Cybersecurity of Physical Systems
•Download as PPTX, PDF•
0 likes•17 views
This document provides an overview of a course on Cyber Physical Systems Security. The course will explore security techniques for networks and control systems that integrate technologies like computers, PLCs, interfaces and microprocessor devices. It will examine real threats to industrial automation systems and explore standards-based approaches to protecting these systems. Students will learn about different types of attacks, vulnerability assessments, and techniques for securing networks of devices. The objectives are for students to understand SCADA/ICS components and applications, security guidelines, and how to differentiate and secure against various attacks.
Report
Share
Report
Share
Recommended
5 Things to Know about Safety and Security of Embedded Systems
1. A safe embedded system is one that is designed to prevent harm, damage, or loss of life from failures. It uses measures like fail-safe behavior, redundancy, clustering, and event logging to ensure predictable and reliable performance.
2. A secure embedded system protects data, access, and communication from unauthorized access. It employs provisions like threat prevention and detection, access controls, cryptography, firewalls, and regular security updates.
3. Both safe and secure systems are important, as safe systems in fields like transportation and automation could have catastrophic consequences if compromised by attacks. For now, the preferred approach is to isolate safe systems on separate networks.
Health information secuirty session 5 best practise in information security
This document outlines best practices for information security management and defense in depth. It discusses implementing security across multiple layers including personnel, procedural, technical, and physical controls. Specific controls mentioned include physical security measures, technical controls like encryption and access control lists, and administrative controls such as security policies, training, and disaster recovery plans. The document also provides best practices for protecting networks such as access controls, logging, patching, user education, policies, activity monitoring, and data breach response plans. Finally, it lists best practices for personal security including using antivirus software, strong passwords, locking computers in public, protecting personal information, limiting social media sharing, safe file downloads, and regular backups.
Health information security session 4 risk management
This document summarizes a presentation on vulnerability assessment and risk management. It defines key terms like vulnerability, exploit, and risk. It describes the process of conducting a vulnerability assessment including using scanning tools and not relying solely on automated results. The document also defines and compares qualitative and quantitative risk assessment approaches. It outlines the steps involved in qualitative risk assessment and describes different risk management strategies like mitigation, transference, avoidance, and acceptance.
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
An embedded system is a microprocessor-based computer hardware system with software designed to perform dedicated functions, either as an independent system or as a part of a large system. The core is an integrated circuit designed to perform real-time operation calculations.
Embedded systems use tailored operating systems or language platforms, especially where a real-time operating environment must be provided. With higher-level chip functions (such as those in SoCs), designers increasingly decide that systems are usually fast enough and can withstand subtle changes in response time, so real-time methods are suitable. In these cases, a streamlined version of the Linux operating system is usually deployed
Ways to prevent cyber-attacks on embedded systems:
Expect firmware to be updated regularly
integration with third-party security management systems
Secure communication
Limit access to embedded systems to a need-to-use basis
Tonex offers "Cybersecurity Applied to Embedded Systems, Cybersecurity Training"
Learn about the basics of embedded systems and network security applications to illustrate unique vulnerabilities that are commonly exploited. Methods and techniques to consider cyber security measures in the entire system life cycle and acquisition process.
Learn About:
Risk assessment methodologies
Failure analysis and using defensive tools to mitigate cyber risk and vulnerabilities
Weapon systems, missiles, smart weapons
Network Enabled Weapons (NEW)
UAVs, Communications systems
Industrial control systems
medical devices, robotics, smart grid
SCADA, Intelligent Electronic Devices (IED), PLCs
Learning Objectives:
Examining how to fit cybersecurity in embedded systems
Fundamentals of cybersecurity
Fundamentals of Embedded Systems
Fundamentals of embedded system product design cycle, project management, design for production, V&V and O&M
Embedded Systems Security Requirements
Fundamentals of hardware and firmware analysis and design in embedded design
Vulnerabilities in embedded systems
Embedded hardware and firmware analysis
Foundation knowledge of cyber security threats, risks, mitigation strategies applied to embedded systems
And many more..
Audience
Product/process designers and engineers
Developers working with embedded systems
Information security professionals
Application developers
Course Outline
Cybersecurity 101
Introduction to Embedded Systems
Embedded System Vulnerability Analysis
Exploiting Real Time Operating Systems
Securing Embedded Systems Interfaces and Protocols
Cybersecurity Attacks and Best Mitigation Practices for Embedded Systems
Case Study and Workshop
Learn More:
https://www.tonex.com/cybersecurity-applied-to-embedded-systems-cybersecurity-training/
Control System Cyber Security - A Different Approach
This excerpt was developed and presented by Emerson's Bob Huba at 63rd Annual Instrumentation Symposium for the Process Industries in January 2009.
Physical security
The document discusses the importance of physical security for protecting information systems. It covers various physical security controls for restricting access to facilities, including locks, ID badges, alarms, security cameras and fire suppression systems. The document also addresses the need to protect against threats from utilities failures, temperature fluctuations, water damage and theft of computing devices through measures like uninterruptible power supplies, air conditioning and physical access restrictions.
System Security Threats and Risks)
This document is a guide for the detailed development, selection implementation of information system and program level procedures to indicate the execution, effectiveness, and impact of security controls along with and other security associated activities.
Cscu module 01 foundations of security
Franklin downloaded free software that infected his system with malware. After installing the software, Franklin's system rebooted and started malfunctioning. The document discusses computer security risks for home users, including risks from computer attacks like malware infections and accidents that can cause physical damage. It also covers essential computer security topics like threats, vulnerabilities, security elements, and defenses that can help secure systems and information.
Recommended
5 Things to Know about Safety and Security of Embedded Systems
1. A safe embedded system is one that is designed to prevent harm, damage, or loss of life from failures. It uses measures like fail-safe behavior, redundancy, clustering, and event logging to ensure predictable and reliable performance.
2. A secure embedded system protects data, access, and communication from unauthorized access. It employs provisions like threat prevention and detection, access controls, cryptography, firewalls, and regular security updates.
3. Both safe and secure systems are important, as safe systems in fields like transportation and automation could have catastrophic consequences if compromised by attacks. For now, the preferred approach is to isolate safe systems on separate networks.
