SlideShare a Scribd company logo

CLASS 2016 - Palestra Márcio Santos

TI Safe
TI Safe

Palestra "Proteção de protocolos de comunicação industrial real time e seus impactos técnicos", realizada no dia 19/05/2016.

Technology
1 of 38
Download to read offline
Unrestricted / © Siemens AG 2016. All Rights Reserved. CLASS 2016 Protection of real time industrial communication protocols and its technical impacts Márcio Santos SIEMENS 19.05.2016
Unrestricted / © Siemens AG 2016. All Rights Reserved. Who we are? SIEMENS
Unrestricted / © Siemens AG 2016. All Rights Reserved. Global presence Close to customers all over the world 3 29% 21% Share of total worldwide €21.7 billion 73,500 Americas 36% 28% Share of total worldwide €27.6 billion 98,800 Europe (excluding Germany), CIS, Africa, Middle East15% 33% Share of total worldwide €11.2 billion 114,000 Germany 20% 18% Share of total worldwide €15.1 billion 61,500 Asia, Australia Revenue by customer location Employees as of September 30, 2015 All figures refer to continuing operations. CIS: Commonwealth of Independent States Today Mid term – 2020 Electrification Automation Digitalization Market development (illustrative)
Unrestricted / © Siemens AG 2016. All Rights Reserved. 168 years of innovation Milestones 2015 Somatom Force 2010 Biograph mMR 2013 PLM Software 1881 Electric streetcar 1985 ICE – top speed 300 km/h 1988 Megabit chip 1962 Thyristors for energy transmission 1974 Computed tomography scanner 1847 Werner von Siemens founds the company 1847 Pointer telegraph 1879 Electric train 1866 Dynamo 1840 1881 Telephone switchboard 1850 1860 1870 1880 1890 1900 1910 1920 1930 1940 1950 1960 1970 1980 1990 2000 2010 2020 1959 Simatic (electronic automation) 1953 High-purity silicon 1965 Integrated circuit 1958 Heart pacemaker 1935 Coaxial cable 1924 Traffic light 2009 World record gas turbine, 370 MW 2000 Wind turbine rotor blades in one cast 2000 syngo user interface 1939 Electron microscope 4
Unrestricted / © Siemens AG 2016. All Rights Reserved. Brazil presence Close to customers in a continental country At present, Siemens employs more than 7,000 employees in Brazil, with 12 manufacturing facilities, 7 R&D centers and 13 regional offices. 5
Unrestricted / © Siemens AG 2016. All Rights Reserved. 110 years of innovations Milestones 1867 1905 1922 1939 1955 1983 2005 2007 2009 2012 2013 2015 2016 2020 1867 Supply and installation of a telegraph line between Rio de Janeiro and Rio Grande do Sul. 1905 Founding of Cia. Brazileira de Eletricidade Siemens- Schuckertwerke, in Rio de Janeiro. 1922 Installation of Brazil's 1st automatic telephone office in Porto Alegre. 1939 Siemens inaugurates in São Paulo the 1st transformer plant in Brazil. 1955 Installation of Brazil's 1st automatic telephone office in Porto Alegre. 1983 Installation of the first of 18 generator rotors at the Itaipu Hydroelectric Power Plant/ 2005 Siemens celebrates its 100th anniversary in Brazil. 2007 Siemens inaugurates the largest Latin American energy equipment plant in Jundiai (São Paulo). 2009 Siemens’ first train modernization and assembly center of Latin America, in Cabreúva (São Paulo). 2012 Siemens inaugurates its diagnostic imaging equipment plant in Joinville 2013 Production and installation of Siemens' first wind turbines in Brazil (Trairi, Ceará). 2015 Siemens celebrates its 110th anniversary in Brazil 2016 Siemens Foundation celebrates its 30th anniversary 6
Unrestricted / © Siemens AG 2016. All Rights Reserved. Power Generation Services Flat and market driven organization along the value chain will capture growth opportunitiesDivisions(GlobalP&L) 1) Commonwealth of Independent States Managing Board Market Americas Global Healthcare Middle East, CIS1) Asia, Australia Europe, Africa Financial Services Power and Gas Wind Power and Renewables MobilityEnergy Management Building Technologies Digital Factory Process Industries and Drives Healthcare Separately managed Corporate CoreCorporate Services PG MOPS WP EM BT DF PD HC SFS Go-to-market 7
Unrestricted / © Siemens AG 2016. All Rights Reserved. Motivation: Real time protocols VS Security frameworks? Protection of real time industrial communication protocols
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication Vulnerability disclosures are headline news 9 Industrial Communications do not have any kind of self protection, says hacker during international Hacker Conference Hacking the Grid in 5 steps Hackers exploit SCADA holes to take full control of critical infrastructure
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication 5 Simple steps for a successful attack Control System Discrete and analog signals SCADA Server Invader Switch Now I know: - The temperature value - The communication relation Give me the temperature The temperature is 35 Give me the temperature The temperature is 35 Now I´m the Man-In-The-Middle - I can change the temperature 1. Gain network access 2. Sniffer the network packets 3. Discovery the communication relations 4. Redirect the communication traffic 5. Be happy and be ethical Man-in-the middle attack in 5 simple steps Powered by 10
