SlideShare a Scribd company logo
HIMA Cyber Security
Josse Brys
Senior Manager Sales and Regional Development
Antwerpen 25 October 2018
© HIMA Paul Hildebrandt GmbH 2017 2
HIMA Mission
Our Mission is to contribute to
Plant Safety and Operational Availability by implementing
unique Smart Safety Solutions and life cycle Services
3
HIMA History
1908 1936 1950 1965 1970 1986 1997 1999 2008 20131929 2017
4
HIMA: The leading Expert in Safety Solutions
▪ Headquarters in Germany Brühl
▪ Worldwide local service and support
▪ Over 40,000 safety systems installed
▪ More then 800 people dedicated to safety
▪ R&D investment with 125 experts
© HIMA Paul Hildebrandt GmbH 2018 5
Experienced recently while being airborne …
• How would you feel?
• Would you be worried?
• Will the plane be in trouble?
- autonomous, computer-based devices, used extensively in:
- oil refining,
- chemical processing,
- electrical generation
- other industries where the creation of a product is based on a continuous series
of processes being applied to raw materials.
6© HIMA Paul Hildebrandt GmbH 2018
Industrial Control Systems (ICS) is:
By deploying and programming ICS devices, engineers have the ability to remotely monitor and
control the different variables of the industrial process.
Supervisory Control and Data Acquisition (SCADA) systems, or distributed control systems (DCS),
and programmable logic controllers (PLCs))
A subcategory of ICS, and is used to protect
- humans,
- industrial plants
- and the environment in case of a monitored process going beyond the allowed
control margins.
7© HIMA Paul Hildebrandt GmbH 2018
Safety Instrumental Systems (SIS) is:
These devices are not intended for controlling the process itself,
but rather provide an overriding signal, so that immediate actions are taken if the process control
systems fail.
© HIMA Paul Hildebrandt GmbH 2017 8
What makes HIMA unique?
Safety solutions
Other companies
HIMA understands Safety better than any other company
Automation
Solutions
Smart Safety
solutions
Safety is our DNA
© HIMA Paul Hildebrandt GmbH 2017 9
Safeguards your plant/operations
9
e.g. pressure relief
valve
Public and plant-specifc
measures
e.g. retention basin
SIS (safety instrumented
system)
DCS / BPCS
and people
DCS / BPCS
Disaster prevention
Damage mitigation
Mechanical protection
MonitoringProcess alarm
Safety instrumented systemSafety shutdown
Operation
Monitored
Process value
Cyber Security
M
I
T
I
G
A
T
I
O
N
P
R
E
V
E
N
A
T
I
O
N
© HIMA Group 2018 10
Functional Safety Standards
© HIMA Group 2018 11
SIL - Safety Integrity Level
SIL is how we measure the performance of safety functions carried out by the
safety instrumented systems
‣ Process owners:
Which safety functions do I need and how much SIL do I need?
‣ Engineering companies, system integrators, product developers:
How do I build SIL compliant safety devices, functions or systems?
‣ Process operators:
How do I operate, maintain and repair safety functions and systems
to maintain the identified SIL levels?
SIL has 3 sides to the story
© HIMA Group 2018 12
SIL Levels
Risk reduction
© HIMA Group 2018 13
SIL Levels
PFDavg = Probability of Failure on Demand average
Most famous SIL requirement is the Probability of Failure on Demand
14
Cyber security Risksecurity = threat * vulnerability * potential of the damage
Functional safety Risksafety = probability of a damage * potential of the damage
World
Sys.
Safety
+
What is Safety
World
Sys.
World Sys.
It takes two to Tango:
Safety and Security
© HIMA Group 2018 16
100% GUARANTEE
See IEC 61508. Measures to reduce risk
to tolerable level once (and for ever)
for Safety there is none for Security there is none
See IEC 62443. Programmable Safety
Systems can be compromised.
AvoidanceofFailures
Security
(andothertechnology-
dependentaspects)
ControlofFailures
ReliabilityEvaluation
Management of Functional Safety
17
How to be prepared to tango
Safe Operation
© HIMA Paul Hildebrandt GmbH 2018
18
Safety and security interacting closely,
nevertheless
1. Both are focused on totally different aspects
2. Safety and security recommendations have no
automatic correlation
3. Alignment of safety and security requires a
special strategy
To tango requires common understanding
© HIMA Paul Hildebrandt GmbH 2018
19
Principle 1: Protection of safety functions
Security effectively prevents safety against negative influences of threats.
Safety evaluations are based on the assumption of effective security measures.
Principle 2: Compatibility of implementations
Security does not interfere with safety and vice versa.
Principle 3: Protection of security countermeasures
The safety implementations do not negatively compromise the effectiveness of
security implementations.
Source: IEC/TR 63069
Guiding principles of applying Safety & Security
IEC 61508 & IEC 62443
Alignment of both dancing partners
© HIMA Paul Hildebrandt GmbH 2018
20
Reviewed in
Safety Lifecycle Intervals
Safety Design Security Design
Secure Safety
Setup
Security Setup
Security Environment
• To protect the perimeters
of the Security environment
• To protect the internal Interactions
• To protect the individual functional units
Reviewed in
Security Lifecycle Intervals
1. Updates in years
2. Focus on malfunctions
3. Looking at (own) operational
experiences
I. Updates in weeks
II. Focus on vulnerabilities
III. Looking at community
experiences
Coordination of both Lifecycles
Our tango lasts longer
© HIMA Paul Hildebrandt GmbH 2018
HIMA Security Environment for Functional Safety
HIMA Secure Safety Core
21
Cyber secure down to its core
Gateway
CPU
I/O
COM
Interface
Interface4..20 mA
HART
DCS
Information
Domain
HIMA
MMI
Plant Security Zone
© HIMA Paul Hildebrandt GmbH 2018
DCS – Automation Domain
HIMA
ZONE DZONE C
ZONE B
ZONE A
22
MES OfficeVirtual Plant
WWW
ENG/MAIN
FieldbusHART4..20 mA
Level 0:
Instrumentation
Level 1:
Real Time Data
Processing
Level 2:
MMI/Maintenance
Level 3:
Local Office
ERP (local)
Level 4:
WWW
ERP (global)
SIS, HARTSIS
Zones & Conduits (IEC 62443)
Historian
AA A A A
© HIMA Paul Hildebrandt GmbH 2018
Do you have full
visibility of the
risks on your SIS
/ IOT system?
23© HIMA Paul Hildebrandt GmbH 2018
You think it will never
happens to me..
Until you are the
target..
24© HIMA Paul Hildebrandt GmbH 2018
25© HIMA Paul Hildebrandt GmbH 2018
- Common vulnerability (e.g. SQL injection)
- Zero-day exploit
- USB keys
- Insider threat
- Physical access to devices
- Interactive social engineering
- Spear Phising
Common Attack methods:
© HIMA Group 2018 26
See Netflix film:
LO and Behold: Reveries of the connected World
From 53 min
27© HIMA Paul Hildebrandt GmbH 2018
Petya-ransomware Attack
2017 – Again
Only this time a Worldwide hack
Cyber attacks are real
28© HIMA Paul Hildebrandt GmbH 2018
Russia GRU caught hacking into OPCW via WIFI
October 2018
Example of the WIFI hack
Cyber attacks are real
29
Cyber attacks are real
30
Cyber attacks are real
© HIMA Group 2018 31
Cyber attacks are real
www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN
Incident Summary
The attacker gained remote access to an SIS engineering
workstation and deployed the TRITON attack framework
to reprogram the SIS controllers
Triton /Trisis/ HATMAN December 2017
Attackers Deploy New ICS Attack Framework “TRITON”
and Cause Operational Disruption to Critical Infrastructure
© HIMA Group 2018 32
MELTDOWN / SPECTRE
January 2018
• Critical weak points in chip hardware weaken nearly all IT
systems worldwide. (CPU chips)
• HIMA operating systems strictly segregate the memory
they access.
• Meltdown and Spectre have no effect on
HIMA security systems!
Cyber attacks are real
www.meltdownattack.com
33© HIMA Paul Hildebrandt GmbH 2018
The malware also named Trojan-Spy.0485 or
Malware-Cryptor.Win32.Inject.gen.2
The drivers where registered in the virus database
under the name
Rootkit.TmpHider and
SScope.Rootkit.TmpHider.2
Uranium Plant - Iran
Cyber attacks are real
Stuxnet
Let’s look in detail Stuxnet
34
Stuxnet
© HIMA Group 2018 35
Stuxnet
Targets specific Siemens PLC
• Each PLC must be configured before use
• Configuration is stored in system data blocks (SDB)
• Stuxnet parses these blocks
• Look for magic bytes 2C CB 00 01 at offset 50h
• Signifies a Profibus network card is attached - CP 342-5
• Looks for 7050h and 9500h
• Must have more than 33 of these values
• Injects different code based on number of occurrences
© HIMA Group 2018 36
Stuxnet
Programming the PLC
• Simatic or Step 7 software used to write code in STL
• STL code is compiled to MC7 byte code
• MC7 byte code is transferred to the PLC
• Control PC can now be disconnected
© HIMA Group 2018 37
Stuxnet
Stuxnet: Man-in-the-Middle Attack on PLCs
• Step7 uses a library to access the PLC
S7otbxdx.dll
• Stuxnet replaces that dll with its own version
• Stuxnet version intercepts, read and write to
the PLC and changes the code at this point.
Request code
block from
PLC
Show code
block from
PLC to user
Modified STL
code block
Step7
S7blk_read
STL code
block
S7otbxdx.dll
STL code
block
PLC
© HIMA Group 2018 38
Stuxnet
• Stuxnet: C7 Byte code
• Malicoius dll contains at least 70 blobs of data
• They are binary and encoded
• These are actually blocks of MC7 byte code
• This is the code that is injected into the PLC's
• Must be converted back to STL to understand it
© HIMA Group 2018 39
Stuxnet
• OB1 and OB35
Stuxnet changes these blocks
• OB1 = main on PLCs
-Stuxnet inserts its own code at the beginning of OB1 so it runs first
• OB35 is a 100ms interrupt routine
