SlideShare a Scribd company logo

An Overview of OPC UA Security

S
Sadatulla Zishan

Utthunga conducted a webinar “An Overview of OPC UA Security”. Our in-house Cyber Security Specialist Sahan M presented the various aspects of SECURITY in OPC UA. This webinar helped in enriching the knowledge for oems building products based on OPC UA and the user of OPC UA products. The webinar was conducted on Thursday, 10th September 2020 at 2:00 PM ET (US/Canada). Below a few key elements that were covered in this 60-minute webinar. 1. Security objectives and OPC UA Security Architecture 2. Common attack types addressed by OPC UA 3. Security considerations for OEMs 4. Security recommendations for end-users You can view the webinar recording by clicking on the link https://youtu.be/-pzhNJ4C34Y Please feel free to share these links with your colleagues who may be interested. If you have any queries or require more information regarding the topic or wish to know more about Utthunga you can mail us at contact@utthunga.com or visit our website https://utthunga.com/ © 2020 Utthunga Technologies

Engineering
1 of 30
Download to read offline
© Utthunga Technologies Pvt. Ltd. 2020 An Overview of OPC UA Security Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Company Overview Germany 500+ Professionals USA Japan 13 HQ & Development Centre Bangalore India © Utthunga Technologies Pvt. Ltd. 2020 SERVICES SOLUTIONSFOCUS Embedded Software & Hardware Product Engineering Digital Services Application Software Engineering Quality Engineering Process & Factory Power & Utilities IIoT, Cloud & Big Data Analytics Solutions Data Connectivity & Integration Solutions Custom Solutions Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Industry Associations  Part of various Special Interest Groups (Technical Specifications, Architecture, Test & Certification and Marketing)  Involved in reference Application Architecture, Design and Development  Technology Outsourcing Partner  PROFIBUS and PROFINET Competency Center  FDT Test & Certification Center  Part of Global Expert/Certified Community https://opcfoundation.org/about/opc-foundation/experts/ https://www.profibus.com/pi-organization/certified-people/ Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Speaker for Today  Sahan is a cyber-security specialist  6 years of experience in the industrial and security domain  Currently working in the R&D division at Utthunga  His proven areas of expertise are security testing and strategy, endpoint security, ethical hacking (VAPT), VMware virtualization, FDT/DTM and OPC UA  Sahan plays a critical role in Secure SDLC (SSDLC) and Secure DevOps implementation at Utthunga Sahan M Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 IIoT Era Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Source: OPC Foundation Utthunga for OPC Machine to machine communication protocol for industrial automation developed by the OPC Foundation. OPC UA (Open Platform Communications United Architecture)
© Utthunga Technologies Pvt. Ltd. 2020 Communication Requires more than Connectivity Reliable Secure Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 4. OPC UA Secure Data Connectivity 3. OPC UA Security Architecture 2. Security Objectives 1. OPC UA Security Focus 6. OPC UA Security Solutions for Attack Types 5. Secure Policies 7. Effectiveness of OPC UA Security Analysis 8. Recommendations Agenda Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Data At Rest Data in ProcessData in Motion OPC UA Security Focus OPC UA Security - Focus Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Security Objectives • Data only visible to intended recipients • Data is not modified • Data is available to authorized people when they need it • Identity of the people or systems is assured. • Controlled based on permissions • All requests and receipts of data are documented AAA CIA Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Architecture  OPC Unified Architecture uses a public key infrastructure to achieve secure communication.  A session in the Application Layer communicates over a Secure Channel that is created in the Communication Layer and relies upon it for secure communication.  The Communication Layer provides security mechanisms to meet Confidentiality, Integrity and application Authentication as security objectives. Source: OPC UA Spec. Security Model 1.04 Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Secure Data Connectivity  Supports enterprise wide secure data connectivity Mechanism Transport Two way One Way LAN WAN DMZ & Firewall E-to E Security Client- server TCP Y Y Y Y Y PubSub UDP Y Y Y Y PubSub MQTT Y Y Y Y Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Secure OPC UA Data Exchange Across Firewalls  In-bound firewall ports to be closed as this minimizes threats of external attacks  NIST and NERC are recommending their members that all in-bound Firewall ports to be closed Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Security Policies None No security Basic256Sha256 (Recommended) This policy option is enabled by default, acceptable and more likely to be supported by older applications. Aes128-Sha256-RsaOaep (Average) This policy option is enabled by default. It is faster than the most secure policies and offers good security. However, older applications will not support it. Aes256-Sha256-RsaPss (Recommended - Most Secure) This policy option is enabled by default. It is the most secure available; however, older applications will not support it. Basic256 (Deprecated) This policy has theoretical problems and is not recommended. Basic 128Rsa15 (Deprecated) This policy has known vulnerabilities and should not be used unless absolutely necessary. #PubSub-Aes 128-CTR Average security needs. #PubSub-Aes256-CTR High security needs.  