTSYSTEM INTERACT
SYSTEM INTERACT
 
Salesmanagerleadtraining 12698753627422-phpapp01
Salesmanagerleadtraining 12698753627422-phpapp01Salesmanagerleadtraining 12698753627422-phpapp01
Salesmanagerleadtraining 12698753627422-phpapp01
 
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...
Growing investor interest in the Indian CRAMS / CDMO industry - Aurum and Dea...
 
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicos
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicosBenefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicos
Benefícios e dificuldades da metodologia Lean aplicada à jogos eletrônicos
 
Почему нужна лицензия
Почему нужна лицензияПочему нужна лицензия
Почему нужна лицензия
 
Attacks on RSA using Lattice reduction techniques (LLL)
Attacks on RSA using Lattice reduction techniques (LLL)Attacks on RSA using Lattice reduction techniques (LLL)
Attacks on RSA using Lattice reduction techniques (LLL)
 
Atualização Cadastral - Como fazer
Atualização Cadastral - Como fazerAtualização Cadastral - Como fazer
Atualização Cadastral - Como fazer
 
presentation_sas2016_V3
presentation_sas2016_V3presentation_sas2016_V3
presentation_sas2016_V3
 
Topic05 osi
Topic05 osiTopic05 osi
Topic05 osi
 
S4x16_Europe_Krotofil
S4x16_Europe_KrotofilS4x16_Europe_Krotofil
S4x16_Europe_Krotofil
 
FINAL A2 landscape
FINAL A2 landscapeFINAL A2 landscape
FINAL A2 landscape
 
New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016New wave of attacks in Ukraine 2016
New wave of attacks in Ukraine 2016
 
Statistical database, problems and mitigation
Statistical database, problems and mitigationStatistical database, problems and mitigation
Statistical database, problems and mitigation
 
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020
EU: Pig Iron and Spiegeleisen – Market Report. Analysis and Forecast to 2020
 

Similar to Mission Impact Assessment for Industrial Control Systems

Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environmentsamiable_indian
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutionsguest609a5ed
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And SolutionsHannan Ahmed
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance EnergyTech2015
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake finalMinh Le
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for businessDaniel Thomas
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Marco Casassa Mont
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Servicestsaiblake
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityNetworkCollaborators
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Software Security Initiatives
Software Security InitiativesSoftware Security Initiatives
Software Security InitiativesMarco Morana
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in CybersecurityTeri Radichel
 

Similar to Mission Impact Assessment for Industrial Control Systems (20)

Security Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA EnvironmentsSecurity Considerations in Process Control and SCADA Environments
Security Considerations in Process Control and SCADA Environments
 
Cyber risks in supply chains
Cyber risks in supply chains Cyber risks in supply chains
Cyber risks in supply chains
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutions
 
V-Empower Services And Solutions
V-Empower Services And SolutionsV-Empower Services And Solutions
V-Empower Services And Solutions
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
 
final security ppt.pptx
final security ppt.pptxfinal security ppt.pptx
final security ppt.pptx
 
Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016Security assessment isaca sv presentation jan 2016
Security assessment isaca sv presentation jan 2016
 
Custom defense - Blake final
Custom defense - Blake finalCustom defense - Blake final
Custom defense - Blake final
 
Cyber security for business
Cyber security for businessCyber security for business
Cyber security for business
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...
 
Assuring Reliable and Secure IT Services
Assuring Reliable and Secure IT ServicesAssuring Reliable and Secure IT Services
Assuring Reliable and Secure IT Services
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10Core.co.enterprise.deck.06.16.10
Core.co.enterprise.deck.06.16.10
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Tech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs WhitelistingTech Throwdown: Secure Containerization vs Whitelisting
Tech Throwdown: Secure Containerization vs Whitelisting
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
It Audit And Forensics
It Audit And ForensicsIt Audit And Forensics
It Audit And Forensics
 
Software Security Initiatives
Software Security InitiativesSoftware Security Initiatives
Software Security Initiatives
 
So You Want a Job in Cybersecurity
So You Want a Job in CybersecuritySo You Want a Job in Cybersecurity
So You Want a Job in Cybersecurity
 

More from Marina Krotofil

S4x16 europe krotofil_granular_dataflowsics
S4x16 europe krotofil_granular_dataflowsicsS4x16 europe krotofil_granular_dataflowsics
S4x16 europe krotofil_granular_dataflowsicsMarina Krotofil
 
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsevCS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsevMarina Krotofil
 
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...Marina Krotofil
 
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...Marina Krotofil
 
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S..."Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...Marina Krotofil
 
S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017Marina Krotofil
 
S4 krotofil morning_sesh_2017
S4 krotofil morning_sesh_2017S4 krotofil morning_sesh_2017
S4 krotofil morning_sesh_2017Marina Krotofil
 
DefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_LarsenDefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_LarsenMarina Krotofil
 

More from Marina Krotofil (10)

S4x16 europe krotofil_granular_dataflowsics
S4x16 europe krotofil_granular_dataflowsicsS4x16 europe krotofil_granular_dataflowsics
S4x16 europe krotofil_granular_dataflowsics
 
Dhs icsjwg 2015_v3
Dhs icsjwg 2015_v3Dhs icsjwg 2015_v3
Dhs icsjwg 2015_v3
 
CS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsevCS3STHLM_2019_krotofil_kopeytsev
CS3STHLM_2019_krotofil_kopeytsev
 
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
If I Were MITRE ATT&CK Developer: Challenges to Consider when Developing ICS ...
 