- Used to monitor inputs that would require fast action
- Stuxnet infects OB35 too
• Stuxnet will return clean versions of these functions when they are read from the PLC
© HIMA Group 2018 40
Stuxnet
15000 lines of code
© HIMA Group 2018 41
Stuxnet
984 centrifuges (unhappy)
Electrical IO
Reality blocker
PLC program (happy)
© HIMA Group 2018 42
Last Security Incidents
www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN
Wetware
The Human Factor
© HIMA Group 2018 43
See Netflix film:
LO and Behold: Reveries of the connected World
From 59 min
44© HIMA Paul Hildebrandt GmbH 2018
Again, are you sure – that you are Secure?
45© HIMA Paul Hildebrandt GmbH 2018
- Every Week?
How often do you monitor your :
- Procedures
- Policies
- 3rd Party Hard- and Software Vendors
- Cause & Effects
- KPI’s
- Log files
- Security Reports
- Risk Assessments
- Every Month?
- Never?
46© HIMA Paul Hildebrandt GmbH 2018
How can you reduce the risk and protect your SIS / IOT Environments?
- Build higher walls
- Industrial Control System (ICS) Security will save you
- Adopt a new thinking
47© HIMA Paul Hildebrandt GmbH 2018
How become from Reactive to Proactive?
48
Example cases of Cyber Security Risks
© HIMA Paul Hildebrandt GmbH 2018
49
SIS Awareness Concept – Example 1
Broken SIS Engineering Station swapped (temporarily) with a Back Office workstation
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS
Engineering
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
50
SIS Awareness Concept – Example 1
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS
Engineering
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
51
SIS Awareness Concept – Example 1
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
52
SIS Awareness Concept – Example 1
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
‘Temp.’
Replace
Back Office
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
53
SIS Awareness Concept – Example 1
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
‘Temp.’
Replace
Back Office
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
54
SIS Awareness Concept – Example 1
Internet
© HIMA Paul Hildebrandt GmbH 2018
55
SIS Awareness Concept – Example 2
Undetected switch/Router in your SIS
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS
Engineering
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
56
SIS Awareness Concept – Example 2
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
57
SIS Awareness Concept – Example 2
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
Unmanaged
Switch /
Router
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
58
SIS Awareness Concept – Example 2
SIS
Engineering
Station
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
Unmanaged
Switch /
Router
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
59
SIS Awareness Concept – Example 2
SIS
Engineering
Station
Un-
controlled
Network
Devicees
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
Unmanaged
Switch /
Router
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
60
SIS Awareness Concept – Example 2
SIS
Engineering
Station
Internet
Un-
controlled
Network
Devicees
© HIMA Paul Hildebrandt GmbH 2018
© HIMA Paul Hildebrandt GmbH 2018 61
 Actual Cyber Security threats
No clear/Not up to date of:
 - Policies; - Procedures; - Network drawing; - IP Database; - Backup; Disaster Recovery
- Actual Hardware registration; - Actual in- and external User Accounts;
 - Registration of visitors; No Supervision of Visitors;
 - CTTV; Door; Keys; Batch-IDs; USB-Sticks;
 - Open Unused Switch Ports; Network Device Registration; Up-to-Date Network Drawings
 Tampering with these systems can lead to:
 You need to know, who is who in the Office & don’t leave them (alone) in Restricted Area’s
 Possibly environmental disasters, due to loss of data
 … Equipment damage
 Production loss
 Loss of valuable production recipes and installation data
Awareness of Cyber Security
in SIS / OT environments
© HIMA Paul Hildebrandt GmbH 2018 62
Nowadays Threats
• Software Bugs
• Unauthorized physical access
• Unauthorized network access
• Abuse (e.g. disgruntled employee)
• Human error (e.g. No virus check on USB)
Awareness of Cyber Security
in SIS / OT environments
© HIMA Paul Hildebrandt GmbH 2018 63
Actual Cyber Security threats
 The BadUSB attack 2.0
A few weeks ago, a new version of this BadUSB attack is already found
which this time only requires a USB cable,
such as charge cable for your smartphone.
The cable continues to retain the ability to charge
the connected device, but on the side of the computer it acts as a Human Input Device (HID),
such as a keyboard or mouse and then
it will install malicious software
Awareness of Cyber Security
in SIS / OT environments
64© HIMA Paul Hildebrandt GmbH 2018
Minimum Effort – Maximum Security
Awareness of Cyber Security
in SIS / OT environments
SIS
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
65
Awareness of Cyber Security
in SIS / OT environments
© HIMA Paul Hildebrandt GmbH 2018
Extended SIS Zone
SIS
Engineering
Station
SIS
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
66
SIS OPC
Server &
HMI
Protection
needed
Awareness of Cyber Security
in SIS / OT environments
© HIMA Paul Hildebrandt GmbH 2018
SIS
IT-Infrastructure
BPCS/DCS/HMI
Peripherals
Extended SIS Zone
SIS
Engineering
Station
SIS OPC
Server &
HMI
COM
CPU
IO
SIS Network
(safeethernet)
Core SIS Zone
Field
Devices
67
Protection
needed
Firewall & VLAN
Technology
SIS Awareness Concept – Zones and Conduits
© HIMA Paul Hildebrandt GmbH 2018
68
SIS Awareness Scope of Support
Assets
- SIS
- Engineering Station
- OPC Server Station
- Tofino Firewall Technology
- Hirschmann VLAN
Technology
- Network Infrastructure
…
Policies & Procedures
- Hardening
- Patch Management
- User Management
- Logging Management
- Change Management
- Verification
- Backup/Restore
…
Detail Definition
- Hardware (LSM)
- Software (Off-Line) Patches
- Windows
- Antivirus Software
- Patches / Firmware
- Network Overview
(As-Build)
- Documentation
- Organisation
- Users
- …
© HIMA Paul Hildebrandt GmbH 2018
• Maintain integrity of SIS to its designed functionality
Overview on the current status of the SIS
• Comply with regulatory requirements
Practical base for improvements or further IT/OT risk
assessments
• Manage risk
Help to reveal undetected vulnerabilities of the SIS Network
before a plant disruption or malfunction
• Expertise of independent Cyber Security Specialists
Safety focus ensure that SIS specific configurations are covered
SIS Awareness Benefits
69© HIMA Paul Hildebrandt GmbH 2018
© HIMA Group 2018 70
HIMA Security MeasuresSecurity in Safety Instrumented Systems
Source: NAMUR NA 163
© HIMA Group 2018 71
HIMA Security Measures
PC-Infrastructure
Controller Hardware and Firmware Lifecycle Management
Engineering ToolCommunication Infrastructure
SIS, HARTSIS
A A
Security in ICS depends on five areas
© HIMA Group 2018 72
• 100% HIMA Software
• Extremely low software error rate (similar to military and aircraft)
• Automated code analysis
• Unused ethernet ports locked physically
• No access to program code during operation
• No backdoors
• No common cause failures SIS/BPCS
• …
Controller Hardware and Firmware
© HIMA Group 2018 73
• 100% HIMA Software
• Single-purpose Engineering tool
• Proprietory database file for efficient Recovery Backup
• Two-factor authentication for project and controller data
• Diagnoses and time stamps cannot be deleted (audit trail)
• Key switches for RELOAD, FORCE, READ possible
• Monitoring of program changes
• Enforced change of passwords
• Well-defined User management incl. Security Admin Role
• Function blocks with password protection (locking/read-only)
Engineering Tool
© HIMA Group 2018 74
• Secure BIOS Management
• Reduced access rights
• Only required Windows services activated
• No double-use of Engineering- and Office Laptops
• Minimal set of application programs
• Intelligent Password management
• …
PC Infrastructure
© HIMA Group 2018 75
• Separated protection layers between CPU and COM – Modules
• Proprietory and superior protocol for controller communication:
SafeEthernet
• Achilles-Certificate by Wurldtech
• Consequent separation of networks in each installation
• Tap-proof controler communication
• …
Communication Infrastructure
© HIMA Group 2018 76
• HIMA Group Company
• ISO 27001 Certification ongoing
• Security Certification (Achilles, ISASecure EDSA, TÜV, …)
• Penetration-testing (Customers, Service-providers, Universities)
• Need-to-know principle: Access to source code and internal documents
restricted to developers
• Separate development network
• Active collaboration in standardization committees like IEC and OpenGroup
• Services for our customers
• Security is integral part of HIMA Services and Engineering
• Basic Security Check of HIMA safety systems
• System hardening of safety systems and safety system environments
Lifecycle Management
© HIMA Group 2018 77
www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN
Fiber optic cable
Cyber secure?
© HIMA Group 2018 78
https://www.youtube.com/watch?v=bnzeyBK3kAY
© HIMA Paul Hildebrandt GmbH 2018 79
Summary
• Safety and cyber security are connected
• Cyber security needs your attention
• Separate safety from operations
• Think not only about the hardware
© HIMA Group 2018 80
Josse Brys
E-mail: info@hima.com
Internet: www.hima.com
HIMA Group
Albert-Bassermann-Str. 28
68782 Brühl, Germany
Phone: +49 6202 709-0
Fax: +49 6202 709-107
Thank You.
J.brys@hima.com

