Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
# ??
@CSIT_QUB
Industrial Control
System Security
Overview
Peter Maynard, PhD Researcher
What is ICS and SCADA
• Industrial Control Systems (ICS):
• Chemical, water, gas processing.
• Transportation, electricity...
Security Threats to ICS
●
ICS systems have a 40 year life span.
●
Used to use firewall air-gapping to separate
the network...
What we have been working on
• European FP7 Project.
• Worked with Linz Strom GmbH.
– Austrian Electrical Distribution
Ope...
Man-In-The-Middle Attack
●
Using our custom Ettercap plugin we’re
able to hide an earth fault from the
operator.
●
Using A...
Detection of attacks on ICS
• Current signature based systems, SNORT, Bro.
– Unable to detect Zero day.
– Unable to identi...
Questions ?
Upcoming SlideShare
Loading in …5
×

Industrial Control System Security Overview

737 views

Published on

Industrial Control System Security Overview
5th World Cyber Security Summit Belfast, March 2015

Published in: Technology
  • Be the first to comment

Industrial Control System Security Overview

  1. 1. # ?? @CSIT_QUB Industrial Control System Security Overview Peter Maynard, PhD Researcher
  2. 2. What is ICS and SCADA • Industrial Control Systems (ICS): • Chemical, water, gas processing. • Transportation, electricity, nuclear systems. • Supervisory Control And Data Acquisition (SCADA): • SCADA provides remote telemetry control for ICS.
  3. 3. Security Threats to ICS ● ICS systems have a 40 year life span. ● Used to use firewall air-gapping to separate the networks. ● Systems often left un-patched due to system maintainability concerns. ● SCADA protocols developed in the 70s-80s still widely in use. ● Provide no form of encryption or authenticity. – Not implemented in industry.
  4. 4. What we have been working on • European FP7 Project. • Worked with Linz Strom GmbH. – Austrian Electrical Distribution Operator. • Access to real world testbed.
  5. 5. Man-In-The-Middle Attack ● Using our custom Ettercap plugin we’re able to hide an earth fault from the operator. ● Using ARP Spoofing. ● Packet manipulation.
  6. 6. Detection of attacks on ICS • Current signature based systems, SNORT, Bro. – Unable to detect Zero day. – Unable to identify suspicious traffic. e.g. malware, backdoors • Anomaly Detection using Machine Learning. – ICS networks are fairly consistent and predictable.
  7. 7. Questions ?

×