Health information secuirty session 5 best practise in information security
This document outlines best practices for information security management and defense in depth. It discusses implementing security across multiple layers including personnel, procedural, technical, and physical controls. Specific controls mentioned include physical security measures, technical controls like encryption and access control lists, and administrative controls such as security policies, training, and disaster recovery plans. The document also provides best practices for protecting networks such as access controls, logging, patching, user education, policies, activity monitoring, and data breach response plans. Finally, it lists best practices for personal security including using antivirus software, strong passwords, locking computers in public, protecting personal information, limiting social media sharing, safe file downloads, and regular backups.
Health information security session 4 risk management
This document summarizes a presentation on vulnerability assessment and risk management. It defines key terms like vulnerability, exploit, and risk. It describes the process of conducting a vulnerability assessment including using scanning tools and not relying solely on automated results. The document also defines and compares qualitative and quantitative risk assessment approaches. It outlines the steps involved in qualitative risk assessment and describes different risk management strategies like mitigation, transference, avoidance, and acceptance.
Cybersecurity Applied to Embedded Systems, Fundamentals of Embedded Systems a...
An embedded system is a microprocessor-based computer hardware system with software designed to perform dedicated functions, either as an independent system or as a part of a large system. The core is an integrated circuit designed to perform real-time operation calculations.
Embedded systems use tailored operating systems or language platforms, especially where a real-time operating environment must be provided. With higher-level chip functions (such as those in SoCs), designers increasingly decide that systems are usually fast enough and can withstand subtle changes in response time, so real-time methods are suitable. In these cases, a streamlined version of the Linux operating system is usually deployed
Ways to prevent cyber-attacks on embedded systems:
Expect firmware to be updated regularly
integration with third-party security management systems
Secure communication
Limit access to embedded systems to a need-to-use basis
Tonex offers "Cybersecurity Applied to Embedded Systems, Cybersecurity Training"
Learn about the basics of embedded systems and network security applications to illustrate unique vulnerabilities that are commonly exploited. Methods and techniques to consider cyber security measures in the entire system life cycle and acquisition process.
Learn About:
Risk assessment methodologies
Failure analysis and using defensive tools to mitigate cyber risk and vulnerabilities
Weapon systems, missiles, smart weapons
Network Enabled Weapons (NEW)
UAVs, Communications systems
Industrial control systems
medical devices, robotics, smart grid
SCADA, Intelligent Electronic Devices (IED), PLCs
Learning Objectives:
Examining how to fit cybersecurity in embedded systems
Fundamentals of cybersecurity
Fundamentals of Embedded Systems
Fundamentals of embedded system product design cycle, project management, design for production, V&V and O&M
Embedded Systems Security Requirements
Fundamentals of hardware and firmware analysis and design in embedded design
Vulnerabilities in embedded systems
Embedded hardware and firmware analysis
Foundation knowledge of cyber security threats, risks, mitigation strategies applied to embedded systems
And many more..
Audience
Product/process designers and engineers
Developers working with embedded systems
Information security professionals
Application developers
Course Outline
Cybersecurity 101
Introduction to Embedded Systems
Embedded System Vulnerability Analysis
Exploiting Real Time Operating Systems
Securing Embedded Systems Interfaces and Protocols
Cybersecurity Attacks and Best Mitigation Practices for Embedded Systems
Case Study and Workshop
Learn More:
https://www.tonex.com/cybersecurity-applied-to-embedded-systems-cybersecurity-training/
Control System Cyber Security - A Different Approach
This excerpt was developed and presented by Emerson's Bob Huba at 63rd Annual Instrumentation Symposium for the Process Industries in January 2009.
Physical security
The document discusses the importance of physical security for protecting information systems. It covers various physical security controls for restricting access to facilities, including locks, ID badges, alarms, security cameras and fire suppression systems. The document also addresses the need to protect against threats from utilities failures, temperature fluctuations, water damage and theft of computing devices through measures like uninterruptible power supplies, air conditioning and physical access restrictions.
System Security Threats and Risks)
This document is a guide for the detailed development, selection implementation of information system and program level procedures to indicate the execution, effectiveness, and impact of security controls along with and other security associated activities.
Cscu module 01 foundations of security
Franklin downloaded free software that infected his system with malware. After installing the software, Franklin's system rebooted and started malfunctioning. The document discusses computer security risks for home users, including risks from computer attacks like malware infections and accidents that can cause physical damage. It also covers essential computer security topics like threats, vulnerabilities, security elements, and defenses that can help secure systems and information.
Mini IT Security Assessment
The document describes a mini security assessment service that evaluates the security of a single system. The assessment tests network, system, and application vulnerabilities using the same tools as enterprise assessments. It documents any vulnerabilities found and how they could be exploited, and provides recommendations to remediate issues on the target system. The company also offers a full suite of other security services.
Malware is NOT Magic
The document discusses the need to rethink approaches to malware threats. It argues that malware is a vector for human attacks rather than a distinct problem, and that organizations should focus on making systems resilient through layered defenses, improved detection capabilities, and tools to ensure trust in software and hardware. The goal is to design systems that can survive a cyber attack without losing critical functions.
Software security engineering
This document discusses software security engineering. It covers security concepts like assets, vulnerabilities and threats. It discusses why security engineering is important to protect systems from malicious attackers. The document outlines security risk management processes like preliminary risk assessment. It also discusses designing systems for security through architectural choices that provide protection and distributing assets. The document concludes by covering system survivability through building resistance, recognition and recovery capabilities into systems.
Ch14-Software Engineering 9
This document summarizes key topics from a lecture on security engineering:
1. It discusses security engineering and management, risk assessment, and designing systems for security. Application security focuses on design while infrastructure security is a management problem.
2. It outlines guidelines for secure system design including basing decisions on security policies, avoiding single points of failure, balancing security and usability, validating all inputs, and designing for deployment and recoverability.
3. It also covers risk management, assessing threats, and designing architectures with layered protection and distributed assets to minimize the effects of attacks.
Cat21:Development Mangement Information Systems
Computer systems face security risks like trespassing, theft, alteration of information, and cyber crimes. To address these concerns, organizations must implement security measures to protect their data and systems. These include physical security of computer hardware, restricting access to data and software, using passwords and access codes, conducting security audits, and keeping backup files in secure locations away from the main system. Proper security controls and regular reviews are needed to safeguard computer systems and information from damage or unauthorized access.