More Related Content

What's hot

Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
Qualys
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
Shah Sheikh
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
Iftikhar Ali Iqbal
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Sirius
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
Prime Infoserv
 
BSidesAugusta 2022 - The Power of the OT Security Playbook
BSidesAugusta 2022 - The Power of the OT Security PlaybookBSidesAugusta 2022 - The Power of the OT Security Playbook
BSidesAugusta 2022 - The Power of the OT Security Playbook
Chris Sistrunk
 
Rothke secure360 building a security operations center (soc)
Rothke   secure360 building a security operations center (soc)Rothke   secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
Ben Rothke
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
Jen Ruhman
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
SnapComms
 
Example of access control
Example of access controlExample of access control
Example of access control
Hafiza Abas
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
Dhani Ahmad
 
Security technologies
Security technologiesSecurity technologies
Security technologies
Dhani Ahmad
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
SlideTeam
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
Cisco Canada
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overview
Julia Urbina-Pineda
 
Security policy and standards
Security policy and standardsSecurity policy and standards
Security policy and standards
Wilson Musyoka
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
PECB
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
McKonly & Asbury, LLP
 

What's hot (20)

Qualys Corporate Brochure
Qualys Corporate BrochureQualys Corporate Brochure
Qualys Corporate Brochure
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
 
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
Security Incident and Event Management (SIEM) - Managed and Hosted Solutions ...
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
BSidesAugusta 2022 - The Power of the OT Security Playbook
BSidesAugusta 2022 - The Power of the OT Security PlaybookBSidesAugusta 2022 - The Power of the OT Security Playbook
BSidesAugusta 2022 - The Power of the OT Security Playbook
 
Rothke secure360 building a security operations center (soc)
Rothke   secure360 building a security operations center (soc)Rothke   secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Information Security Awareness
Information Security Awareness Information Security Awareness
Information Security Awareness
 
Example of access control
Example of access controlExample of access control
Example of access control
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Security technologies
Security technologiesSecurity technologies
Security technologies
 