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication Important questions regarding industrial communication Control System Discrete and analog signals SCADA Server Invader Switch Give me the temperature The temperature is 35 Give me the temperature The temperature is 35 1. No network access protection? 2. No data confidentially? 3. No data integrity? 4. No user authentication? 5. Is such configuration common? 5 important questions in this case: Powered by 11
Unrestricted / © Siemens AG 2016. All Rights Reserved. What is it? Real Time Control
Unrestricted / © Siemens AG 2016. All Rights Reserved. Home Example Reservoir level control Time(s) Level (L) Maximum level Minimum level Valve Opened Valve Closed Reaction Time Reaction Time Ops!!! Houston, we have a problem! 13
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Example From discrete signals to intelligent field devices A long time ago Not so long time ago Now and in the future 14 16 bit control Discrete and analog signals Backplane I/O Discrete and analog signals 32 bit control Industrial RS-485 Bus Communication Processors 64 bit control Ethernet Bus Intelligent field devices
Unrestricted / © Siemens AG 2016. All Rights Reserved. Application Layer HTTP SNMP Socket IP TCP/UDP Industrial Communications Vs Real Time Control How does it work using Ethernet networks? Sensor system PLCPC SNMP/OPC server Field DevicesPC Internet Explorer Real-time Communication Ethernet PLC Ethernet Cable ASIC/FPGA 15
Unrestricted / © Siemens AG 2016. All Rights Reserved. Sync 1 ms 1 µs Several cycles frozen on the oscilloscope Industrial Communications Vs Real Time Control What are the influences of the network latency in control system? 1 µs jitter 16
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Differente solutions for different challenges for different factories - Real time - Determinism TCP/IP Até 31.25 msUp to 250 ms Real-time Isochronous real-time 10 ms 100ms 10ms Cycle time 1 ms ApplicationCommunication Layers Performance reservesProduction Line Tool Machine Print Machines Packing Machines Storage & Logistics Press Robot Layer 2 17
Unrestricted / © Siemens AG 2016. All Rights Reserved. How to protect real time industrial networks? Industrial Communications
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications The Defense in Depth Concept in Detail DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Potential Attack Plant Security Physical Security • Physical access to facilities and equipment Policies & procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security cells & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementation of Firewalls as the only access point to a security cell System Integrity System hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware detection and prevention • Anti Virus and Whitelisting
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) Typical Layer 3/4 network PLC Firewall Trusted network Untrusted network 192.168.0.2 192.168.0.3 192.168.0.1 Expected cycle time: 10~20ms Firewall rules: Firewall considerations: - Typical latency: 0.5ms~5ms - Usually statefull firewall - Usually only supports layer 3/4 rules Has the firewall significative influences in the cycle time and in the system functionality? No at all in this case!!! Direction Source Destination Port Ext->Int 192.168.0.1 192.268.0.2 502 Ext->Int 192.168.0.1 192.268.0.3 502 20
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) Typical Layer 3/4 network 21 Firewall Trusted network Untrusted network Firewall overall performance depends on: - Hardware or software implementation - Others embedded functionalities (VPN, Router) - Costs (High-End vs Low-End solution) Source: DataCenters Firewall Comparative Analysis – NSS Labs – 2013
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) DPI (Data Package Inspection) Firewall Firewall rules (Layer 3/4): Direction Source Destination Port Ext->Int 192.168.0.1 192.268.0.2 502 Ext->Int 192.168.0.1 192.268.0.3 502 Firewall rules (Layer 7): Destination Register Read Write 192.168.0.2 50001 Allow Allow 192.168.0.3 50001 Allow Deny Firewall considerations: -The firewall must be able to recognize and interpret the frames, applying additional rules protection - Theoretically more time processing, but not so critical considering the expected cycle time Firewall Trusted network Untrusted network 192.168.0.2 192.168.0.3 Expected cycle time: 10~20ms 22
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layer 2) 23 Typical Layer 2 network PLC Firewall Trusted network Untrusted network 192.168.0.1 08-01-E1-00-FF-01 Expected cycle time: 31.25µs~1ms Firewall rules: Firewall considerations: - Typical latency: 0.5ms~5ms - Must to support layer 2 rules Has the firewall significative influences in the cycle time and in the system functionality? For sure!!! Direction Source Destination Service Type Ext->Int 08-01-E1-00-FF-01 08-01-E1-00-FF-02 ???? Ext->Int 08-01-E1-00-FF-01 08-01-E1-00-FF-03 ???? 192.168.0.2 08-01-E1-00-FF-02 192.168.0.3 08-01-E1-00-FF-03 This kind of solution is not feasible nowadays
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layer 2) 24 Typical Layer 2 network Firewall Challenges: - Unaccepted latency - Device replacement restrictions - Dynamics firewall rules - No DPI due to complex semantics So, it´s not possible to have a secure environment with industrial control systems due to performance and functionality restrictions? Yes, it is possible, but you have to design it properly!!! Firewall Trusted network Untrusted network Expected cycle time: 31.25µs~1ms 192.168.0.2 08-01-E1-00-FF-02 192.168.0.3 08-01-E1-00-FF-03