OPC UA server should identify and support the security policies  OPC UA client will choose these security policies to connect the server Note: OPC Foundation deprecates the security policies and updates the support for policies to maintain the effective security policy Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Encryption  OPC UA addresses unauthorized disclosure of any sensitive information by doing encryption, when the data is in transit  OPC UA addresses Eavesdropping, which impacts Confidentiality directly Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Message Signing  The signing of messages prevent an unauthorized third party from changing the contents of a message  Signing a message helps to ensure the following:  Data Integrity – The message was not altered from its original form  Non-repudiation – The sender cannot deny the authenticity of the message they sent and signed  Proof of Origin – The message actually came from the legitimate sender  OPC UA addresses Message Spoofing, Message Alteration Information by signing the messages. Additionally, the messages will always include a valid Session ID, Secure Channel ID, Request ID, Timestamp, and Sequence No Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Application Authentication  OPC UA encounters Rogue server, session hijacking, and server profiling attacks by ensuring the application used is trusted and authorized by the user  Ensures that the application we are communicating to is trusted by having application Instance certificate  Authentication of applications  Application instance certificates  Certificate Authority (CA) Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : User Authentication and Authorization  OPC UA encounters Rogue server and session hijacking by ensuring only authenticated and authorized user is allowed to perform an action.  User Authentication can be done via  Username / password, WS-Security Token or X.509 certificates  Implemented into existing IAM infrastructures like Active Directory  Authorization will help to control access to the specific operations and information.  Authorization (Server Specific)  Fine-granular information in address space (Read, Write, Browse)  Writing of meta data, calling methods Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type: Availability  OPC UA encounter threats like Denial of service, message flooding attack (Bandwidth approach, Resource approach)  OPC UA Servers reject the sessions that exceed their specified maximum number  Minimize processing of packets before they are authenticated  Configure Alarm Incidents Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Auditability  When multiple systems are communicating to the server then we can define what is important to us in terms of debugging and security and log those information  Auditability is very important and useful due to the aggregation feature of OPC servers that helps to communicate and established connections with multiple servers and/or establish different sessions for a channel with different vendors  Used for post analysis and forensic analysis especially when something goes wrong Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Certificates  Ensures a secure communication channel between the OPC UA server and OPC UA client  The Public key of Server from its trusted certificate store are copied to Client trusted certificate store.  Similarly, The Public key of Client from its trusted certificate store are copied to Server trusted certificate store.  The OPC UA Server uses its private key to decrypt the encoded message Source: Beckhoff Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Effectiveness of OPC UA Security Analysis  The OPC UA successfully passed these tests that were run for the German Federal Government (BSI). Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Effectiveness of OPC UA Security Analysis Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Utthunga for OPC  Define and include the security specific goals for your OPC product/application  Choose the right SDK  Secure SDL (Security Development Lifecycle)  Third-Party Libraries  Secure storing of Private keys  Certificates and user account management work flow  Get Certified by Foundation Test Lab  Security specific UpgradingPatching  Other General Security Aspects Security Recommendations for OEMS
© Utthunga Technologies Pvt. Ltd. 2020 Utthunga for OPC  Opt for certified products application that support required security policies  Security specific UpgradingPatching  Certificates and user account management process & guidelines  Support  Other General Security Aspects Security Recommendations for End Users
© Utthunga Technologies Pvt. Ltd. 2020 Security Recommendations  Do not leave your secrets lying around  Never store private keys or the corresponding certificate files (.pfx/p12) on an unencrypted file system  Do not automatically trust certificates  Do not accept connections, which do not provide the trusted certificates.  User Authentication  Avoid use of anonymous Identifiers  When this generic identifier is used, it is not possible to trace who has changed  Security Mode ‘None’ should not be used  It does not provide any protection  The Security Mode used should be ‘SignAndEncrypt’ or ‘Sign’  Instead ‘SignAndEncrypt’ or ‘Sign’ Security Mode should be used  Selection of cryptographic algorithms  At a minimum, the Security Policy ‘Basic256Sha256’ should be chosen provided its technically possible  Weaker security policies use outdated algorithms such as SHA-1 and should not be used  Managing and maintaining certificates  Use certificate trust lists and certificate revocation lists to manage valid certificates. Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 In a Nutshell Utthunga for OPC  OPC UA is Secure By Design  OPC UA allows different levels of security  OPC UA Security is standard based and developed with industry security experts from multiple company  Defense in Depth  Security as a reminder, OPC UA alone will not secure your systems.
© Utthunga Technologies Pvt. Ltd. 2020© Utthunga Technologies Pvt. Ltd. 2020 Time for Audience Q&A Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 OPC – Upcoming Webinar Calendar 1. An Overview of OPC UA Security – 10th September, 2020 2. FDT/OPC UA – 30th September, 2020 Utthunga for OPC
© Utthunga Technologies Pvt. Ltd. 2020 Utthunga Technologies Pvt. Ltd. No. 8, 27th Cross, 2nd Stage, Banashankari, Bangalore – 560 070 Phone: +91-80-68151900 Mail: contact@utthunga.com