IT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation SlidesIT Security PowerPoint Presentation Slides
IT Security PowerPoint Presentation Slides
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
 
Information security management system (isms) overview
Information security management system (isms) overviewInformation security management system (isms) overview
Information security management system (isms) overview
 
Security policy and standards
Security policy and standardsSecurity policy and standards
Security policy and standards
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Introduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security FrameworkIntroduction to Risk Management via the NIST Cyber Security Framework
Introduction to Risk Management via the NIST Cyber Security Framework
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 

Similar to Hima cyber security

6 martin heininger - security in embedded systems - the upcoming challenge
6   martin heininger - security in embedded systems - the upcoming challenge6   martin heininger - security in embedded systems - the upcoming challenge
6 martin heininger - security in embedded systems - the upcoming challenge
Ievgenii Katsan
 
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
TI Safe
 
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINT
Technofutur TIC
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta   ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta   ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Ulf Mattsson
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
SecPod Technologies
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
MarketingArrowECS_CZ
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06  Presentation Cloudguard IaaS de Checkpoint2018 06  Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
e-Xpert Solutions SA
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
TI Safe
 
Open Source for Industry 4.0 – Open IoT Summit NA 2018
Open Source for Industry 4.0 – Open IoT Summit NA 2018Open Source for Industry 4.0 – Open IoT Summit NA 2018
Open Source for Industry 4.0 – Open IoT Summit NA 2018
Benjamin Cabé
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security   tom hammond10. industrial networks safety and security   tom hammond
10. industrial networks safety and security tom hammond
PROFIBUS and PROFINET InternationaI - PI UK
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
OSIsoft, LLC
 
New SIPROTEC 5 Version 7.8 - Overview
New SIPROTEC 5  Version 7.8 - OverviewNew SIPROTEC 5  Version 7.8 - Overview
New SIPROTEC 5 Version 7.8 - Overview
Ryan O'Mara
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Denim Group
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
TI Safe
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
Eryk Budi Pratama
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
team-WIBU
 
How the Internet of Things (IoT) will impact customer experience, operational...
How the Internet of Things (IoT) will impact customer experience, operational...How the Internet of Things (IoT) will impact customer experience, operational...
How the Internet of Things (IoT) will impact customer experience, operational...
Navaid Khan
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
Threat Modeling for IoT Systems
Threat Modeling for IoT SystemsThreat Modeling for IoT Systems
Threat Modeling for IoT Systems
Denim Group
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
ITSitio.com
 

Similar to Hima cyber security (20)

6 martin heininger - security in embedded systems - the upcoming challenge
6   martin heininger - security in embedded systems - the upcoming challenge6   martin heininger - security in embedded systems - the upcoming challenge
6 martin heininger - security in embedded systems - the upcoming challenge
 
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
CLASS 2018 - Palestra de Murilo Morais (Head do segmento Cloud Application So...
 
PIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINTPIONEERING GEN V SECURITY WITH CHECK POINT
PIONEERING GEN V SECURITY WITH CHECK POINT
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta   ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta   ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and BeyondHow BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
How BlueHat Cyber Uses SanerNow to Automate Patch Management and Beyond
 
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud AdoptionSecurity as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
 
2018 06 Presentation Cloudguard IaaS de Checkpoint
2018 06  Presentation Cloudguard IaaS de Checkpoint2018 06  Presentation Cloudguard IaaS de Checkpoint
2018 06 Presentation Cloudguard IaaS de Checkpoint
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
Open Source for Industry 4.0 – Open IoT Summit NA 2018
Open Source for Industry 4.0 – Open IoT Summit NA 2018Open Source for Industry 4.0 – Open IoT Summit NA 2018
Open Source for Industry 4.0 – Open IoT Summit NA 2018
 
10. industrial networks safety and security tom hammond
10. industrial networks safety and security   tom hammond10. industrial networks safety and security   tom hammond
10. industrial networks safety and security tom hammond
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
New SIPROTEC 5 Version 7.8 - Overview
New SIPROTEC 5  Version 7.8 - OverviewNew SIPROTEC 5  Version 7.8 - Overview
New SIPROTEC 5 Version 7.8 - Overview
 
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT TechnologiesUnderstanding IoT Security: How to Quantify Security Risk of IoT Technologies
Understanding IoT Security: How to Quantify Security Risk of IoT Technologies
 
CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
 
Cybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas CompanyCybersecurity in Oil & Gas Company
Cybersecurity in Oil & Gas Company
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
How the Internet of Things (IoT) will impact customer experience, operational...
How the Internet of Things (IoT) will impact customer experience, operational...How the Internet of Things (IoT) will impact customer experience, operational...
How the Internet of Things (IoT) will impact customer experience, operational...
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
Threat Modeling for IoT Systems
Threat Modeling for IoT SystemsThreat Modeling for IoT Systems
Threat Modeling for IoT Systems
 
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco #ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
#ITSitioEnRSA - Presentacion de Jeef Reed de Cisco
 

More from ie-net ingenieursvereniging vzw

Ultrasoon_Clamp-on.pdf
Ultrasoon_Clamp-on.pdfUltrasoon_Clamp-on.pdf
Ultrasoon_Clamp-on.pdf
ie-net ingenieursvereniging vzw
 
Elektromagnetische_debietmeters.pdf
Elektromagnetische_debietmeters.pdfElektromagnetische_debietmeters.pdf
Elektromagnetische_debietmeters.pdf
ie-net ingenieursvereniging vzw
 
SGS Skybase (NL) .pdf
SGS Skybase (NL) .pdfSGS Skybase (NL) .pdf
SGS Skybase (NL) .pdf
ie-net ingenieursvereniging vzw
 
VEGA-Radar vs US-26APR2022-NL.pdf
VEGA-Radar vs US-26APR2022-NL.pdfVEGA-Radar vs US-26APR2022-NL.pdf
VEGA-Radar vs US-26APR2022-NL.pdf
ie-net ingenieursvereniging vzw
 
From process to emission
From process to emissionFrom process to emission
From process to emission
ie-net ingenieursvereniging vzw
 
Contactloos volume flow meting op transportbanden (ENG.)
Contactloos volume flow meting op transportbanden (ENG.)Contactloos volume flow meting op transportbanden (ENG.)
Contactloos volume flow meting op transportbanden (ENG.)
ie-net ingenieursvereniging vzw
 
Connecting fieldbus power and knowledge
Connecting fieldbus power and knowledgeConnecting fieldbus power and knowledge
Connecting fieldbus power and knowledge
ie-net ingenieursvereniging vzw
 
Frequentieregelaars
FrequentieregelaarsFrequentieregelaars
Frequentieregelaars
ie-net ingenieursvereniging vzw
 
Breekplaten beademingsmachines vlamdover (NED.)
Breekplaten beademingsmachines vlamdover (NED.)Breekplaten beademingsmachines vlamdover (NED.)
Breekplaten beademingsmachines vlamdover (NED.)
ie-net ingenieursvereniging vzw
 
Veiligheden rond de tank
Veiligheden rond de tankVeiligheden rond de tank
Veiligheden rond de tank
ie-net ingenieursvereniging vzw
 