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications ISA-99/IEC-62443 protection recommendations (for all kind of networks)
Unrestricted / © Siemens AG 2016. All Rights Reserved. Secure Automation Cell Industrial Communications ISA-99/IEC-62443 protection recommendations (for all kind of networks) 26 Untrusted network Trusted network PLC Expected cycle time: 31.25µs~1ms Firewall Unsecure Environment Benefits - No influences in the internal and high performing communications - No restrictions in the control system functionalities - External access can be controlled in the perimeter protection - Can be used for monitoring system and engineering system - Even engineering functions based, on layer 2, can be used in this case
Unrestricted / © Siemens AG 2016. All Rights Reserved. Secure Automation Cell Industrial Communications ISA-99/IEC-62443 protection recommendations (cell to cell communication) Trusted network PLC Internal Communications - Reliable - High performance - Without restrictions Expected cycle time: 31.25µs~1ms Firewall Secure Automation Cell Trusted network Internal Communications - Reliable - High performance - Without restrictions Expected cycle time: 31.25µs~1ms PLCFirewall 27 Untrusted network Expected cycle time: 10~1000ms
Unrestricted / © Siemens AG 2016. All Rights Reserved. OPC UA - Unified Architecture Industrial Communications
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions 29 OPC History - success story Benefits of OPC UA - Open connectivity - Plug-and-Play - Interfaces available from multiple vendors - Easy to use - Secure by birth - Independent of HW/SW platform - Can be implemented in small devices
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions 30 Platform Independence OPC UA is designed to be independent of the platform Using SOAP/XML over HTTP, OPC UA can be deployed on Linux, Windows XP Embedded, VxWorks, Mac, Windows 7 and Classical Windows platforms. Access via Firewalls and across the Internet OPC UA uses message based security which means messages can be relayed through HTTP, UA TCP port or any other single port available.
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions OPC UA Client u@#r**ss0+Hello Public key of the server certificate Encryption Private key of the server certificate Decryption Hello HiHi j4#€*s@0+ Decryption Private key of the client certificate Public key of the client certificate Encryption OPC UA Server Sequence of encrypted communication Server and client encrypt their messages using the public keys of the partners. These then decrypt the message again with their private keys 31
Unrestricted / © Siemens AG 2016. All Rights Reserved. OPC UA + PROFINET The backbone of Industry 4.0 Industrial Communications
Unrestricted / © Siemens AG 2016. All Rights Reserved. Digital Enterprise The practical way to Industry 4.0 33
Unrestricted / © Siemens AG 2016. All Rights Reserved. Expected cycle time: 10~1000ms Industrial Communications OPC UA + PROFINET – The Best in class combination Secure Automation Cell Trusted network PLC Expected cycle time: 31.25µs~1ms Secure Automation Cell Trusted network Expected cycle time: 31.25µs~1ms PLC Intelligent Field Devices - PROFINET I/O Devices - OPC UA Servers - OPC UA Clients Intelligent Field Devices - PROFINET I/O Devices - OPC UA Servers - OPC UA Clients Intelligent Controllers - PROFINET I/O Controllers - OPC UA Servers - OPC UA Clients Intelligent Controllers - PROFINET I/O Controllers - OPC UA Servers - OPC UA Clients Untrusted network Corporate Level Others Secure Automation Cells Firewall Firewall 34
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA + PROFINET In Action – ICS Village – CLASS 2016 PLC Firewall Access Point Firewall Access Point SCADA SERVER Firewall OPC UA SERVER DMZ BUS Process BUS Corporate BUS OPC UA CLIENT 35
Unrestricted / © Siemens AG 2016. All Rights Reserved. Summary Industrial Communications
Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Summary for Overall cycle time and system functionality must be taken into account while design cyber security systems PROFINET is the market leader industrial automation protocol based on Ethernet network. Achieving cycles times of 31.25µs with 1µs jitter OPC UA is a trend setter protocol in terms of automation connectivity (non real time) and it has embedded cyber security mechanisms + PROFINET + OPC UA is the best in class combination driving perfect solutions for real time applications and connectivity in the whole factory. This combination makes possible to create high flexible automation networks without compromising the cyber security aspects 37
Unrestricted / © Siemens AG 2016. All Rights Reserved. Márcio Santos Technical Consultant SIEMENS Brazil Phone: +55(11) 9 7244-0552 E-Mail: marcio.santos@siemens.com Visit us during the CLASS 2016 and take advantage to see a real control system in action and its protection layers provided by different vendors. Thank you for your attention! 5/27/2016