Security management concepts and principles
The document discusses several key concepts in information security management including:
1. The Systems Security Engineering Capability Maturity Model (SSE-CMM) describes essential security engineering practices across the system lifecycle and aims to advance security as a mature discipline. It defines 5 capability levels.
2. Configuration management is important for securely managing changes to an organization's IT infrastructure and systems. It involves identifying configuration items, controlling changes, and reporting status.
3. The configuration management framework includes configuration items, change control, status reporting, and protection of items from unauthorized changes.
Physical Security
Physical security involves protecting computer systems and assets through multiple layers including access control, electronic surveillance, and security software. Access control uses mechanical and electronic systems like locks, gates, and electronic card readers to restrict access. Electronic surveillance includes alarm systems, sensors, and video surveillance/CCTV to monitor for unauthorized access. Security software such as antivirus, antispyware, and firewall programs help protect from malware and network attacks.
Application Security
John Rauser discusses appsec fundamentals and risk management approaches in software development. He outlines a "house of appsec" with pillars including secure coding, code review, threat modeling, and security testing. DevSecOps is discussed as integrating security practices into software development like planning, continuous integration/delivery, and monitoring operations. Various tools are listed that can aid different stages of the development lifecycle from code to deployment.
Self defending networks
This document discusses the need for self-defending networks to address evolving security threats. It notes that threats are now faster moving and more difficult to detect than in the past. Self-defending networks aim to identify threats, isolate infected devices, and reconfigure network resources automatically in response to attacks. They integrate security across all network aspects for a globally distributed defense.
Self Defending Network
The document describes a self-defending network (SDN) as a system that allows entities to reduce security risks by using existing infrastructure in new ways. An SDN aims to reduce windows of vulnerability, minimize the impact of attacks, and improve availability. It discusses why SDNs are needed due to evolving network attacks and outlines some of the key components of an SDN, including endpoint protection, admission control, infection containment, intelligent correlation and incident response, and application security measures.
Security Vulnerabilities in Modern Operating Systems
The Common Exposures and Vulnerabilities database has over 25 years of data on vulnerabilities in it. In this deck we dig through that database and use it to map out trends and general information on vulnerabilities in software in the last quarter century. For more information please visit our website: http://www.cisco.com/web/CA/index.html
Cyber Security vs.pdf
Cyber security involves protecting systems from attacks by implementing security measures and resolving issues. Ethical hacking takes an authorized approach to attempt gaining unauthorized access to systems to identify vulnerabilities. It involves duplicating hacker strategies with permission to find weaknesses before exploits. Both cyber security and ethical hacking work to improve security, but cyber security recognizes, resolves, and reports issues, while ethical hacking tries to breach security for testing to provide feedback on weaknesses.
Securing Nuclear Facilities
The document discusses the need for nuclear facilities to secure portable media devices due to threats of cyber attacks. It outlines regulations from the Nuclear Regulatory Commission requiring facilities to implement cyber security programs, including controlling portable media. The document recommends designing secure data workflows that incorporate user authentication, file scanning, and use of kiosks to scan all portable media before entering secure areas in order to establish multiple layers of protection against known and unknown threats.
Information security policy
This document outlines an information security policy for infrastructure hardening. It details procedures to minimize vulnerabilities through a hardening process. This includes installing systems as instructed, removing unnecessary software, disabling unused accounts and services, applying patches, conducting vulnerability scans, and configuring firewalls and antivirus software before deploying systems. Requirements specify how to approve, restrict, and manage software, passwords, firewalls, patching, and removable media to protect organizational assets.
Security & control in management information system
The document discusses security concepts in information systems including prevention of unauthorized access, modification, and deletion of information. It outlines unintentional threats like human error and intentional threats like criminal attacks. The goals of information security are prevention, detection, and response. Risks to applications and data include computer crime, hacking, cyber-theft, unauthorized work use, software piracy, and viruses/worms. Risks to hardware include natural disasters, blackouts, and vandalism. Major defense strategies are encryption, authentication, firewalls, email monitoring, antivirus software, backup files, security monitors, and biometric controls. The document also discusses disaster recovery, business recovery plans, and general controls to minimize errors and disasters.
Mobile Security Training, Mobile Device Security Training
This 3-day mobile security training course costs $2,199 and teaches attendees how to secure mobile devices and applications. The training covers mobile threats, vulnerabilities, and security features of platforms like iOS and Android. Attendees will learn techniques for securing mobile networks, applications, and data through encryption, authentication, and mobile device management best practices. The course is intended for security professionals and developers seeking to protect mobile assets within their organizations.
Software Security Testing
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
Technology: Built for Attack
: Dr. Emma Garrison-Alexander
With the expanding use of technology and the dependency on the Internet for most business and personal functions, the attack domain has expanded dramatically. Whether using a laptop, desktop, tablet, smartphone, or smart watch, significant vulnerabilities exist and will be exploited. Regardless of the device that is being used, it is subject to attack. These devices depend on infrastructures and applications that have their own weaknesses. This environment that most of us depend on everyday was built for attack.
IT Security for the Physical Security Professional
This document provides an overview of an IT security presentation for physical security professionals. The agenda includes introductions, an overview of IT security concepts and terminology, technical topics, and ways physical security professionals can help with IT security. Some key points covered include changing threats like identity theft and phishing, common attacks like man-in-the-middle and denial of service, and risks from things like laptop theft, wireless networks, and spyware. The presentation aims to help physical security professionals understand basic IT security principles and how they can support efforts to protect electronic information and networks.
5 Step Data Security Plan for Small Businesses
The following presentation presents a 5 step data security plan for small businesses. The plan is easy and inexpensive to implement, and it will provide you a strong plan to protect your proprietary company assets as well as your client's information. To learn more or to read the article, please visit http://www.wilkins-consulting.com/small-biz-security-plan.html.
Jb ia
Information security has evolved from securing physical access to mainframes during World War II to modern concerns over networked and digital assets. It began with physical controls but now addresses software, data, networks and more. Effective security requires balancing protection with reasonable access and is best achieved through a structured methodology like SecSDLC that considers security in all phases from analysis to maintenance. Information security seeks to preserve the confidentiality, integrity and availability of information through technical, operational and personnel countermeasures.