Recommended

OPC UA for Embedded & Constrained Devices
OPC UA for Embedded & Constrained Devices OPC UA for Embedded & Constrained Devices
OPC UA for Embedded & Constrained Devices Sadatulla Zishan
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesSadatulla Zishan
 
FDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarFDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarSadatulla Zishan
 
OPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldOPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldSadatulla Zishan
 
Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA pptMallikarjuna Y C
 
Digital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarDigital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarSadatulla Zishan
 
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTManaging Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTSadatulla Zishan
 
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarOPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarSadatulla Zishan
 

Recommended

OPC UA for Embedded & Constrained Devices
OPC UA for Embedded & Constrained Devices OPC UA for Embedded & Constrained Devices
OPC UA for Embedded & Constrained Devices Sadatulla Zishan
 
OPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesOPC UA Inside Out Part 3 - Edge Devices
OPC UA Inside Out Part 3 - Edge DevicesSadatulla Zishan
 
FDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarFDT/DTM Introduction Webinar
FDT/DTM Introduction WebinarSadatulla Zishan
 
OPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldOPC UA Inside Out, Part 1 - Introduction and Playing Field
OPC UA Inside Out, Part 1 - Introduction and Playing FieldSadatulla Zishan
 
Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA pptMallikarjuna Y C
 
Digital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarDigital Transformation with FDT 3.0 Webinar
Digital Transformation with FDT 3.0 WebinarSadatulla Zishan
 
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTManaging Your ROI & TCO In Automation Testing | V&V Webinar PPT
Managing Your ROI & TCO In Automation Testing | V&V Webinar PPTSadatulla Zishan
 
OPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarOPC UA Inside Out Part 6 - Brownfield and Greenfield Webinar
OPC UA Inside Out Part 6 - Brownfield and Greenfield WebinarSadatulla Zishan
 
OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerSadatulla Zishan
 
FDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to InteroperabilityFDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to InteroperabilitySadatulla Zishan
 
Engineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPTEngineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPTSadatulla Zishan
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivitySadatulla Zishan
 
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | UtthungaFDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | UtthungaSadatulla Zishan
 
OPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on SolutionsOPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on Solutionsteam-WIBU
 
Revolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT HarmonizationRevolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT HarmonizationSadatulla Zishan
 
OPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationOPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationAVEVA
 
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni... View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...MongoDB
 
IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001Dominic Storey
 
OPC UA: Ready for realtime
OPC UA: Ready for realtimeOPC UA: Ready for realtime
OPC UA: Ready for realtimeMiodrag Veselic
 
open62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on Steroidsopen62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on SteroidsJulius Pfrommer
 
OPC Foundation and InduSoft
OPC Foundation and InduSoftOPC Foundation and InduSoft
OPC Foundation and InduSoftAVEVA
 
InduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA ConnectivityInduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA ConnectivityAVEVA
 
OPC PPT
OPC PPTOPC PPT
OPC PPTShivam Singh
 
OPC Unified Architecture
OPC Unified ArchitectureOPC Unified Architecture
OPC Unified ArchitectureVishwa Mohan
 
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...Rockwell Automation
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsReal-Time Innovations (RTI)
 
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...mfrancis
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationRockwell Automation
 
Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA pptUtthunga Technologies Pvt Ltd
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 