Recommended

CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
TI Safe
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
TI Safe
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
TI Safe
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
TI Safe
 
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
TI Safe
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
TI Safe
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
 

Recommended

CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
TI Safe
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
TI Safe
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
TI Safe
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
TI Safe
 
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
TI Safe
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
TI Safe
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
Derek Harp
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
TI Safe
 
TI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity TrainingTI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity Training
TI Safe
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
RoutecoMarketing
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス
chomchana trevai
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
Digital Bond
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
Shah Sheikh
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
majolic
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
Shah Sheikh
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Digital Bond
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
Cpu226
Cpu226Cpu226
Cpu226
Slamet Pambudi
 
Control systems for mobile vehicles
Control systems for mobile vehiclesControl systems for mobile vehicles
Control systems for mobile vehicles
ifm electronic gmbh
 

More Related Content

What's hot

CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
TI Safe
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
TI Safe
 
TI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity TrainingTI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity Training
TI Safe
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
PECB
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
RoutecoMarketing
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス
chomchana trevai
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
Jeffrey Wang , P.Eng
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
Digital Bond
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
Tonex
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
Shah Sheikh
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
majolic
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
Shah Sheikh
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
MarketingArrowECS_CZ
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Digital Bond
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 

What's hot (20)

CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
Ignite 2019
Ignite 2019Ignite 2019
Ignite 2019
 
TI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity TrainingTI Safe ICS Cybersecurity Training
TI Safe ICS Cybersecurity Training
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス第7回VEC制御システムサイバーセキュリティカンファレンス
第7回VEC制御システムサイバーセキュリティカンファレンス
 
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
PECB Webinar: ICS Security Management System using ISO 27001 Standard as the ...
 
Securing SCADA
Securing SCADA Securing SCADA
Securing SCADA
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
PT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrolPT-DTS SCADA Security using MaxPatrol
PT-DTS SCADA Security using MaxPatrol
 
Symantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucíSymantec: čas přítomný a budoucí
Symantec: čas přítomný a budoucí
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 

Similar to CLASS 2016 - Palestra Márcio Santos

Cpu226
Cpu226Cpu226
Cpu226
Slamet Pambudi
 
Control systems for mobile vehicles
Control systems for mobile vehiclesControl systems for mobile vehicles
Control systems for mobile vehicles
ifm electronic gmbh
 
Siemens simatic st 70 news 2006, simatic s7
Siemens simatic st 70 news 2006, simatic s7Siemens simatic st 70 news 2006, simatic s7
Siemens simatic st 70 news 2006, simatic s7
Dien Ha The
 
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ONINDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
Ankitkumar Patel
 
Siemens and MES (Manufacturing Execution System)
Siemens and MES (Manufacturing Execution System)Siemens and MES (Manufacturing Execution System)
Siemens and MES (Manufacturing Execution System)
Vera Leonik-Shilyaeva
 
The value of the platform play in real world use cases Software AG cwin18 tou...
The value of the platform play in real world use cases Software AG cwin18 tou...The value of the platform play in real world use cases Software AG cwin18 tou...
The value of the platform play in real world use cases Software AG cwin18 tou...
Capgemini
 
Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2
Dien Ha The
 
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
Dien Ha The
 
Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2
Dien Ha The
 
Siemens win cc manual pcs 7 runtime
Siemens win cc manual pcs 7 runtimeSiemens win cc manual pcs 7 runtime
Siemens win cc manual pcs 7 runtime
Dien Ha The
 
Designing Internet Of Things
Designing Internet Of ThingsDesigning Internet Of Things
Designing Internet Of Things
Jo Uthus
 
Simaticpcs7 stpcs7 t_complete_english_2013_web
Simaticpcs7 stpcs7 t_complete_english_2013_webSimaticpcs7 stpcs7 t_complete_english_2013_web
Simaticpcs7 stpcs7 t_complete_english_2013_web
Vahid RG-zadeh
 
Setpoint Process Automation Overview
Setpoint Process Automation OverviewSetpoint Process Automation Overview
Setpoint Process Automation Overview
Jonathan Hoy
 
PLC AND SCADA SYSTEM By Briight Industrial Solution
PLC AND SCADA SYSTEM By Briight Industrial SolutionPLC AND SCADA SYSTEM By Briight Industrial Solution
PLC AND SCADA SYSTEM By Briight Industrial Solution
IndiaMART InterMESH Limited
 
Siemens simatic simatic
Siemens simatic simaticSiemens simatic simatic
Siemens simatic simatic
Dien Ha The
 
9.peb arab
9.peb arab9.peb arab
9.peb arab
EITESANGO
 
Automatizacion de procesos PlantStruxure
Automatizacion de procesos PlantStruxureAutomatizacion de procesos PlantStruxure
Automatizacion de procesos PlantStruxure
Cristian Condor Carrión
 
Siemens simatic simatic pcs 7 3
Siemens simatic simatic pcs 7 3Siemens simatic simatic pcs 7 3
Siemens simatic simatic pcs 7 3
Dien Ha The
 