About the PresentationsThe presentations cover the objectives .docx
About the Presentations
The presentations cover the objectives found in the opening of each chapter.
All chapter objectives are listed in the beginning of each presentation.
You may customize the presentations to fit your class needs.
Some figures from the chapters are included. A complete set of images from the book can be found on the Instructor Resources disc.
1
Principles of Incident Response and Disaster Recovery, 2nd Edition
Chapter 01
An Overview of Information
Security and Risk Management
2
2
Objectives
Define and explain information security
Identify and explain the basic concepts of risk management
List and discuss the components of contingency planning
Describe the role of information security policy in the development of contingency plans
Principles of Incident Response and Disaster Recovery, 2nd Edition
3
3
Introduction
Contingency planning
Being ready for incidents and disasters
Example: 1/10 of one percent of online users
Allows for two and a half million potential attackers
Example: World Trade Center (WTC) organizations
Had contingency plans due to February 1993 attack
Example: 2008 Gartner report
2/3 of organizations invoked plans in prior two years
Information security includes contingency planning
Ensures confidentiality, integrity, availability of data
Principles of Incident Response and Disaster Recovery, 2nd Edition
4
4
Information Security
Committee on National Security Systems (CNSS) information security definition
Protection of information and its critical elements
Includes systems and hardware storing, transmitting information
Part of the CNSS model (evolved from C.I.A. triangle)
Conceptual framework for understanding security
Information security (InfoSec)
Protection of confidentiality, integrity, and availability of information
In storage, during processing, and during transmission
Principles of Incident Response and Disaster Recovery, 2nd Edition
5
5
Key Information Security Concepts
Threat: object, person, other entity posing potential risk of loss to an asset
Asset: organizational resource being protected
Logical or physical
Attack: attempt to cause damage to or compromise information of supporting systems
Arises from a threat; intentional or unintentional
Threat-agent: threat instance
Specific and identifiable; exploits asset vulnerabilities
Principles of Incident Response and Disaster Recovery, 2nd Edition
6
6
Key Information Security Concepts (cont’d.)
Vulnerability
Flaw or weakness in system security procedures, design, implementation, internal controls
Results in security breach or security policy violation
Well-known or latent
Exercised accidently or intentionally
Exploit: caused by threat-agent
Can exploit system or information through illegal use
Can create an exploit to target a specific vulnerability
Control/safeguard/countermeasure: prevent attack
Principles of Incident Response and Disaster Recovery, 2nd Edition
7
7
Key Information Security Concepts (cont’d.)
Princ.
More Related Content
What's hot
Mini IT Security Assessment
The document describes a mini security assessment service that evaluates the security of a single system. The assessment tests network, system, and application vulnerabilities using the same tools as enterprise assessments. It documents any vulnerabilities found and how they could be exploited, and provides recommendations to remediate issues on the target system. The company also offers a full suite of other security services.
Malware is NOT Magic
The document discusses the need to rethink approaches to malware threats. It argues that malware is a vector for human attacks rather than a distinct problem, and that organizations should focus on making systems resilient through layered defenses, improved detection capabilities, and tools to ensure trust in software and hardware. The goal is to design systems that can survive a cyber attack without losing critical functions.
Software security engineering
This document discusses software security engineering. It covers security concepts like assets, vulnerabilities and threats. It discusses why security engineering is important to protect systems from malicious attackers. The document outlines security risk management processes like preliminary risk assessment. It also discusses designing systems for security through architectural choices that provide protection and distributing assets. The document concludes by covering system survivability through building resistance, recognition and recovery capabilities into systems.
Ch14-Software Engineering 9
This document summarizes key topics from a lecture on security engineering:
1. It discusses security engineering and management, risk assessment, and designing systems for security. Application security focuses on design while infrastructure security is a management problem.
2. It outlines guidelines for secure system design including basing decisions on security policies, avoiding single points of failure, balancing security and usability, validating all inputs, and designing for deployment and recoverability.
3. It also covers risk management, assessing threats, and designing architectures with layered protection and distributed assets to minimize the effects of attacks.
Cat21:Development Mangement Information Systems
Computer systems face security risks like trespassing, theft, alteration of information, and cyber crimes. To address these concerns, organizations must implement security measures to protect their data and systems. These include physical security of computer hardware, restricting access to data and software, using passwords and access codes, conducting security audits, and keeping backup files in secure locations away from the main system. Proper security controls and regular reviews are needed to safeguard computer systems and information from damage or unauthorized access.
Security management concepts and principles
The document discusses several key concepts in information security management including:
1. The Systems Security Engineering Capability Maturity Model (SSE-CMM) describes essential security engineering practices across the system lifecycle and aims to advance security as a mature discipline. It defines 5 capability levels.
2. Configuration management is important for securely managing changes to an organization's IT infrastructure and systems. It involves identifying configuration items, controlling changes, and reporting status.
3. The configuration management framework includes configuration items, change control, status reporting, and protection of items from unauthorized changes.
Physical Security
Physical security involves protecting computer systems and assets through multiple layers including access control, electronic surveillance, and security software. Access control uses mechanical and electronic systems like locks, gates, and electronic card readers to restrict access. Electronic surveillance includes alarm systems, sensors, and video surveillance/CCTV to monitor for unauthorized access. Security software such as antivirus, antispyware, and firewall programs help protect from malware and network attacks.
Application Security
John Rauser discusses appsec fundamentals and risk management approaches in software development. He outlines a "house of appsec" with pillars including secure coding, code review, threat modeling, and security testing. DevSecOps is discussed as integrating security practices into software development like planning, continuous integration/delivery, and monitoring operations. Various tools are listed that can aid different stages of the development lifecycle from code to deployment.
Self defending networks
This document discusses the need for self-defending networks to address evolving security threats. It notes that threats are now faster moving and more difficult to detect than in the past. Self-defending networks aim to identify threats, isolate infected devices, and reconfigure network resources automatically in response to attacks. They integrate security across all network aspects for a globally distributed defense.
Self Defending Network
The document describes a self-defending network (SDN) as a system that allows entities to reduce security risks by using existing infrastructure in new ways. An SDN aims to reduce windows of vulnerability, minimize the impact of attacks, and improve availability. It discusses why SDNs are needed due to evolving network attacks and outlines some of the key components of an SDN, including endpoint protection, admission control, infection containment, intelligent correlation and incident response, and application security measures.