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...
A Diet of Poisoned Fruit: Designing Implants & OT Payloads for ICS Embedded D...
 
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S..."Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...
"Man-in-the-SCADA": Anatomy of Data Integrity Attacks in Industrial Control S...
 
S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017S4 krotofil afternoon_sesh_2017
S4 krotofil afternoon_sesh_2017
 
S4 krotofil morning_sesh_2017
S4 krotofil morning_sesh_2017S4 krotofil morning_sesh_2017
S4 krotofil morning_sesh_2017
 
MKAD_black_V2
MKAD_black_V2MKAD_black_V2
MKAD_black_V2
 
DefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_LarsenDefCon_2015_Slides_Krotofil_Larsen
DefCon_2015_Slides_Krotofil_Larsen
 

Recently uploaded

Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEroselinkalist12
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...asadnawaz62
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage examplePragyanshuParadkar1
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptSAURABHKUMAR892774
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfme23b1001
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxPoojaBan
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxbritheesh05
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxk795866
 

Recently uploaded (20)

🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETEINFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
INFLUENCE OF NANOSILICA ON THE PROPERTIES OF CONCRETE
 
complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...complete construction, environmental and economics information of biomass com...
complete construction, environmental and economics information of biomass com...
 
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
VICTOR MAESTRE RAMIREZ - Planetary Defender on NASA's Double Asteroid Redirec...
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptxExploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
Exploring_Network_Security_with_JA3_by_Rakesh Seal.pptx
 
DATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage exampleDATA ANALYTICS PPT definition usage example
DATA ANALYTICS PPT definition usage example
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Arduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.pptArduino_CSE ece ppt for working and principal of arduino.ppt
Arduino_CSE ece ppt for working and principal of arduino.ppt
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 
Electronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdfElectronically Controlled suspensions system .pdf
Electronically Controlled suspensions system .pdf
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
Heart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptxHeart Disease Prediction using machine learning.pptx
Heart Disease Prediction using machine learning.pptx
 
Artificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptxArtificial-Intelligence-in-Electronics (K).pptx
Artificial-Intelligence-in-Electronics (K).pptx
 
Introduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptxIntroduction-To-Agricultural-Surveillance-Rover.pptx
Introduction-To-Agricultural-Surveillance-Rover.pptx
 