Cinterion - Brazil - Lab-Services
Cinterion - Brazil - Lab-ServicesCinterion - Brazil - Lab-Services
Cinterion - Brazil - Lab-Services
Luciano Cesar Alakija Palma
 
Who are CODRA?
Who are CODRA?Who are CODRA?
Who are CODRA?
James Burgess
 

Similar to CLASS 2016 - Palestra Márcio Santos (20)

Cpu226
Cpu226Cpu226
Cpu226
 
Control systems for mobile vehicles
Control systems for mobile vehiclesControl systems for mobile vehicles
Control systems for mobile vehicles
 
Siemens simatic st 70 news 2006, simatic s7
Siemens simatic st 70 news 2006, simatic s7Siemens simatic st 70 news 2006, simatic s7
Siemens simatic st 70 news 2006, simatic s7
 
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ONINDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
INDUSTRIAL AUTOMATION AND SECURITY SYSTEM BASED ON
 
Siemens and MES (Manufacturing Execution System)
Siemens and MES (Manufacturing Execution System)Siemens and MES (Manufacturing Execution System)
Siemens and MES (Manufacturing Execution System)
 
The value of the platform play in real world use cases Software AG cwin18 tou...
The value of the platform play in real world use cases Software AG cwin18 tou...The value of the platform play in real world use cases Software AG cwin18 tou...
The value of the platform play in real world use cases Software AG cwin18 tou...
 
Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2
 
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
Siemens simatic simatic pcs 7 standardcatalog st pcs 7 v6.1
 
Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2Siemens simatic simatic pcs 7 2
Siemens simatic simatic pcs 7 2
 
Siemens win cc manual pcs 7 runtime
Siemens win cc manual pcs 7 runtimeSiemens win cc manual pcs 7 runtime
Siemens win cc manual pcs 7 runtime
 
Designing Internet Of Things
Designing Internet Of ThingsDesigning Internet Of Things
Designing Internet Of Things
 
Simaticpcs7 stpcs7 t_complete_english_2013_web
Simaticpcs7 stpcs7 t_complete_english_2013_webSimaticpcs7 stpcs7 t_complete_english_2013_web
Simaticpcs7 stpcs7 t_complete_english_2013_web
 
Setpoint Process Automation Overview
Setpoint Process Automation OverviewSetpoint Process Automation Overview
Setpoint Process Automation Overview
 
PLC AND SCADA SYSTEM By Briight Industrial Solution
PLC AND SCADA SYSTEM By Briight Industrial SolutionPLC AND SCADA SYSTEM By Briight Industrial Solution
PLC AND SCADA SYSTEM By Briight Industrial Solution
 
Siemens simatic simatic
Siemens simatic simaticSiemens simatic simatic
Siemens simatic simatic
 
9.peb arab
9.peb arab9.peb arab
9.peb arab
 
Automatizacion de procesos PlantStruxure
Automatizacion de procesos PlantStruxureAutomatizacion de procesos PlantStruxure
Automatizacion de procesos PlantStruxure
 
Siemens simatic simatic pcs 7 3
Siemens simatic simatic pcs 7 3Siemens simatic simatic pcs 7 3
Siemens simatic simatic pcs 7 3
 
Cinterion - Brazil - Lab-Services
Cinterion - Brazil - Lab-ServicesCinterion - Brazil - Lab-Services
Cinterion - Brazil - Lab-Services
 
Who are CODRA?
Who are CODRA?Who are CODRA?
Who are CODRA?
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
TI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 

Recently uploaded

Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
Safe Software
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
Neo4j
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
Chart Kalyan
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
Pablo Gómez Abajo
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
c5vrf27qcz
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 

Recently uploaded (20)

Essentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation ParametersEssentials of Automations: Exploring Attributes & Automation Parameters
Essentials of Automations: Exploring Attributes & Automation Parameters
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge GraphGraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
GraphRAG for LifeSciences Hands-On with the Clinical Knowledge Graph
 
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfHow to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdf
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
Mutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented ChatbotsMutation Testing for Task-Oriented Chatbots
Mutation Testing for Task-Oriented Chatbots
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
Artificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic WarfareArtificial Intelligence and Electronic Warfare
Artificial Intelligence and Electronic Warfare
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Y-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PPY-Combinator seed pitch deck template PP
Y-Combinator seed pitch deck template PP
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 