Veiligheden rond de tank
Veiligheden rond de tankVeiligheden rond de tank
Veiligheden rond de tank
ie-net ingenieursvereniging vzw
 
Vik g.haekens-atex risico evaluatie
Vik g.haekens-atex risico evaluatieVik g.haekens-atex risico evaluatie
Vik g.haekens-atex risico evaluatie
ie-net ingenieursvereniging vzw
 
Hoe maak ik de omgeving van mijn opslagtank veilig efficient
Hoe maak ik de omgeving van mijn opslagtank veilig  efficientHoe maak ik de omgeving van mijn opslagtank veilig  efficient
Hoe maak ik de omgeving van mijn opslagtank veilig efficient
ie-net ingenieursvereniging vzw
 
Checklist tankcontrole 2018 bacd
Checklist tankcontrole 2018 bacdChecklist tankcontrole 2018 bacd
Checklist tankcontrole 2018 bacd
ie-net ingenieursvereniging vzw
 
Controle en ingebruikname van uw opslagtank
Controle en ingebruikname van uw opslagtankControle en ingebruikname van uw opslagtank
Controle en ingebruikname van uw opslagtank
ie-net ingenieursvereniging vzw
 
Certainly not explosive (Eng)
Certainly not explosive (Eng)Certainly not explosive (Eng)
Certainly not explosive (Eng)
ie-net ingenieursvereniging vzw
 
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
ie-net ingenieursvereniging vzw
 
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
ie-net ingenieursvereniging vzw
 
Tuev sued-drives-and-controls-2014-presentation
Tuev sued-drives-and-controls-2014-presentationTuev sued-drives-and-controls-2014-presentation
Tuev sued-drives-and-controls-2014-presentation
ie-net ingenieursvereniging vzw
 
Pressure Relief Devices
Pressure Relief DevicesPressure Relief Devices
Pressure Relief Devices
ie-net ingenieursvereniging vzw
 

More from ie-net ingenieursvereniging vzw (20)

Ultrasoon_Clamp-on.pdf
Ultrasoon_Clamp-on.pdfUltrasoon_Clamp-on.pdf
Ultrasoon_Clamp-on.pdf
 
Elektromagnetische_debietmeters.pdf
Elektromagnetische_debietmeters.pdfElektromagnetische_debietmeters.pdf
Elektromagnetische_debietmeters.pdf
 
SGS Skybase (NL) .pdf
SGS Skybase (NL) .pdfSGS Skybase (NL) .pdf
SGS Skybase (NL) .pdf
 
VEGA-Radar vs US-26APR2022-NL.pdf
VEGA-Radar vs US-26APR2022-NL.pdfVEGA-Radar vs US-26APR2022-NL.pdf
VEGA-Radar vs US-26APR2022-NL.pdf
 
From process to emission
From process to emissionFrom process to emission
From process to emission
 
Contactloos volume flow meting op transportbanden (ENG.)
Contactloos volume flow meting op transportbanden (ENG.)Contactloos volume flow meting op transportbanden (ENG.)
Contactloos volume flow meting op transportbanden (ENG.)
 
Connecting fieldbus power and knowledge
Connecting fieldbus power and knowledgeConnecting fieldbus power and knowledge
Connecting fieldbus power and knowledge
 
Frequentieregelaars
FrequentieregelaarsFrequentieregelaars
Frequentieregelaars
 
Breekplaten beademingsmachines vlamdover (NED.)
Breekplaten beademingsmachines vlamdover (NED.)Breekplaten beademingsmachines vlamdover (NED.)
Breekplaten beademingsmachines vlamdover (NED.)
 
Veiligheden rond de tank
Veiligheden rond de tankVeiligheden rond de tank
Veiligheden rond de tank
 
Veiligheden rond de tank
Veiligheden rond de tankVeiligheden rond de tank
Veiligheden rond de tank
 
Vik g.haekens-atex risico evaluatie
Vik g.haekens-atex risico evaluatieVik g.haekens-atex risico evaluatie
Vik g.haekens-atex risico evaluatie
 
Hoe maak ik de omgeving van mijn opslagtank veilig efficient
Hoe maak ik de omgeving van mijn opslagtank veilig  efficientHoe maak ik de omgeving van mijn opslagtank veilig  efficient
Hoe maak ik de omgeving van mijn opslagtank veilig efficient
 
Checklist tankcontrole 2018 bacd
Checklist tankcontrole 2018 bacdChecklist tankcontrole 2018 bacd
Checklist tankcontrole 2018 bacd
 
Controle en ingebruikname van uw opslagtank
Controle en ingebruikname van uw opslagtankControle en ingebruikname van uw opslagtank
Controle en ingebruikname van uw opslagtank
 
Certainly not explosive (Eng)
Certainly not explosive (Eng)Certainly not explosive (Eng)
Certainly not explosive (Eng)
 
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (Nl.)
 
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
Elektrische installaties in ruimtes met stofexplosiegevaar (1.3 Mb) (Nl.)
 
Tuev sued-drives-and-controls-2014-presentation
Tuev sued-drives-and-controls-2014-presentationTuev sued-drives-and-controls-2014-presentation
Tuev sued-drives-and-controls-2014-presentation
 
Pressure Relief Devices
Pressure Relief DevicesPressure Relief Devices
Pressure Relief Devices
 

Recently uploaded

Comparative analysis between traditional aquaponics and reconstructed aquapon...
Comparative analysis between traditional aquaponics and reconstructed aquapon...Comparative analysis between traditional aquaponics and reconstructed aquapon...
Comparative analysis between traditional aquaponics and reconstructed aquapon...
bijceesjournal
 
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball playEric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
enizeyimana36
 
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMTIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
HODECEDSIET
 
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptxML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
JamalHussainArman
 
Properties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptxProperties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptx
MDSABBIROJJAMANPAYEL
 
Engine Lubrication performance System.pdf
Engine Lubrication performance System.pdfEngine Lubrication performance System.pdf
Engine Lubrication performance System.pdf
mamamaam477
 
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSA SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
IJNSA Journal
 
Embedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoringEmbedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoring
IJECEIAES
 
CSM Cloud Service Management Presentarion
CSM Cloud Service Management PresentarionCSM Cloud Service Management Presentarion
CSM Cloud Service Management Presentarion
rpskprasana
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
SUTEJAS
 
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
IJECEIAES
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
VICTOR MAESTRE RAMIREZ
 
Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
Hitesh Mohapatra
 
Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...
IJECEIAES
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Sinan KOZAK
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Christina Lin
 
22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt
KrishnaveniKrishnara1
 
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
ihlasbinance2003
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
wisnuprabawa3
 
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdfBPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
MIGUELANGEL966976
 

Recently uploaded (20)

Comparative analysis between traditional aquaponics and reconstructed aquapon...
Comparative analysis between traditional aquaponics and reconstructed aquapon...Comparative analysis between traditional aquaponics and reconstructed aquapon...
Comparative analysis between traditional aquaponics and reconstructed aquapon...
 