More Related Content

What's hot

OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerSadatulla Zishan
 
FDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to InteroperabilityFDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to InteroperabilitySadatulla Zishan
 
Engineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPTEngineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPTSadatulla Zishan
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivitySadatulla Zishan
 
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | UtthungaFDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | UtthungaSadatulla Zishan
 
OPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on SolutionsOPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on Solutionsteam-WIBU
 
Revolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT HarmonizationRevolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT HarmonizationSadatulla Zishan
 
OPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationOPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationAVEVA
 
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni... View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...MongoDB
 
IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001Dominic Storey
 
OPC UA: Ready for realtime
OPC UA: Ready for realtimeOPC UA: Ready for realtime
OPC UA: Ready for realtimeMiodrag Veselic
 
open62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on Steroidsopen62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on SteroidsJulius Pfrommer
 
OPC Foundation and InduSoft
OPC Foundation and InduSoftOPC Foundation and InduSoft
OPC Foundation and InduSoftAVEVA
 
InduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA ConnectivityInduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA ConnectivityAVEVA
 
OPC Unified Architecture
OPC Unified ArchitectureOPC Unified Architecture
OPC Unified ArchitectureVishwa Mohan
 
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...Rockwell Automation
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsReal-Time Innovations (RTI)
 
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...mfrancis
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationRockwell Automation
 

What's hot (20)

OPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC TunnellerOPC UA Inside Out Part 4 - OPC Tunneller
OPC UA Inside Out Part 4 - OPC Tunneller
 
FDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to InteroperabilityFDT 3.0 and OPC UA : Key to Interoperability
FDT 3.0 and OPC UA : Key to Interoperability
 
Engineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPTEngineer Sensors For Digital Transformation Webinar PPT
Engineer Sensors For Digital Transformation Webinar PPT
 
OPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud ConnectivityOPC UA Inside Out Part 5 - Cloud Connectivity
OPC UA Inside Out Part 5 - Cloud Connectivity
 
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | UtthungaFDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
FDT Mobility Secures Open Automation for Industrie 4 0 | FDT Group | Utthunga
 
OPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on SolutionsOPC UA Security: Native and Add-on Solutions
OPC UA Security: Native and Add-on Solutions
 
Revolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT HarmonizationRevolutionizing I4.0 Security and IT/OT Harmonization
Revolutionizing I4.0 Security and IT/OT Harmonization
 
OPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC FoundationOPC UA Connectivity with InduSoft and the OPC Foundation
OPC UA Connectivity with InduSoft and the OPC Foundation
 
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni... View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
View Page Update Presentation Close Internet of Things Cologne 2015: OPC Uni...
 
IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001IIB Manufacturing Pack v1001
IIB Manufacturing Pack v1001
 
OPC UA: Ready for realtime
OPC UA: Ready for realtimeOPC UA: Ready for realtime
OPC UA: Ready for realtime
 
open62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on Steroidsopen62541 - Open Source OPC UA on Steroids
open62541 - Open Source OPC UA on Steroids
 
OPC Foundation and InduSoft
OPC Foundation and InduSoftOPC Foundation and InduSoft
OPC Foundation and InduSoft
 
InduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA ConnectivityInduSoft Web Studio and OPC UA Connectivity
InduSoft Web Studio and OPC UA Connectivity
 
OPC PPT
OPC PPTOPC PPT
OPC PPT
 
OPC Unified Architecture
OPC Unified ArchitectureOPC Unified Architecture
OPC Unified Architecture
 
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
RA TechED 2019 - SS08 - What's New and Coming Soon in Safety Automation Archi...
 
ISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software ComponentsISO 26262 Approval of Automotive Software Components
ISO 26262 Approval of Automotive Software Components
 
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
Smart and Highly Scalable Lifecycle Management for Embedded Devices - Thomas ...
 