CLASS 2016 - Palestra Márcio Santos

  • 1. Unrestricted / © Siemens AG 2016. All Rights Reserved. CLASS 2016 Protection of real time industrial communication protocols and its technical impacts Márcio Santos SIEMENS 19.05.2016
  • 2. Unrestricted / © Siemens AG 2016. All Rights Reserved. Who we are? SIEMENS
  • 3. Unrestricted / © Siemens AG 2016. All Rights Reserved. Global presence Close to customers all over the world 3 29% 21% Share of total worldwide €21.7 billion 73,500 Americas 36% 28% Share of total worldwide €27.6 billion 98,800 Europe (excluding Germany), CIS, Africa, Middle East15% 33% Share of total worldwide €11.2 billion 114,000 Germany 20% 18% Share of total worldwide €15.1 billion 61,500 Asia, Australia Revenue by customer location Employees as of September 30, 2015 All figures refer to continuing operations. CIS: Commonwealth of Independent States Today Mid term – 2020 Electrification Automation Digitalization Market development (illustrative)
  • 4. Unrestricted / © Siemens AG 2016. All Rights Reserved. 168 years of innovation Milestones 2015 Somatom Force 2010 Biograph mMR 2013 PLM Software 1881 Electric streetcar 1985 ICE – top speed 300 km/h 1988 Megabit chip 1962 Thyristors for energy transmission 1974 Computed tomography scanner 1847 Werner von Siemens founds the company 1847 Pointer telegraph 1879 Electric train 1866 Dynamo 1840 1881 Telephone switchboard 1850 1860 1870 1880 1890 1900 1910 1920 1930 1940 1950 1960 1970 1980 1990 2000 2010 2020 1959 Simatic (electronic automation) 1953 High-purity silicon 1965 Integrated circuit 1958 Heart pacemaker 1935 Coaxial cable 1924 Traffic light 2009 World record gas turbine, 370 MW 2000 Wind turbine rotor blades in one cast 2000 syngo user interface 1939 Electron microscope 4
  • 5. Unrestricted / © Siemens AG 2016. All Rights Reserved. Brazil presence Close to customers in a continental country At present, Siemens employs more than 7,000 employees in Brazil, with 12 manufacturing facilities, 7 R&D centers and 13 regional offices. 5
  • 6. Unrestricted / © Siemens AG 2016. All Rights Reserved. 110 years of innovations Milestones 1867 1905 1922 1939 1955 1983 2005 2007 2009 2012 2013 2015 2016 2020 1867 Supply and installation of a telegraph line between Rio de Janeiro and Rio Grande do Sul. 1905 Founding of Cia. Brazileira de Eletricidade Siemens- Schuckertwerke, in Rio de Janeiro. 1922 Installation of Brazil's 1st automatic telephone office in Porto Alegre. 1939 Siemens inaugurates in São Paulo the 1st transformer plant in Brazil. 1955 Installation of Brazil's 1st automatic telephone office in Porto Alegre. 1983 Installation of the first of 18 generator rotors at the Itaipu Hydroelectric Power Plant/ 2005 Siemens celebrates its 100th anniversary in Brazil. 2007 Siemens inaugurates the largest Latin American energy equipment plant in Jundiai (São Paulo). 2009 Siemens’ first train modernization and assembly center of Latin America, in Cabreúva (São Paulo). 2012 Siemens inaugurates its diagnostic imaging equipment plant in Joinville 2013 Production and installation of Siemens' first wind turbines in Brazil (Trairi, Ceará). 2015 Siemens celebrates its 110th anniversary in Brazil 2016 Siemens Foundation celebrates its 30th anniversary 6
  • 7. Unrestricted / © Siemens AG 2016. All Rights Reserved. Power Generation Services Flat and market driven organization along the value chain will capture growth opportunitiesDivisions(GlobalP&L) 1) Commonwealth of Independent States Managing Board Market Americas Global Healthcare Middle East, CIS1) Asia, Australia Europe, Africa Financial Services Power and Gas Wind Power and Renewables MobilityEnergy Management Building Technologies Digital Factory Process Industries and Drives Healthcare Separately managed Corporate CoreCorporate Services PG MOPS WP EM BT DF PD HC SFS Go-to-market 7
  • 8. Unrestricted / © Siemens AG 2016. All Rights Reserved. Motivation: Real time protocols VS Security frameworks? Protection of real time industrial communication protocols
  • 9. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication Vulnerability disclosures are headline news 9 Industrial Communications do not have any kind of self protection, says hacker during international Hacker Conference Hacking the Grid in 5 steps Hackers exploit SCADA holes to take full control of critical infrastructure
  • 10. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication 5 Simple steps for a successful attack Control System Discrete and analog signals SCADA Server Invader Switch Now I know: - The temperature value - The communication relation Give me the temperature The temperature is 35 Give me the temperature The temperature is 35 Now I´m the Man-In-The-Middle - I can change the temperature 1. Gain network access 2. Sniffer the network packets 3. Discovery the communication relations 4. Redirect the communication traffic 5. Be happy and be ethical Man-in-the middle attack in 5 simple steps Powered by 10
  • 11. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communication Important questions regarding industrial communication Control System Discrete and analog signals SCADA Server Invader Switch Give me the temperature The temperature is 35 Give me the temperature The temperature is 35 1. No network access protection? 2. No data confidentially? 3. No data integrity? 4. No user authentication? 5. Is such configuration common? 5 important questions in this case: Powered by 11