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball playEric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
Eric Nizeyimana's document 2006 from gicumbi to ttc nyamata handball play
 
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMTIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEM
 
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptxML Based Model for NIDS MSc Updated Presentation.v2.pptx
ML Based Model for NIDS MSc Updated Presentation.v2.pptx
 
Properties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptxProperties Railway Sleepers and Test.pptx
Properties Railway Sleepers and Test.pptx
 
Engine Lubrication performance System.pdf
Engine Lubrication performance System.pdfEngine Lubrication performance System.pdf
Engine Lubrication performance System.pdf
 
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMSA SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
A SYSTEMATIC RISK ASSESSMENT APPROACH FOR SECURING THE SMART IRRIGATION SYSTEMS
 
Embedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoringEmbedded machine learning-based road conditions and driving behavior monitoring
Embedded machine learning-based road conditions and driving behavior monitoring
 
CSM Cloud Service Management Presentarion
CSM Cloud Service Management PresentarionCSM Cloud Service Management Presentarion
CSM Cloud Service Management Presentarion
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
 
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...
 
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student MemberIEEE Aerospace and Electronic Systems Society as a Graduate Student Member
IEEE Aerospace and Electronic Systems Society as a Graduate Student Member
 
Generative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of contentGenerative AI leverages algorithms to create various forms of content
Generative AI leverages algorithms to create various forms of content
 
Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...Advanced control scheme of doubly fed induction generator for wind turbine us...
Advanced control scheme of doubly fed induction generator for wind turbine us...
 
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
 
22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt22CYT12-Unit-V-E Waste and its Management.ppt
22CYT12-Unit-V-E Waste and its Management.ppt
 
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
5214-1693458878915-Unit 6 2023 to 2024 academic year assignment (AutoRecovere...
 
New techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdfNew techniques for characterising damage in rock slopes.pdf
New techniques for characterising damage in rock slopes.pdf
 
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdfBPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
 