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® DemonstrationDesigning Machine-level HMI with Studio 5000 View Designer® Demonstration
Designing Machine-level HMI with Studio 5000 View Designer® Demonstration
 

Similar to An Overview of OPC UA Security

Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemInductive Automation
 
https://spotintelligence.com
https://spotintelligence.comhttps://spotintelligence.com
https://spotintelligence.comNeriVanOtten1
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide Array Networks
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
CA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA Technologies
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Javaterrencebarr
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityBrian Kesecker
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesAmazon Web Services
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoringElasticsearch
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPNAjay Nawani
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAkana
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...AVEVA
 

Similar to An Overview of OPC UA Security (20)

Security in OPC UA ppt
Security in OPC UA pptSecurity in OPC UA ppt
Security in OPC UA ppt
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
https://spotintelligence.com
https://spotintelligence.comhttps://spotintelligence.com
https://spotintelligence.com
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
SSL VPN Evaluation Guide
SSL VPN Evaluation GuideSSL VPN Evaluation Guide
SSL VPN Evaluation Guide
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
CA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application SecurityCA API Gateway: Web API and Application Security
CA API Gateway: Web API and Application Security
 
Enabling the-Connected-Car-Java
Enabling the-Connected-Car-JavaEnabling the-Connected-Car-Java
Enabling the-Connected-Car-Java
 
Apani Ov V9
Apani Ov V9Apani Ov V9
Apani Ov V9
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
 
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated IndustriesENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
 
Free and open cloud security posture monitoring
Free and open cloud security posture monitoringFree and open cloud security posture monitoring
Free and open cloud security posture monitoring
 
Cyberoam SSL VPN
Cyberoam SSL VPNCyberoam SSL VPN
Cyberoam SSL VPN
 
Zero trust deck 2020
Zero trust deck 2020Zero trust deck 2020
Zero trust deck 2020
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
 
API Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against HacksAPI Security: Securing Digital Channels and Mobile Apps Against Hacks
API Security: Securing Digital Channels and Mobile Apps Against Hacks
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General Info
 
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
Webinar: OPC UA Clients on Linux Systems with InduSoft Web Studio-InduSoft Pr...
 

Recently uploaded

Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionDr.Costas Sachpazis
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AIabhishek36461
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 

Recently uploaded (20)

Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
🔝9953056974🔝!!-YOUNG call girls in Rajendra Nagar Escort rvice Shot 2000 nigh...
 
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective IntroductionSachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
Sachpazis Costas: Geotechnical Engineering: A student's Perspective Introduction
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Past, Present and Future of Generative AI
Past, Present and Future of Generative AIPast, Present and Future of Generative AI
Past, Present and Future of Generative AI
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCRCall Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
Call Us -/9953056974- Call Girls In Vikaspuri-/- Delhi NCR
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
9953056974 Call Girls In South Ex, Escorts (Delhi) NCR.pdf
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 