  • 12. Unrestricted / © Siemens AG 2016. All Rights Reserved. What is it? Real Time Control
  • 13. Unrestricted / © Siemens AG 2016. All Rights Reserved. Home Example Reservoir level control Time(s) Level (L) Maximum level Minimum level Valve Opened Valve Closed Reaction Time Reaction Time Ops!!! Houston, we have a problem! 13
  • 14. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Example From discrete signals to intelligent field devices A long time ago Not so long time ago Now and in the future 14 16 bit control Discrete and analog signals Backplane I/O Discrete and analog signals 32 bit control Industrial RS-485 Bus Communication Processors 64 bit control Ethernet Bus Intelligent field devices
  • 15. Unrestricted / © Siemens AG 2016. All Rights Reserved. Application Layer HTTP SNMP Socket IP TCP/UDP Industrial Communications Vs Real Time Control How does it work using Ethernet networks? Sensor system PLCPC SNMP/OPC server Field DevicesPC Internet Explorer Real-time Communication Ethernet PLC Ethernet Cable ASIC/FPGA 15
  • 16. Unrestricted / © Siemens AG 2016. All Rights Reserved. Sync 1 ms 1 µs Several cycles frozen on the oscilloscope Industrial Communications Vs Real Time Control What are the influences of the network latency in control system? 1 µs jitter 16
  • 17. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Differente solutions for different challenges for different factories - Real time - Determinism TCP/IP Até 31.25 msUp to 250 ms Real-time Isochronous real-time 10 ms 100ms 10ms Cycle time 1 ms ApplicationCommunication Layers Performance reservesProduction Line Tool Machine Print Machines Packing Machines Storage & Logistics Press Robot Layer 2 17
  • 18. Unrestricted / © Siemens AG 2016. All Rights Reserved. How to protect real time industrial networks? Industrial Communications
  • 19. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications The Defense in Depth Concept in Detail DCS/ SCADA* *DCS: Distributed Control System SCADA: Supervisory Control and Data Acquisition Potential Attack Plant Security Physical Security • Physical access to facilities and equipment Policies & procedures • Security management processes • Operational Guidelines • Business Continuity Management & Disaster Recovery Network Security Security cells & DMZ • Secure architecture based on network segmentation Firewalls and VPN • Implementation of Firewalls as the only access point to a security cell System Integrity System hardening • Adapting system to be secure by default User Account Management • Access control based on user rights and privileges Patch Management • Regular implementation of patches and updates Malware detection and prevention • Anti Virus and Whitelisting
  • 20. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) Typical Layer 3/4 network PLC Firewall Trusted network Untrusted network 192.168.0.2 192.168.0.3 192.168.0.1 Expected cycle time: 10~20ms Firewall rules: Firewall considerations: - Typical latency: 0.5ms~5ms - Usually statefull firewall - Usually only supports layer 3/4 rules Has the firewall significative influences in the cycle time and in the system functionality? No at all in this case!!! Direction Source Destination Port Ext->Int 192.168.0.1 192.268.0.2 502 Ext->Int 192.168.0.1 192.268.0.3 502 20
  • 21. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) Typical Layer 3/4 network 21 Firewall Trusted network Untrusted network Firewall overall performance depends on: - Hardware or software implementation - Others embedded functionalities (VPN, Router) - Costs (High-End vs Low-End solution) Source: DataCenters Firewall Comparative Analysis – NSS Labs – 2013
  • 22. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layers 3/4) DPI (Data Package Inspection) Firewall Firewall rules (Layer 3/4): Direction Source Destination Port Ext->Int 192.168.0.1 192.268.0.2 502 Ext->Int 192.168.0.1 192.268.0.3 502 Firewall rules (Layer 7): Destination Register Read Write 192.168.0.2 50001 Allow Allow 192.168.0.3 50001 Allow Deny Firewall considerations: -The firewall must be able to recognize and interpret the frames, applying additional rules protection - Theoretically more time processing, but not so critical considering the expected cycle time Firewall Trusted network Untrusted network 192.168.0.2 192.168.0.3 Expected cycle time: 10~20ms 22
  • 23. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layer 2) 23 Typical Layer 2 network PLC Firewall Trusted network Untrusted network 192.168.0.1 08-01-E1-00-FF-01 Expected cycle time: 31.25µs~1ms Firewall rules: Firewall considerations: - Typical latency: 0.5ms~5ms - Must to support layer 2 rules Has the firewall significative influences in the cycle time and in the system functionality? For sure!!! Direction Source Destination Service Type Ext->Int 08-01-E1-00-FF-01 08-01-E1-00-FF-02 ???? Ext->Int 08-01-E1-00-FF-01 08-01-E1-00-FF-03 ???? 192.168.0.2 08-01-E1-00-FF-02 192.168.0.3 08-01-E1-00-FF-03 This kind of solution is not feasible nowadays
  • 24. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Protection of real time networks (based on layer 2) 24 Typical Layer 2 network Firewall Challenges: - Unaccepted latency - Device replacement restrictions - Dynamics firewall rules - No DPI due to complex semantics So, it´s not possible to have a secure environment with industrial control systems due to performance and functionality restrictions? Yes, it is possible, but you have to design it properly!!! Firewall Trusted network Untrusted network Expected cycle time: 31.25µs~1ms 192.168.0.2 08-01-E1-00-FF-02 192.168.0.3 08-01-E1-00-FF-03