Security Vulnerabilities in Modern Operating Systems
The Common Exposures and Vulnerabilities database has over 25 years of data on vulnerabilities in it. In this deck we dig through that database and use it to map out trends and general information on vulnerabilities in software in the last quarter century. For more information please visit our website: http://www.cisco.com/web/CA/index.html
Cyber Security vs.pdf
Cyber security involves protecting systems from attacks by implementing security measures and resolving issues. Ethical hacking takes an authorized approach to attempt gaining unauthorized access to systems to identify vulnerabilities. It involves duplicating hacker strategies with permission to find weaknesses before exploits. Both cyber security and ethical hacking work to improve security, but cyber security recognizes, resolves, and reports issues, while ethical hacking tries to breach security for testing to provide feedback on weaknesses.
Securing Nuclear Facilities
The document discusses the need for nuclear facilities to secure portable media devices due to threats of cyber attacks. It outlines regulations from the Nuclear Regulatory Commission requiring facilities to implement cyber security programs, including controlling portable media. The document recommends designing secure data workflows that incorporate user authentication, file scanning, and use of kiosks to scan all portable media before entering secure areas in order to establish multiple layers of protection against known and unknown threats.
Information security policy
This document outlines an information security policy for infrastructure hardening. It details procedures to minimize vulnerabilities through a hardening process. This includes installing systems as instructed, removing unnecessary software, disabling unused accounts and services, applying patches, conducting vulnerability scans, and configuring firewalls and antivirus software before deploying systems. Requirements specify how to approve, restrict, and manage software, passwords, firewalls, patching, and removable media to protect organizational assets.
Security & control in management information system
The document discusses security concepts in information systems including prevention of unauthorized access, modification, and deletion of information. It outlines unintentional threats like human error and intentional threats like criminal attacks. The goals of information security are prevention, detection, and response. Risks to applications and data include computer crime, hacking, cyber-theft, unauthorized work use, software piracy, and viruses/worms. Risks to hardware include natural disasters, blackouts, and vandalism. Major defense strategies are encryption, authentication, firewalls, email monitoring, antivirus software, backup files, security monitors, and biometric controls. The document also discusses disaster recovery, business recovery plans, and general controls to minimize errors and disasters.
Mobile Security Training, Mobile Device Security Training
This 3-day mobile security training course costs $2,199 and teaches attendees how to secure mobile devices and applications. The training covers mobile threats, vulnerabilities, and security features of platforms like iOS and Android. Attendees will learn techniques for securing mobile networks, applications, and data through encryption, authentication, and mobile device management best practices. The course is intended for security professionals and developers seeking to protect mobile assets within their organizations.
Software Security Testing
The document discusses integrating software security into the software development lifecycle. It recommends addressing security as early as possible, including during the requirements phase by performing threat assessments and defining security requirements. During design, it suggests involving security experts, using threat modeling to understand risks, and implementing defenses like isolation, least privilege, and defense in depth. Throughout development and testing, it advises performing security reviews, testing, and activities to find and fix vulnerabilities before deployment.
Technology: Built for Attack
: Dr. Emma Garrison-Alexander
With the expanding use of technology and the dependency on the Internet for most business and personal functions, the attack domain has expanded dramatically. Whether using a laptop, desktop, tablet, smartphone, or smart watch, significant vulnerabilities exist and will be exploited. Regardless of the device that is being used, it is subject to attack. These devices depend on infrastructures and applications that have their own weaknesses. This environment that most of us depend on everyday was built for attack.
IT Security for the Physical Security Professional
This document provides an overview of an IT security presentation for physical security professionals. The agenda includes introductions, an overview of IT security concepts and terminology, technical topics, and ways physical security professionals can help with IT security. Some key points covered include changing threats like identity theft and phishing, common attacks like man-in-the-middle and denial of service, and risks from things like laptop theft, wireless networks, and spyware. The presentation aims to help physical security professionals understand basic IT security principles and how they can support efforts to protect electronic information and networks.
5 Step Data Security Plan for Small Businesses
The following presentation presents a 5 step data security plan for small businesses. The plan is easy and inexpensive to implement, and it will provide you a strong plan to protect your proprietary company assets as well as your client's information. To learn more or to read the article, please visit http://www.wilkins-consulting.com/small-biz-security-plan.html.
What's hot (20)
Security Vulnerabilities in Modern Operating Systems
Security Vulnerabilities in Modern Operating Systems
Security & control in management information system
Security & control in management information system
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Technology: Built for Attack
: Dr. Emma Garrison-Alexander
Technology: Built for Attack
: Dr. Emma Garrison-Alexander
IT Security for the Physical Security Professional
IT Security for the Physical Security Professional
Similar to Cybersecurity of Physical Systems
Jb ia
Information security has evolved from securing physical access to mainframes during World War II to modern concerns over networked and digital assets. It began with physical controls but now addresses software, data, networks and more. Effective security requires balancing protection with reasonable access and is best achieved through a structured methodology like SecSDLC that considers security in all phases from analysis to maintenance. Information security seeks to preserve the confidentiality, integrity and availability of information through technical, operational and personnel countermeasures.
About the PresentationsThe presentations cover the objectives .docx
About the Presentations
The presentations cover the objectives found in the opening of each chapter.
All chapter objectives are listed in the beginning of each presentation.
You may customize the presentations to fit your class needs.
Some figures from the chapters are included. A complete set of images from the book can be found on the Instructor Resources disc.