An Overview of OPC UA Security

  • 1. © Utthunga Technologies Pvt. Ltd. 2020 An Overview of OPC UA Security Utthunga for OPC
  • 2. © Utthunga Technologies Pvt. Ltd. 2020 Company Overview Germany 500+ Professionals USA Japan 13 HQ & Development Centre Bangalore India © Utthunga Technologies Pvt. Ltd. 2020 SERVICES SOLUTIONSFOCUS Embedded Software & Hardware Product Engineering Digital Services Application Software Engineering Quality Engineering Process & Factory Power & Utilities IIoT, Cloud & Big Data Analytics Solutions Data Connectivity & Integration Solutions Custom Solutions Utthunga for OPC
  • 3. © Utthunga Technologies Pvt. Ltd. 2020 Industry Associations  Part of various Special Interest Groups (Technical Specifications, Architecture, Test & Certification and Marketing)  Involved in reference Application Architecture, Design and Development  Technology Outsourcing Partner  PROFIBUS and PROFINET Competency Center  FDT Test & Certification Center  Part of Global Expert/Certified Community https://opcfoundation.org/about/opc-foundation/experts/ https://www.profibus.com/pi-organization/certified-people/ Utthunga for OPC
  • 4. © Utthunga Technologies Pvt. Ltd. 2020 Speaker for Today  Sahan is a cyber-security specialist  6 years of experience in the industrial and security domain  Currently working in the R&D division at Utthunga  His proven areas of expertise are security testing and strategy, endpoint security, ethical hacking (VAPT), VMware virtualization, FDT/DTM and OPC UA  Sahan plays a critical role in Secure SDLC (SSDLC) and Secure DevOps implementation at Utthunga Sahan M Utthunga for OPC
  • 5. © Utthunga Technologies Pvt. Ltd. 2020 IIoT Era Utthunga for OPC
  • 6. © Utthunga Technologies Pvt. Ltd. 2020 Source: OPC Foundation Utthunga for OPC Machine to machine communication protocol for industrial automation developed by the OPC Foundation. OPC UA (Open Platform Communications United Architecture)
  • 7. © Utthunga Technologies Pvt. Ltd. 2020 Communication Requires more than Connectivity Reliable Secure Utthunga for OPC
  • 8. © Utthunga Technologies Pvt. Ltd. 2020 4. OPC UA Secure Data Connectivity 3. OPC UA Security Architecture 2. Security Objectives 1. OPC UA Security Focus 6. OPC UA Security Solutions for Attack Types 5. Secure Policies 7. Effectiveness of OPC UA Security Analysis 8. Recommendations Agenda Utthunga for OPC
  • 9. © Utthunga Technologies Pvt. Ltd. 2020 Data At Rest Data in ProcessData in Motion OPC UA Security Focus OPC UA Security - Focus Utthunga for OPC
  • 10. © Utthunga Technologies Pvt. Ltd. 2020 Security Objectives • Data only visible to intended recipients • Data is not modified • Data is available to authorized people when they need it • Identity of the people or systems is assured. • Controlled based on permissions • All requests and receipts of data are documented AAA CIA Utthunga for OPC
  • 11. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Architecture  OPC Unified Architecture uses a public key infrastructure to achieve secure communication.  A session in the Application Layer communicates over a Secure Channel that is created in the Communication Layer and relies upon it for secure communication.  The Communication Layer provides security mechanisms to meet Confidentiality, Integrity and application Authentication as security objectives. Source: OPC UA Spec. Security Model 1.04 Utthunga for OPC
  • 12. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Secure Data Connectivity  Supports enterprise wide secure data connectivity Mechanism Transport Two way One Way LAN WAN DMZ & Firewall E-to E Security Client- server TCP Y Y Y Y Y PubSub UDP Y Y Y Y PubSub MQTT Y Y Y Y Utthunga for OPC
  • 13. © Utthunga Technologies Pvt. Ltd. 2020 Secure OPC UA Data Exchange Across Firewalls  In-bound firewall ports to be closed as this minimizes threats of external attacks  NIST and NERC are recommending their members that all in-bound Firewall ports to be closed Utthunga for OPC
  • 14. © Utthunga Technologies Pvt. Ltd. 2020 Security Policies None No security Basic256Sha256 (Recommended) This policy option is enabled by default, acceptable and more likely to be supported by older applications. Aes128-Sha256-RsaOaep (Average) This policy option is enabled by default. It is faster than the most secure policies and offers good security. However, older applications will not support it. Aes256-Sha256-RsaPss (Recommended - Most Secure) This policy option is enabled by default. It is the most secure available; however, older applications will not support it. Basic256 (Deprecated) This policy has theoretical problems and is not recommended. Basic 128Rsa15 (Deprecated) This policy has known vulnerabilities and should not be used unless absolutely necessary. #PubSub-Aes 128-CTR Average security needs. #PubSub-Aes256-CTR High security needs.  OPC UA server should identify and support the security policies  OPC UA client will choose these security policies to connect the server Note: OPC Foundation deprecates the security policies and updates the support for policies to maintain the effective security policy Utthunga for OPC
  • 15. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Encryption  OPC UA addresses unauthorized disclosure of any sensitive information by doing encryption, when the data is in transit  OPC UA addresses Eavesdropping, which impacts Confidentiality directly Utthunga for OPC
  • 16. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Message Signing  The signing of messages prevent an unauthorized third party from changing the contents of a message  Signing a message helps to ensure the following:  Data Integrity – The message was not altered from its original form  Non-repudiation – The sender cannot deny the authenticity of the message they sent and signed  Proof of Origin – The message actually came from the legitimate sender  OPC UA addresses Message Spoofing, Message Alteration Information by signing the messages. Additionally, the messages will always include a valid Session ID, Secure Channel ID, Request ID, Timestamp, and Sequence No Utthunga for OPC