  • 25. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications ISA-99/IEC-62443 protection recommendations (for all kind of networks)
  • 26. Unrestricted / © Siemens AG 2016. All Rights Reserved. Secure Automation Cell Industrial Communications ISA-99/IEC-62443 protection recommendations (for all kind of networks) 26 Untrusted network Trusted network PLC Expected cycle time: 31.25µs~1ms Firewall Unsecure Environment Benefits - No influences in the internal and high performing communications - No restrictions in the control system functionalities - External access can be controlled in the perimeter protection - Can be used for monitoring system and engineering system - Even engineering functions based, on layer 2, can be used in this case
  • 27. Unrestricted / © Siemens AG 2016. All Rights Reserved. Secure Automation Cell Industrial Communications ISA-99/IEC-62443 protection recommendations (cell to cell communication) Trusted network PLC Internal Communications - Reliable - High performance - Without restrictions Expected cycle time: 31.25µs~1ms Firewall Secure Automation Cell Trusted network Internal Communications - Reliable - High performance - Without restrictions Expected cycle time: 31.25µs~1ms PLCFirewall 27 Untrusted network Expected cycle time: 10~1000ms
  • 28. Unrestricted / © Siemens AG 2016. All Rights Reserved. OPC UA - Unified Architecture Industrial Communications
  • 29. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions 29 OPC History - success story Benefits of OPC UA - Open connectivity - Plug-and-Play - Interfaces available from multiple vendors - Easy to use - Secure by birth - Independent of HW/SW platform - Can be implemented in small devices
  • 30. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions 30 Platform Independence OPC UA is designed to be independent of the platform Using SOAP/XML over HTTP, OPC UA can be deployed on Linux, Windows XP Embedded, VxWorks, Mac, Windows 7 and Classical Windows platforms. Access via Firewalls and across the Internet OPC UA uses message based security which means messages can be relayed through HTTP, UA TCP port or any other single port available.
  • 31. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA – The first industrial protocol with enhanced security functions OPC UA Client u@#r**ss0+Hello Public key of the server certificate Encryption Private key of the server certificate Decryption Hello HiHi j4#€*s@0+ Decryption Private key of the client certificate Public key of the client certificate Encryption OPC UA Server Sequence of encrypted communication Server and client encrypt their messages using the public keys of the partners. These then decrypt the message again with their private keys 31
  • 32. Unrestricted / © Siemens AG 2016. All Rights Reserved. OPC UA + PROFINET The backbone of Industry 4.0 Industrial Communications
  • 33. Unrestricted / © Siemens AG 2016. All Rights Reserved. Digital Enterprise The practical way to Industry 4.0 33
  • 34. Unrestricted / © Siemens AG 2016. All Rights Reserved. Expected cycle time: 10~1000ms Industrial Communications OPC UA + PROFINET – The Best in class combination Secure Automation Cell Trusted network PLC Expected cycle time: 31.25µs~1ms Secure Automation Cell Trusted network Expected cycle time: 31.25µs~1ms PLC Intelligent Field Devices - PROFINET I/O Devices - OPC UA Servers - OPC UA Clients Intelligent Field Devices - PROFINET I/O Devices - OPC UA Servers - OPC UA Clients Intelligent Controllers - PROFINET I/O Controllers - OPC UA Servers - OPC UA Clients Intelligent Controllers - PROFINET I/O Controllers - OPC UA Servers - OPC UA Clients Untrusted network Corporate Level Others Secure Automation Cells Firewall Firewall 34
  • 35. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications OPC UA + PROFINET In Action – ICS Village – CLASS 2016 PLC Firewall Access Point Firewall Access Point SCADA SERVER Firewall OPC UA SERVER DMZ BUS Process BUS Corporate BUS OPC UA CLIENT 35
  • 36. Unrestricted / © Siemens AG 2016. All Rights Reserved. Summary Industrial Communications
  • 37. Unrestricted / © Siemens AG 2016. All Rights Reserved. Industrial Communications Summary for Overall cycle time and system functionality must be taken into account while design cyber security systems PROFINET is the market leader industrial automation protocol based on Ethernet network. Achieving cycles times of 31.25µs with 1µs jitter OPC UA is a trend setter protocol in terms of automation connectivity (non real time) and it has embedded cyber security mechanisms + PROFINET + OPC UA is the best in class combination driving perfect solutions for real time applications and connectivity in the whole factory. This combination makes possible to create high flexible automation networks without compromising the cyber security aspects 37
  • 38. Unrestricted / © Siemens AG 2016. All Rights Reserved. Márcio Santos Technical Consultant SIEMENS Brazil Phone: +55(11) 9 7244-0552 E-Mail: marcio.santos@siemens.com Visit us during the CLASS 2016 and take advantage to see a real control system in action and its protection layers provided by different vendors. Thank you for your attention! 5/27/2016