1
Principles of Incident Response and Disaster Recovery, 2nd Edition
Chapter 01
An Overview of Information
Security and Risk Management
2
2
Objectives
Define and explain information security
Identify and explain the basic concepts of risk management
List and discuss the components of contingency planning
Describe the role of information security policy in the development of contingency plans
Principles of Incident Response and Disaster Recovery, 2nd Edition
3
3
Introduction
Contingency planning
Being ready for incidents and disasters
Example: 1/10 of one percent of online users
Allows for two and a half million potential attackers
Example: World Trade Center (WTC) organizations
Had contingency plans due to February 1993 attack
Example: 2008 Gartner report
2/3 of organizations invoked plans in prior two years
Information security includes contingency planning
Ensures confidentiality, integrity, availability of data
Principles of Incident Response and Disaster Recovery, 2nd Edition
4
4
Information Security
Committee on National Security Systems (CNSS) information security definition
Protection of information and its critical elements
Includes systems and hardware storing, transmitting information
Part of the CNSS model (evolved from C.I.A. triangle)
Conceptual framework for understanding security
Information security (InfoSec)
Protection of confidentiality, integrity, and availability of information
In storage, during processing, and during transmission
Principles of Incident Response and Disaster Recovery, 2nd Edition
5
5
Key Information Security Concepts
Threat: object, person, other entity posing potential risk of loss to an asset
Asset: organizational resource being protected
Logical or physical
Attack: attempt to cause damage to or compromise information of supporting systems
Arises from a threat; intentional or unintentional
Threat-agent: threat instance
Specific and identifiable; exploits asset vulnerabilities
Principles of Incident Response and Disaster Recovery, 2nd Edition
6
6
Key Information Security Concepts (cont’d.)
Vulnerability
Flaw or weakness in system security procedures, design, implementation, internal controls
Results in security breach or security policy violation
Well-known or latent
Exercised accidently or intentionally
Exploit: caused by threat-agent
Can exploit system or information through illegal use
Can create an exploit to target a specific vulnerability
Control/safeguard/countermeasure: prevent attack
Principles of Incident Response and Disaster Recovery, 2nd Edition
7
7
Key Information Security Concepts (cont’d.)
Princ.
About the PresentationsThe presentations cover the objectives .docx
About the Presentations
The presentations cover the objectives found in the opening of each chapter.
All chapter objectives are listed in the beginning of each presentation.
You may customize the presentations to fit your class needs.
Some figures from the chapters are included. A complete set of images from the book can be found on the Instructor Resources disc.
1
Principles of Incident Response and Disaster Recovery, 2nd Edition
Chapter 01
An Overview of Information
Security and Risk Management
2
2
Objectives
Define and explain information security
Identify and explain the basic concepts of risk management
List and discuss the components of contingency planning
Describe the role of information security policy in the development of contingency plans
Principles of Incident Response and Disaster Recovery, 2nd Edition
3
3
Introduction
Contingency planning
Being ready for incidents and disasters
Example: 1/10 of one percent of online users
Allows for two and a half million potential attackers
Example: World Trade Center (WTC) organizations
Had contingency plans due to February 1993 attack
Example: 2008 Gartner report
2/3 of organizations invoked plans in prior two years
Information security includes contingency planning
Ensures confidentiality, integrity, availability of data
Principles of Incident Response and Disaster Recovery, 2nd Edition
4
4
Information Security
Committee on National Security Systems (CNSS) information security definition
Protection of information and its critical elements
Includes systems and hardware storing, transmitting information
Part of the CNSS model (evolved from C.I.A. triangle)
Conceptual framework for understanding security
Information security (InfoSec)
Protection of confidentiality, integrity, and availability of information
In storage, during processing, and during transmission
Principles of Incident Response and Disaster Recovery, 2nd Edition
5
5
Key Information Security Concepts
Threat: object, person, other entity posing potential risk of loss to an asset
Asset: organizational resource being protected
Logical or physical
Attack: attempt to cause damage to or compromise information of supporting systems
Arises from a threat; intentional or unintentional
Threat-agent: threat instance
Specific and identifiable; exploits asset vulnerabilities
Principles of Incident Response and Disaster Recovery, 2nd Edition
6
6
Key Information Security Concepts (cont’d.)
Vulnerability
Flaw or weakness in system security procedures, design, implementation, internal controls
Results in security breach or security policy violation
Well-known or latent
Exercised accidently or intentionally
Exploit: caused by threat-agent
Can exploit system or information through illegal use
Can create an exploit to target a specific vulnerability
Control/safeguard/countermeasure: prevent attack
Principles of Incident Response and Disaster Recovery, 2nd Edition
7
7
Key Information Security Concepts (cont’d.)
Princ.
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
QA&TEST Conference 2011, Spain - Shakeel Ali, 10th International Conference on Software QA and Testing on Embedded Systems
PPT0-Computer Security Concepts.pptx
The document summarizes key concepts from the book "Computer Security: Principles and Practice" by Stallings, Brown, and Bauer. It defines computer security as measures that ensure confidentiality, integrity, and availability of information systems. It outlines threats to computer security like unauthorized disclosure, deception, disruption, and usurpation. It also defines security terminology like attacks, vulnerabilities, risks, and countermeasures. The document presents models for understanding computer security and the relationships between threats, vulnerabilities, attacks, and assets.
Network Security
This document provides an overview of a computer and network security course. It discusses what topics will and won't be covered, including security threats, protocols, cryptography, and practical security issues but not advanced cryptography or computer networks. It also defines key security concepts like the CIA triad of confidentiality, integrity and availability. Additional topics covered include security attacks, services, and mechanisms like encryption, authentication, access control and intrusion detection.
Intro
This document provides an overview of a computer and network security course. It discusses what topics will and won't be covered, including security threats, protocols, cryptography, and practical security issues but not advanced cryptography or computer networks. It also defines key security concepts like the CIA triad of confidentiality, integrity and availability. Additional topics covered include security attacks, services, and mechanisms like encryption, authentication, access control and intrusion detection.
Computing safety
This document discusses computer security and cybersecurity. It defines computer security and outlines common vulnerabilities and attacks such as backdoors, direct access attacks, eavesdropping, phishing, and clickjacking. It discusses systems that are at risk and the impact of security breaches. It covers attacker motivations and outlines some common computer protection countermeasures like security by design, security architecture, and vulnerability management. It provides examples of some notable attacks and breaches and discusses legal issues and the growing job market for cybersecurity professionals.
Ch2 Introduction to Information Security (3).pdf
This document provides an overview of information security concepts including: the history of computer security evolving into information security; key terms like availability, integrity, and confidentiality; components of an information system; approaches to implementing security like top-down and bottom-up; and the security systems development life cycle with phases like investigation, analysis, design, implementation, and maintenance. It also outlines security professionals' roles in an organization.