  • 17. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Application Authentication  OPC UA encounters Rogue server, session hijacking, and server profiling attacks by ensuring the application used is trusted and authorized by the user  Ensures that the application we are communicating to is trusted by having application Instance certificate  Authentication of applications  Application instance certificates  Certificate Authority (CA) Utthunga for OPC
  • 18. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : User Authentication and Authorization  OPC UA encounters Rogue server and session hijacking by ensuring only authenticated and authorized user is allowed to perform an action.  User Authentication can be done via  Username / password, WS-Security Token or X.509 certificates  Implemented into existing IAM infrastructures like Active Directory  Authorization will help to control access to the specific operations and information.  Authorization (Server Specific)  Fine-granular information in address space (Read, Write, Browse)  Writing of meta data, calling methods Utthunga for OPC
  • 19. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type: Availability  OPC UA encounter threats like Denial of service, message flooding attack (Bandwidth approach, Resource approach)  OPC UA Servers reject the sessions that exceed their specified maximum number  Minimize processing of packets before they are authenticated  Configure Alarm Incidents Utthunga for OPC
  • 20. © Utthunga Technologies Pvt. Ltd. 2020 OPC UA Security Solutions for Attack Type : Auditability  When multiple systems are communicating to the server then we can define what is important to us in terms of debugging and security and log those information  Auditability is very important and useful due to the aggregation feature of OPC servers that helps to communicate and established connections with multiple servers and/or establish different sessions for a channel with different vendors  Used for post analysis and forensic analysis especially when something goes wrong Utthunga for OPC
  • 21. © Utthunga Technologies Pvt. Ltd. 2020 Certificates  Ensures a secure communication channel between the OPC UA server and OPC UA client  The Public key of Server from its trusted certificate store are copied to Client trusted certificate store.  Similarly, The Public key of Client from its trusted certificate store are copied to Server trusted certificate store.  The OPC UA Server uses its private key to decrypt the encoded message Source: Beckhoff Utthunga for OPC
  • 22. © Utthunga Technologies Pvt. Ltd. 2020 Effectiveness of OPC UA Security Analysis  The OPC UA successfully passed these tests that were run for the German Federal Government (BSI). Utthunga for OPC
  • 23. © Utthunga Technologies Pvt. Ltd. 2020 Effectiveness of OPC UA Security Analysis Utthunga for OPC
  • 24. © Utthunga Technologies Pvt. Ltd. 2020 Utthunga for OPC  Define and include the security specific goals for your OPC product/application  Choose the right SDK  Secure SDL (Security Development Lifecycle)  Third-Party Libraries  Secure storing of Private keys  Certificates and user account management work flow  Get Certified by Foundation Test Lab  Security specific UpgradingPatching  Other General Security Aspects Security Recommendations for OEMS
  • 25. © Utthunga Technologies Pvt. Ltd. 2020 Utthunga for OPC  Opt for certified products application that support required security policies  Security specific UpgradingPatching  Certificates and user account management process & guidelines  Support  Other General Security Aspects Security Recommendations for End Users
  • 26. © Utthunga Technologies Pvt. Ltd. 2020 Security Recommendations  Do not leave your secrets lying around  Never store private keys or the corresponding certificate files (.pfx/p12) on an unencrypted file system  Do not automatically trust certificates  Do not accept connections, which do not provide the trusted certificates.  User Authentication  Avoid use of anonymous Identifiers  When this generic identifier is used, it is not possible to trace who has changed  Security Mode ‘None’ should not be used  It does not provide any protection  The Security Mode used should be ‘SignAndEncrypt’ or ‘Sign’  Instead ‘SignAndEncrypt’ or ‘Sign’ Security Mode should be used  Selection of cryptographic algorithms  At a minimum, the Security Policy ‘Basic256Sha256’ should be chosen provided its technically possible  Weaker security policies use outdated algorithms such as SHA-1 and should not be used  Managing and maintaining certificates  Use certificate trust lists and certificate revocation lists to manage valid certificates. Utthunga for OPC
  • 27. © Utthunga Technologies Pvt. Ltd. 2020 In a Nutshell Utthunga for OPC  OPC UA is Secure By Design  OPC UA allows different levels of security  OPC UA Security is standard based and developed with industry security experts from multiple company  Defense in Depth  Security as a reminder, OPC UA alone will not secure your systems.
  • 28. © Utthunga Technologies Pvt. Ltd. 2020© Utthunga Technologies Pvt. Ltd. 2020 Time for Audience Q&A Utthunga for OPC
  • 29. © Utthunga Technologies Pvt. Ltd. 2020 OPC – Upcoming Webinar Calendar 1. An Overview of OPC UA Security – 10th September, 2020 2. FDT/OPC UA – 30th September, 2020 Utthunga for OPC
  • 30. © Utthunga Technologies Pvt. Ltd. 2020 Utthunga Technologies Pvt. Ltd. No. 8, 27th Cross, 2nd Stage, Banashankari, Bangalore – 560 070 Phone: +91-80-68151900 Mail: contact@utthunga.com