Mission Impact Assessment for Industrial Control Systems

  • 1. Marina Krotofil, Mona Lange European Network for Cyber Security University of Lübeck, Germany S4x15, Miami, USA – 15.01.15 Mission Impact Assessment for Industrial Control Systems
  • 2. What we are doing PANOPTESEC o EU project aimed at automated cyber defense decision support system for critical infrastructure o Prevent, detect, manage and react to cyber incidents in real-time o Improve the situational awareness o Support the decision-making process
  • 5. Cyber-physical systems are IT systems “embedded” in an application in the physical world Cyber-Physical Systems Attack goals: o Get the physical system in a state desired by the attacker o Make the physical system perform actions desired by the attacker
  • 6. Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
  • 7. ICS security Continuous vulnerability disclosures and vulns for sale Patching treadmill Supply chain security IT-SCADA specific security solutions Ralph Langner: “The pro’s don’t bother with vulnerabilities; they use features to compromise the ICS” Vendors Result: Focus is on protecting the infrastructure
  • 8. Process-related threats PROBLEM: there is no approach to determining the impact of a cyber threat on the operational goals Identification of failures and hazards o HAZOP o PHEA o FMEA (FMECA) o Etc. Raising awareness of intentional misuses o Stuxnet o Aurora o And some formally/informally rumored stories
  • 9. Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
  • 10. Process owners Asset owners Common opinion about each other ICS stakeholders Field equipment Level0 Process Level1Level2Level3Level4 Regulatory control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers
  • 11. Process owners Asset owners ICS stakeholders Field equipment Level0 Process Level1Level2Level3Level4 Regulatory control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers We have a COMMON MISSION!!
  • 12. Field instrumenation Level0 Process Level1Level2Level3Level4 Basic control Supervisory Control Process management Corporate network PLC PLC PLC HMI Engineering station Historian Publishing server DMZ DCS servers Application servers Process owners Asset owners Shift in defense IT-centricity Cyber attack resilient missions We have a COMMON MISSION!!
  • 13. Insider threat Business processes secure by design Easy target Clueless user Disgruntled employee Integrators, support, contractors…
  • 14. Mission is a set of operational tasks to accomplish a certain purposive goal The goal of cyber security is to protect ongoing and planned missions (not cyber assets) Mission impact assessment is a threat assessment method to predict and evaluate the impact of cyber incidents on mission execution and accomplishment Terminology
  • 16. Example: attack on data flow Net. Admin Global mission: ensure/execution of nuclear program Mission: enrichment of uranium Task: maintain proper rotating speed of the centrifuge Business processes Cyber terrain Operational goals Operations · Failure modes · Hazards PLC Frequency converter Centrifuge Workflow Access policies · Users · Permissions Engineering station Linkage to cyber assets HMI DB Data flow Manufacturing workflow
  • 17. SCADA hacker Data integrity: packet injection; replay; data manipulation; … DoS: DoS; DDoS; flooding; starvation;…. Operator Example: attack on data flow Operations · Failure modes · Hazards PLC Frequency converter Centrifuge Workflow Access policies · Users · Permissions Engineering station Linkage to cyber assets HMI DB Data flow Manufacturing workflow I am not controlling the process!!
  • 18. Controllability SCADA hacker During the attack the hacker herself is process engineer, control engineer and process operator Observability
  • 19. Process-related security properties HOLY TRINITY IT domain Process control
  • 20. Process owners humor We need a model that relates the missions and resources …….
  • 21. Process-related security properties HOLY TRINITY IT domain Process control Observability Controllability Operability
  • 22. Process-related security properties HOLY TRINITY Observability Controllability Operability Information security Process control security CIA CO2
  • 23. Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Open questions
  • 25. Mission impact analysis Cyber surface MissionviewITview Mission -> Task -> ->Activity -> Asset Activity(A2):= Pull alarm logs Activity(A1):= Configure alarm Switch Engineering workstation Router OPC Server Switch Bob and PLC or and Sensor Router Task:= Fault management Historian Task:= Fault diagnosis Task:= Alarm management Asset Alice Permission Permission Mission:= Eqipment monitoring
  • 26. Mission impact analysisMissionviewITview Activity(A2):= Pull alarm logs Activity(A1):= Configure alarm Switch Engineering workstation Router OPC Server Switch Bob and PLC or and Sensor Router Task:= Fault management Historian Task:= Fault diagnosis Task:= Alarm management Asset Alice Permission Permission Mission:= Eqipment monitoring Continuous threat assessment
  • 27. Impact dependency graph Assess impact on asset level of identified threat Quantify operational impact on activity, task and mission level based on impact dependency graph Mission impact analysis Vulnerability(ies) V Task Mission Activity 0.2 OPC Server A1 A2 PLC Engineering Workstation 0.3 0.2 Sensor Router Switch 0.1 0.1 0.1 Switch Router Historian 0.4 0.4 0.1 0.1 T0 V 0.6 0.4 T1 T2 V M0 Alice Bob Asset BobBob AliceAlice
  • 31. Timing parameter Physical exploitation o Timing parameters of the attack itself o Time to disaster o Butterfly effect, snowball effect (timing interdependencies) (Criticality) risk assessment o Clean-up time o Damage recover time o Equipment replacement Business process assessment o Window of opportunity to launch an attack o Slowing down part(s) of the mission
  • 32. Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
  • 33. Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
  • 34. Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence
  • 35. Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence Emerging trends
  • 36. Mission-centric approach Mission awarenessThreat awarenessInfrastructure awareness System inventory Configuration files Network diagrams Data flow diagrams Access policies Business processes Workflows Standard operating procedures Policies and regulations Critical dependencies Internal threats External threats Vulnerability DB, threat sharing communities Threat intelligence Emerging trends
  • 37. Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Final remarks
  • 38. Use case Threat: Smart meter worm [Davis, Black Hat 2009] o Infection during firmware update o Wireless propagation o Control over meter to attacker benefits
  • 39. Approach initiation Mission statement Deliver accurate view of the power grid state List all possible mission disruptions 1. Incorrect load, phase, time, temperature information 2. Missing alarms, e.g. about power outages 3. Incorrect information about grid topology
  • 44. Mission security boundaries Goal: protect mission boundaries o Mission-oriented network zoning for more flexible asset security protection Challenge: interconnectedness of assets linked to distinct missions of different levels of criticality Identification: reachability analysis
  • 45. Reachability analysis 8 -Meter 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 1,2 Cesar Cerrudo „Hacking Traffic Control Systems“, 2014 Multipurpose worm from IOActive dudes (?)
  • 48. Problem statement Mission-oriented approach Mission impact modelling Mission critical assets Final remarks
  • 49. Fresh story Make inventory of the business processes o ISO 27005 terminology Prioritize and determine critical to the operations Identify supporting assets Identify critical assets Perform risk assessment o Risk avoidance o Risk modification
  • 50. Summary Emerging approach -> becomes more popular o But loads of research still needs to be done Actionable Sustainable