Hima cyber security

  • 1. HIMA Cyber Security Josse Brys Senior Manager Sales and Regional Development Antwerpen 25 October 2018
  • 2. © HIMA Paul Hildebrandt GmbH 2017 2 HIMA Mission Our Mission is to contribute to Plant Safety and Operational Availability by implementing unique Smart Safety Solutions and life cycle Services
  • 3. 3 HIMA History 1908 1936 1950 1965 1970 1986 1997 1999 2008 20131929 2017
  • 4. 4 HIMA: The leading Expert in Safety Solutions ▪ Headquarters in Germany Brühl ▪ Worldwide local service and support ▪ Over 40,000 safety systems installed ▪ More then 800 people dedicated to safety ▪ R&D investment with 125 experts
  • 5. © HIMA Paul Hildebrandt GmbH 2018 5 Experienced recently while being airborne … • How would you feel? • Would you be worried? • Will the plane be in trouble?
  • 6. - autonomous, computer-based devices, used extensively in: - oil refining, - chemical processing, - electrical generation - other industries where the creation of a product is based on a continuous series of processes being applied to raw materials. 6© HIMA Paul Hildebrandt GmbH 2018 Industrial Control Systems (ICS) is: By deploying and programming ICS devices, engineers have the ability to remotely monitor and control the different variables of the industrial process. Supervisory Control and Data Acquisition (SCADA) systems, or distributed control systems (DCS), and programmable logic controllers (PLCs))
  • 7. A subcategory of ICS, and is used to protect - humans, - industrial plants - and the environment in case of a monitored process going beyond the allowed control margins. 7© HIMA Paul Hildebrandt GmbH 2018 Safety Instrumental Systems (SIS) is: These devices are not intended for controlling the process itself, but rather provide an overriding signal, so that immediate actions are taken if the process control systems fail.
  • 8. © HIMA Paul Hildebrandt GmbH 2017 8 What makes HIMA unique? Safety solutions Other companies HIMA understands Safety better than any other company Automation Solutions Smart Safety solutions Safety is our DNA
  • 9. © HIMA Paul Hildebrandt GmbH 2017 9 Safeguards your plant/operations 9 e.g. pressure relief valve Public and plant-specifc measures e.g. retention basin SIS (safety instrumented system) DCS / BPCS and people DCS / BPCS Disaster prevention Damage mitigation Mechanical protection MonitoringProcess alarm Safety instrumented systemSafety shutdown Operation Monitored Process value Cyber Security M I T I G A T I O N P R E V E N A T I O N
  • 10. © HIMA Group 2018 10 Functional Safety Standards
  • 11. © HIMA Group 2018 11 SIL - Safety Integrity Level SIL is how we measure the performance of safety functions carried out by the safety instrumented systems ‣ Process owners: Which safety functions do I need and how much SIL do I need? ‣ Engineering companies, system integrators, product developers: How do I build SIL compliant safety devices, functions or systems? ‣ Process operators: How do I operate, maintain and repair safety functions and systems to maintain the identified SIL levels? SIL has 3 sides to the story
  • 12. © HIMA Group 2018 12 SIL Levels Risk reduction
  • 13. © HIMA Group 2018 13 SIL Levels PFDavg = Probability of Failure on Demand average Most famous SIL requirement is the Probability of Failure on Demand
  • 14. 14 Cyber security Risksecurity = threat * vulnerability * potential of the damage Functional safety Risksafety = probability of a damage * potential of the damage World Sys. Safety + What is Safety World Sys. World Sys.
  • 15. It takes two to Tango: Safety and Security
  • 16. © HIMA Group 2018 16 100% GUARANTEE See IEC 61508. Measures to reduce risk to tolerable level once (and for ever) for Safety there is none for Security there is none See IEC 62443. Programmable Safety Systems can be compromised.
  • 17. AvoidanceofFailures Security (andothertechnology- dependentaspects) ControlofFailures ReliabilityEvaluation Management of Functional Safety 17 How to be prepared to tango Safe Operation © HIMA Paul Hildebrandt GmbH 2018
  • 18. 18 Safety and security interacting closely, nevertheless 1. Both are focused on totally different aspects 2. Safety and security recommendations have no automatic correlation 3. Alignment of safety and security requires a special strategy To tango requires common understanding © HIMA Paul Hildebrandt GmbH 2018
  • 19. 19 Principle 1: Protection of safety functions Security effectively prevents safety against negative influences of threats. Safety evaluations are based on the assumption of effective security measures. Principle 2: Compatibility of implementations Security does not interfere with safety and vice versa. Principle 3: Protection of security countermeasures The safety implementations do not negatively compromise the effectiveness of security implementations. Source: IEC/TR 63069 Guiding principles of applying Safety & Security IEC 61508 & IEC 62443 Alignment of both dancing partners © HIMA Paul Hildebrandt GmbH 2018
  • 20. 20 Reviewed in Safety Lifecycle Intervals Safety Design Security Design Secure Safety Setup Security Setup Security Environment • To protect the perimeters of the Security environment • To protect the internal Interactions • To protect the individual functional units Reviewed in Security Lifecycle Intervals 1. Updates in years 2. Focus on malfunctions 3. Looking at (own) operational experiences I. Updates in weeks II. Focus on vulnerabilities III. Looking at community experiences Coordination of both Lifecycles Our tango lasts longer © HIMA Paul Hildebrandt GmbH 2018
  • 21. HIMA Security Environment for Functional Safety HIMA Secure Safety Core 21 Cyber secure down to its core Gateway CPU I/O COM Interface Interface4..20 mA HART DCS Information Domain HIMA MMI Plant Security Zone © HIMA Paul Hildebrandt GmbH 2018 DCS – Automation Domain HIMA
  • 22. ZONE DZONE C ZONE B ZONE A 22 MES OfficeVirtual Plant WWW ENG/MAIN FieldbusHART4..20 mA Level 0: Instrumentation Level 1: Real Time Data Processing Level 2: MMI/Maintenance Level 3: Local Office ERP (local) Level 4: WWW ERP (global) SIS, HARTSIS Zones & Conduits (IEC 62443) Historian AA A A A © HIMA Paul Hildebrandt GmbH 2018
  • 23. Do you have full visibility of the risks on your SIS / IOT system? 23© HIMA Paul Hildebrandt GmbH 2018
  • 24. You think it will never happens to me.. Until you are the target.. 24© HIMA Paul Hildebrandt GmbH 2018
  • 25. 25© HIMA Paul Hildebrandt GmbH 2018 - Common vulnerability (e.g. SQL injection) - Zero-day exploit - USB keys - Insider threat - Physical access to devices - Interactive social engineering - Spear Phising Common Attack methods:
  • 26. © HIMA Group 2018 26 See Netflix film: LO and Behold: Reveries of the connected World From 53 min
  • 27. 27© HIMA Paul Hildebrandt GmbH 2018 Petya-ransomware Attack 2017 – Again Only this time a Worldwide hack Cyber attacks are real
  • 28. 28© HIMA Paul Hildebrandt GmbH 2018 Russia GRU caught hacking into OPCW via WIFI October 2018 Example of the WIFI hack Cyber attacks are real
  • 31. © HIMA Group 2018 31 Cyber attacks are real www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN Incident Summary The attacker gained remote access to an SIS engineering workstation and deployed the TRITON attack framework to reprogram the SIS controllers Triton /Trisis/ HATMAN December 2017 Attackers Deploy New ICS Attack Framework “TRITON” and Cause Operational Disruption to Critical Infrastructure
  • 32. © HIMA Group 2018 32 MELTDOWN / SPECTRE January 2018 • Critical weak points in chip hardware weaken nearly all IT systems worldwide. (CPU chips) • HIMA operating systems strictly segregate the memory they access. • Meltdown and Spectre have no effect on HIMA security systems! Cyber attacks are real www.meltdownattack.com
  • 33. 33© HIMA Paul Hildebrandt GmbH 2018 The malware also named Trojan-Spy.0485 or Malware-Cryptor.Win32.Inject.gen.2 The drivers where registered in the virus database under the name Rootkit.TmpHider and SScope.Rootkit.TmpHider.2 Uranium Plant - Iran Cyber attacks are real Stuxnet Let’s look in detail Stuxnet
  • 35. © HIMA Group 2018 35 Stuxnet Targets specific Siemens PLC • Each PLC must be configured before use • Configuration is stored in system data blocks (SDB) • Stuxnet parses these blocks • Look for magic bytes 2C CB 00 01 at offset 50h • Signifies a Profibus network card is attached - CP 342-5 • Looks for 7050h and 9500h • Must have more than 33 of these values • Injects different code based on number of occurrences
  • 36. © HIMA Group 2018 36 Stuxnet Programming the PLC • Simatic or Step 7 software used to write code in STL • STL code is compiled to MC7 byte code • MC7 byte code is transferred to the PLC • Control PC can now be disconnected
  • 37. © HIMA Group 2018 37 Stuxnet Stuxnet: Man-in-the-Middle Attack on PLCs • Step7 uses a library to access the PLC S7otbxdx.dll • Stuxnet replaces that dll with its own version • Stuxnet version intercepts, read and write to the PLC and changes the code at this point. Request code block from PLC Show code block from PLC to user Modified STL code block Step7 S7blk_read STL code block S7otbxdx.dll STL code block PLC
  • 38. © HIMA Group 2018 38 Stuxnet • Stuxnet: C7 Byte code • Malicoius dll contains at least 70 blobs of data • They are binary and encoded • These are actually blocks of MC7 byte code • This is the code that is injected into the PLC's • Must be converted back to STL to understand it
  • 39. © HIMA Group 2018 39 Stuxnet • OB1 and OB35 Stuxnet changes these blocks • OB1 = main on PLCs -Stuxnet inserts its own code at the beginning of OB1 so it runs first • OB35 is a 100ms interrupt routine - Used to monitor inputs that would require fast action - Stuxnet infects OB35 too • Stuxnet will return clean versions of these functions when they are read from the PLC
  • 40. © HIMA Group 2018 40 Stuxnet 15000 lines of code