Chapter 1 overview
This document provides an overview of network security threats and concepts. It discusses the rationale for network security, including increased internet connectivity, cybercrime, legislation/liabilities, and the proliferation and sophistication of threats. It describes the goals of information security programs to ensure confidentiality, integrity and availability. It also discusses security models, risks, vulnerabilities, attacks, and risk management strategies.
How stuxnet spreads – a study of infection paths in best practice systems
The document analyzes how the Stuxnet worm could spread from an infected computer on a corporate network to compromise an isolated industrial control system (ICS) following best security practices. It describes a hypothetical high-security ICS site and proposes several pathways Stuxnet could use to migrate internally and sabotage the system. Key findings include that completely preventing infection is impossible and ICS security must focus on containment, segmentation, diversity, and improving security culture.
A theoretical superworm
This document discusses the potential threat of a "Superworm", a theoretical worm that could incorporate successful propagation techniques from past worms to spread rapidly and cause widespread damage. It describes the features such a worm may have, including exploiting multiple vulnerabilities across many operating systems and using various proliferation methods. The document also examines a past university network security incident and two security technologies that could help detect and limit the spread of such a worm: an early worm detection system and a modified reverse proxy server.
L11 Transition And Key Roles and SAT ROB IRP.pptx
The document discusses the transition from the Certification and Accreditation (C&A) process to the Risk Management Framework (RMF) for assessing security controls of information systems. It provides an overview of the key phases and roles of both the C&A and RMF processes. These include phases like initiation, certification, accreditation, and continuous monitoring for C&A and categorize, select, implement, assess, authorize, and monitor for RMF. It also outlines some of the important roles in each process like the authorizing official, information system owner, and security control assessor.
I0516064
IOSR Journal of Electronics and Communication Engineering(IOSR-JECE) is an open access international journal that provides rapid publication (within a month) of articles in all areas of electronics and communication engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in electronics and communication engineering. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
LIS3353 SP12 Week 9
The document discusses a technology and security class. It provides an agenda that covers IT news, an exam follow-up, and a focus on security. Under security news, it lists several recent computer virus and hacking incidents. It then discusses common security myths and holds a quick security assessment activity. The rest of the document outlines various security topics like definitions of security concepts, security risks, protection methods, and ways to assess security risks. It emphasizes the importance of backups, strong passwords, and keeping systems updated with patches.
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
This document discusses preventing key-recovery attacks on keyed intrusion detection systems (KIDS). KIDS is designed to introduce a secret key to make operations impossible without knowing the key, thereby preventing evasion attacks. However, the document shows that recovering the key is possible with a small number of queries if the attacker can interact with KIDS and receive feedback on probing requests. Two instantiations of such attacks are presented for different adversarial settings, demonstrating that KIDS does not meet its security claims of making key recovery infeasible. The document concludes by revisiting KIDS' core design and providing heuristic arguments about its suitability and limitations.
information security management
This document outlines the topics and structure of an Information Security Management course. The course will cover planning for security, information security policy, developing security programs, risk management, protection mechanisms, personnel security, law and ethics, and security in the cloud. Assessments, case studies, presentations, labs, and class participation will be used for evaluation. Current security topics will be researched and presented. A term paper and demonstration project will also be required. The goal is to examine information security holistically within an organization.
Substation Cyber Security
This document discusses cyber security for substation automation systems. It notes that substation systems are now increasingly connected via Ethernet and IP-based protocols, introducing cyber security risks. The document outlines various potential threats including internal attackers, suppliers, hackers, criminals, and terrorists. It examines vulnerabilities in substation systems like slow processors, real-time operating systems, communications media, open protocols, lack of authentication, and centralized administration. The document proposes measures to enhance security such as access control, encryption, authentication, and intrusion detection. Overall, the document analyzes cyber security risks for substation automation and proposes strategies to protect, detect, and recover from potential intrusions or attacks.
Computer security overview
COMPUTER SECURITY
KEY SECURITY CONCEPTS
SECURITY TERMINOLOGY
VULNERABILITY
THREATS
ATTACKS
ATTACK SURFACES
THREAT CONSEQUENCES
COUNTERMEASURES
CYBER CRIME INCIDENTS IN OMAN
SECURITY TECHNOLOGIES IN USE - GLOBAL
ch01_nemo-Pendahuluan.ppt
This document provides an overview and roadmap for cryptography and network security. It discusses key security concepts like confidentiality, integrity, and availability. It also summarizes the OSI security architecture, which defines how to provide security requirements. Additionally, it outlines security attacks, services, and mechanisms, and provides models for network and network access security.
Similar to Cybersecurity of Physical Systems (20)
About the PresentationsThe presentations cover the objectives .docx
About the PresentationsThe presentations cover the objectives .docx
About the PresentationsThe presentations cover the objectives .docx
About the PresentationsThe presentations cover the objectives .docx
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
Critical Infrastructure Assessment Techniques to Prevent Threats and Vulnerab...
How stuxnet spreads – a study of infection paths in best practice systems
How stuxnet spreads – a study of infection paths in best practice systems
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
IRJET- Preventing of Key-Recovery Attacks on Keyed Intrusion Detection System
Recently uploaded
PCOS corelations and management through Ayurveda.
This presentation includes basic of PCOS their pathology and treatment and also Ayurveda correlation of PCOS and Ayurvedic line of treatment mentioned in classics.
Advanced Java[Extra Concepts, Not Difficult].docx
This is part 2 of my Java Learning Journey. This contains Hashing, ArrayList, LinkedList, Date and Time Classes, Calendar Class and more.
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
CACJapan - GROUP Presentation 1- Wk 4.pdf
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
How to Manage Your Lost Opportunities in Odoo 17 CRM
Odoo 17 CRM allows us to track why we lose sales opportunities with "Lost Reasons." This helps analyze our sales process and identify areas for improvement. Here's how to configure lost reasons in Odoo 17 CRM
How to Add Chatter in the odoo 17 ERP Module
In Odoo, the chatter is like a chat tool that helps you work together on records. You can leave notes and track things, making it easier to talk with your team and partners. Inside chatter, all communication history, activity, and changes will be displayed.
How to Fix the Import Error in the Odoo 17
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
How to Build a Module in Odoo 17 Using the Scaffold Method
Odoo provides an option for creating a module by using a single line command. By using this command the user can make a whole structure of a module. It is very easy for a beginner to make a module. There is no need to make each file manually. This slide will show how to create a module using the scaffold method.