  • 41. © HIMA Group 2018 41 Stuxnet 984 centrifuges (unhappy) Electrical IO Reality blocker PLC program (happy)
  • 42. © HIMA Group 2018 42 Last Security Incidents www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN Wetware The Human Factor
  • 43. © HIMA Group 2018 43 See Netflix film: LO and Behold: Reveries of the connected World From 59 min
  • 44. 44© HIMA Paul Hildebrandt GmbH 2018 Again, are you sure – that you are Secure?
  • 45. 45© HIMA Paul Hildebrandt GmbH 2018 - Every Week? How often do you monitor your : - Procedures - Policies - 3rd Party Hard- and Software Vendors - Cause & Effects - KPI’s - Log files - Security Reports - Risk Assessments - Every Month? - Never?
  • 46. 46© HIMA Paul Hildebrandt GmbH 2018 How can you reduce the risk and protect your SIS / IOT Environments? - Build higher walls - Industrial Control System (ICS) Security will save you - Adopt a new thinking
  • 47. 47© HIMA Paul Hildebrandt GmbH 2018 How become from Reactive to Proactive?
  • 48. 48 Example cases of Cyber Security Risks © HIMA Paul Hildebrandt GmbH 2018
  • 49. 49 SIS Awareness Concept – Example 1 Broken SIS Engineering Station swapped (temporarily) with a Back Office workstation © HIMA Paul Hildebrandt GmbH 2018
  • 50. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS Engineering Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 50 SIS Awareness Concept – Example 1 © HIMA Paul Hildebrandt GmbH 2018
  • 51. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS Engineering Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 51 SIS Awareness Concept – Example 1 © HIMA Paul Hildebrandt GmbH 2018
  • 52. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 52 SIS Awareness Concept – Example 1 © HIMA Paul Hildebrandt GmbH 2018
  • 53. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone ‘Temp.’ Replace Back Office Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 53 SIS Awareness Concept – Example 1 © HIMA Paul Hildebrandt GmbH 2018
  • 54. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone ‘Temp.’ Replace Back Office Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 54 SIS Awareness Concept – Example 1 Internet © HIMA Paul Hildebrandt GmbH 2018
  • 55. 55 SIS Awareness Concept – Example 2 Undetected switch/Router in your SIS © HIMA Paul Hildebrandt GmbH 2018
  • 56. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS Engineering Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 56 SIS Awareness Concept – Example 2 © HIMA Paul Hildebrandt GmbH 2018
  • 57. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 57 SIS Awareness Concept – Example 2 © HIMA Paul Hildebrandt GmbH 2018
  • 58. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone Unmanaged Switch / Router SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 58 SIS Awareness Concept – Example 2 SIS Engineering Station © HIMA Paul Hildebrandt GmbH 2018
  • 59. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone Unmanaged Switch / Router SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 59 SIS Awareness Concept – Example 2 SIS Engineering Station Un- controlled Network Devicees © HIMA Paul Hildebrandt GmbH 2018
  • 60. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone Unmanaged Switch / Router SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 60 SIS Awareness Concept – Example 2 SIS Engineering Station Internet Un- controlled Network Devicees © HIMA Paul Hildebrandt GmbH 2018
  • 61. © HIMA Paul Hildebrandt GmbH 2018 61  Actual Cyber Security threats No clear/Not up to date of:  - Policies; - Procedures; - Network drawing; - IP Database; - Backup; Disaster Recovery - Actual Hardware registration; - Actual in- and external User Accounts;  - Registration of visitors; No Supervision of Visitors;  - CTTV; Door; Keys; Batch-IDs; USB-Sticks;  - Open Unused Switch Ports; Network Device Registration; Up-to-Date Network Drawings  Tampering with these systems can lead to:  You need to know, who is who in the Office & don’t leave them (alone) in Restricted Area’s  Possibly environmental disasters, due to loss of data  … Equipment damage  Production loss  Loss of valuable production recipes and installation data Awareness of Cyber Security in SIS / OT environments
  • 62. © HIMA Paul Hildebrandt GmbH 2018 62 Nowadays Threats • Software Bugs • Unauthorized physical access • Unauthorized network access • Abuse (e.g. disgruntled employee) • Human error (e.g. No virus check on USB) Awareness of Cyber Security in SIS / OT environments
  • 63. © HIMA Paul Hildebrandt GmbH 2018 63 Actual Cyber Security threats  The BadUSB attack 2.0 A few weeks ago, a new version of this BadUSB attack is already found which this time only requires a USB cable, such as charge cable for your smartphone. The cable continues to retain the ability to charge the connected device, but on the side of the computer it acts as a Human Input Device (HID), such as a keyboard or mouse and then it will install malicious software Awareness of Cyber Security in SIS / OT environments
  • 64. 64© HIMA Paul Hildebrandt GmbH 2018 Minimum Effort – Maximum Security Awareness of Cyber Security in SIS / OT environments
  • 65. SIS COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 65 Awareness of Cyber Security in SIS / OT environments © HIMA Paul Hildebrandt GmbH 2018
  • 66. Extended SIS Zone SIS Engineering Station SIS COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 66 SIS OPC Server & HMI Protection needed Awareness of Cyber Security in SIS / OT environments © HIMA Paul Hildebrandt GmbH 2018
  • 67. SIS IT-Infrastructure BPCS/DCS/HMI Peripherals Extended SIS Zone SIS Engineering Station SIS OPC Server & HMI COM CPU IO SIS Network (safeethernet) Core SIS Zone Field Devices 67 Protection needed Firewall & VLAN Technology SIS Awareness Concept – Zones and Conduits © HIMA Paul Hildebrandt GmbH 2018
  • 68. 68 SIS Awareness Scope of Support Assets - SIS - Engineering Station - OPC Server Station - Tofino Firewall Technology - Hirschmann VLAN Technology - Network Infrastructure … Policies & Procedures - Hardening - Patch Management - User Management - Logging Management - Change Management - Verification - Backup/Restore … Detail Definition - Hardware (LSM) - Software (Off-Line) Patches - Windows - Antivirus Software - Patches / Firmware - Network Overview (As-Build) - Documentation - Organisation - Users - … © HIMA Paul Hildebrandt GmbH 2018
  • 69. • Maintain integrity of SIS to its designed functionality Overview on the current status of the SIS • Comply with regulatory requirements Practical base for improvements or further IT/OT risk assessments • Manage risk Help to reveal undetected vulnerabilities of the SIS Network before a plant disruption or malfunction • Expertise of independent Cyber Security Specialists Safety focus ensure that SIS specific configurations are covered SIS Awareness Benefits 69© HIMA Paul Hildebrandt GmbH 2018
  • 70. © HIMA Group 2018 70 HIMA Security MeasuresSecurity in Safety Instrumented Systems Source: NAMUR NA 163
  • 71. © HIMA Group 2018 71 HIMA Security Measures PC-Infrastructure Controller Hardware and Firmware Lifecycle Management Engineering ToolCommunication Infrastructure SIS, HARTSIS A A Security in ICS depends on five areas
  • 72. © HIMA Group 2018 72 • 100% HIMA Software • Extremely low software error rate (similar to military and aircraft) • Automated code analysis • Unused ethernet ports locked physically • No access to program code during operation • No backdoors • No common cause failures SIS/BPCS • … Controller Hardware and Firmware
  • 73. © HIMA Group 2018 73 • 100% HIMA Software • Single-purpose Engineering tool • Proprietory database file for efficient Recovery Backup • Two-factor authentication for project and controller data • Diagnoses and time stamps cannot be deleted (audit trail) • Key switches for RELOAD, FORCE, READ possible • Monitoring of program changes • Enforced change of passwords • Well-defined User management incl. Security Admin Role • Function blocks with password protection (locking/read-only) Engineering Tool
  • 74. © HIMA Group 2018 74 • Secure BIOS Management • Reduced access rights • Only required Windows services activated • No double-use of Engineering- and Office Laptops • Minimal set of application programs • Intelligent Password management • … PC Infrastructure
  • 75. © HIMA Group 2018 75 • Separated protection layers between CPU and COM – Modules • Proprietory and superior protocol for controller communication: SafeEthernet • Achilles-Certificate by Wurldtech • Consequent separation of networks in each installation • Tap-proof controler communication • … Communication Infrastructure
  • 76. © HIMA Group 2018 76 • HIMA Group Company • ISO 27001 Certification ongoing • Security Certification (Achilles, ISASecure EDSA, TÜV, …) • Penetration-testing (Customers, Service-providers, Universities) • Need-to-know principle: Access to source code and internal documents restricted to developers • Separate development network • Active collaboration in standardization committees like IEC and OpenGroup • Services for our customers • Security is integral part of HIMA Services and Engineering • Basic Security Check of HIMA safety systems • System hardening of safety systems and safety system environments Lifecycle Management
  • 77. © HIMA Group 2018 77 www.meltdownattack.com www.github.com/ICSrepo/TRISIS-TRITON-HATMAN Fiber optic cable Cyber secure?
  • 78. © HIMA Group 2018 78 https://www.youtube.com/watch?v=bnzeyBK3kAY
  • 79. © HIMA Paul Hildebrandt GmbH 2018 79 Summary • Safety and cyber security are connected • Cyber security needs your attention • Separate safety from operations • Think not only about the hardware
  • 80. © HIMA Group 2018 80 Josse Brys E-mail: info@hima.com Internet: www.hima.com HIMA Group Albert-Bassermann-Str. 28 68782 Brühl, Germany Phone: +49 6202 709-0 Fax: +49 6202 709-107 Thank You. J.brys@hima.com