The Diamonds of 2023-2024 in the IGRA collection
A review of the growth of the Israel Genealogy Research Association Database Collection for the last 12 months. Our collection is now passed the 3 million mark and still growing. See which archives have contributed the most. See the different types of records we have, and which years have had records added. You can also see what we have for the future.
Main Java[All of the Base Concepts}.docx
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)Academy of Science of South Africa
A workshop hosted by the South African Journal of Science aimed at postgraduate students and early career researchers with little or no experience in writing and publishing journal articles.ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
Denis is a dynamic and results-driven Chief Information Officer (CIO) with a distinguished career spanning information systems analysis and technical project management. With a proven track record of spearheading the design and delivery of cutting-edge Information Management solutions, he has consistently elevated business operations, streamlined reporting functions, and maximized process efficiency.
Certified as an ISO/IEC 27001: Information Security Management Systems (ISMS) Lead Implementer, Data Protection Officer, and Cyber Risks Analyst, Denis brings a heightened focus on data security, privacy, and cyber resilience to every endeavor.
His expertise extends across a diverse spectrum of reporting, database, and web development applications, underpinned by an exceptional grasp of data storage and virtualization technologies. His proficiency in application testing, database administration, and data cleansing ensures seamless execution of complex projects.
What sets Denis apart is his comprehensive understanding of Business and Systems Analysis technologies, honed through involvement in all phases of the Software Development Lifecycle (SDLC). From meticulous requirements gathering to precise analysis, innovative design, rigorous development, thorough testing, and successful implementation, he has consistently delivered exceptional results.
Throughout his career, he has taken on multifaceted roles, from leading technical project management teams to owning solutions that drive operational excellence. His conscientious and proactive approach is unwavering, whether he is working independently or collaboratively within a team. His ability to connect with colleagues on a personal level underscores his commitment to fostering a harmonious and productive workplace environment.
Date: May 29, 2024
Tags: Information Security, ISO/IEC 27001, ISO/IEC 42001, Artificial Intelligence, GDPR
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: ISO/IEC 27001 Information Security Management System - EN | PECB
ISO/IEC 42001 Artificial Intelligence Management System - EN | PECB
General Data Protection Regulation (GDPR) - Training Courses - EN | PECB
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptxMohd Adib Abd Muin, Senior Lecturer at Universiti Utara Malaysia
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar KanvariaRecently uploaded (20)
Pride Month Slides 2024 David Douglas School District
Pride Month Slides 2024 David Douglas School District
Azure Interview Questions and Answers PDF By ScholarHat
Azure Interview Questions and Answers PDF By ScholarHat
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Manage Your Lost Opportunities in Odoo 17 CRM
How to Build a Module in Odoo 17 Using the Scaffold Method
How to Build a Module in Odoo 17 Using the Scaffold Method
South African Journal of Science: Writing with integrity workshop (2024)
South African Journal of Science: Writing with integrity workshop (2024)
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
ISO/IEC 27001, ISO/IEC 42001, and GDPR: Best Practices for Implementation and...
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Chapter 4 - Islamic Financial Institutions in Malaysia.pptx
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...
Cybersecurity of Physical Systems
- 1. 1 CYBER PHYSICAL SYSTEMS SECURITY Week 1 Overview
- 2. Course Description Cyber Physical Systems Security introduces the techniques, methodologies, and tools used in building and maintaining secure networks and control systems.These systems rely on unification of technologies such as computers, Programmable LogicControllers, operator interfaces, and microprocessor based devices together into Supervisory, Control and Data Acquisition (SCADA) or Industrial Control Systems (ICS). After exploring the real-world threats and vulnerabilities that exist within the industrial automation and control system architectures, a standards based approach is explored for the protection of such systems, taking into consideration the procedural and technical differences between security for traditional IT environments and those solutions appropriate for SCADA or ICS.
- 3. Required Texts Labs • Arduino One • Sensor Kit Bodungen, C. (2016). Hacking Exposed Industrial Control Systems: ICS and SCADA Security Secrets & Solutions. McGraw- Hill Education. ISBN: 978-1259589713
- 4. Introduction Welcome to the class Over the next session, we will explore many different facets of Cyber Physical Systems Security that impact us each and every day. You will learn how security plays a vital role in this and what must be done to protect ourselves from the “rise of the machines.”
- 5. Objectives At the end of the course, students should have demonstrated their ability to: Appraise the different components, communication systems, and timing requirements used in SCADAICS Identify the economic benefits of SCADAICS systems Illustrate how SCADAICS is applied to real world applications Evaluate industrial security guidelines Differentiate between different types of attacks that can be launched against systems Demonstrate different vulnerability assessment procedures Demonstrate the techniques for securing a network of devices 5
- 6. TERMINOLOGY
- 7. Incident/Exposure – An unauthorized event that could lead to a process control system to deviate from normal operation Risk –The likelihood that an attack, incident, or exposure could occur and the severity of impact that it could have on your systems or organization Threat (a.k.a. – “Threat Source”, “Threat Agent”) –The actual source of the risk.The person or thing that takes advantage of, uses, or causes a vulnerability either intentionally or unintentional Vulnerability – A set of conditions causing the presence of a weakness, of which a threat can take advantage. This could be a technical weakness, procedural weakness, or human weakness Exploit – 1. nThe means by which a vulnerability is taken advantage of 2. vTo take advantage of a vulnerability; the attack itself Attack –The result of the presence of aThreat taking advantage of a Vulnerability, through a successful Exploit AttackVector –The environment in which the attack will take place. (i.e. – physical, operations, cyber, computer memory space, a website, etc.) Terminology
- 8. State of the Industry SCADA in the past Isolated from IT SCADA, ICS, DCS, Industrial Networks all relatively unheard of Used legacy equipment SCADA Now Connectivity to enterprise / IP New, network-based attack vectors Increasing use of commercial off-the-shelf (COTS) software Increased use of MicrosoftWindows Unpatched systems Brings pre-existing vulnerabilities back Virus/malware propagation Flat networks and Dual-homed systems “IT vs. SCADA”, “Them vs. Us” Experts Claim “Lost Decade” (in terms of security) Due to “Failure to Act”