SlideShare a Scribd company logo
1 of 45
Download to read offline
Marcelo Branquinho
CEO & Founder
TI Safe, Brazil
Safety First: Protecting the Power Distribution with Zero Trust for ICS
About Marcelo Branquinho
• CEO & Founder of TI Safe
• Background in electrical engineering and ICS
Cybersecurity
• Senior Member of ISA
• Soccer fanatic, as all Brazilians ☺
Palo Alto Networks Proprietary and Confidential
Agenda
Digital
transformation
and its risks for
Power Systems
Network
Segmentation and
the Zero Trust
Model
What TI Safe and
PAN did to help
Q&A
Digital transformation and its
risks for Power Systems
Generation Transmission Distribution Consumption
Electric Power Systems
https://electrical-engineering-portal.com/electric-power-systems
Digital Transformation of Electric Power Systems
Asset Lifecycle
Management
Grid Optimization
Integrated Customer
Services
General services, beyond
electricity
Sources: Accenture research for the Digital Transformation of Industries project &
Global Digital Transformation Benefits Report 2019, Schneider Electric
Building blocks of digitization
Service platforms Smart devices The ‘cloud’ Advanced analytics
IoE – IIoT in Energy Networks (Internet of Energy)
• Internet of Energy (IoE) refers to the modernization
and automation of electricity infrastructures for
energy producers.
• This allows energy production to progress more
efficiently and cleanly with the least amount of waste.
• An example of IoE technology includes the use of
intelligent sensors, common among other IoT
technology applications, which enable IoE facilitated
mechanics such as power monitoring, distributed
storage and renewable energy integration.
Smart digital substations
• The Digitization of substations has an
architecture based on the IEC 61850
standard.
• The digitization converts data from primary
equipment into the substation - such as
current transformers, voltage transformers,
circuit breakers, switches and power
transformers for digital protections by sample
values and GOOSE messages.
• All signals are transmitted through fiber optics,
eliminating completely the use of metal cables
and reducing the risk of fatal accidents caused
by electric shocks and open circuits in current
transformers, which can reduce infrastructure
costs and maintenance at the substation.
Attacks on IEDs via GOOSE protocol
Protocol
•The IEC 61850 protocol provides a model and
rules for organizing data in a consistent
manner across all types of IEDs.
•The GOOSE (GenericObject Oriented
Substation Events) is part of the IEC-61850
protocol and encapsulates logic and analogue
data such as the status of disconnectors,
shutter control, interlocks, general alarms and
the temperature of power transformers that
are transmitted in Ethernet packets.
Threat
•Thus, malware can be created to capture,
alter and re-inject GOOSE messages into the
network and, exploiting security holes in the
GOOSE message protocol, attack the power
grid causing service interruption.
•The attack uses an Exploit GOOSE via spoofing
where an attacker publishes false Layer 2
packets and devices that receive these packets
mistakenly believe that they are receiving
valid packets sent by a secure and trusted
entity.
Vulnerability
•This attack is possible due to lack of
encryption and authentication in GOOSE
messages because of latency problems in IED
devices (the IEC-61850 protocol specifies a
maximum delay of 4ms for GOOSE messages)
Transmission Time
Attack
Event
Cyber attacks may paralyze
digital power structures
Electricity is the core of the critical infrastructure
Palo Alto Networks Proprietary and Confidential 11
Interconnected systems – Chain Disconnections
• Integrated
power
generation &
distribution
• Critical paths
on a few
substations
• Vulnerabilities
exploitaition
can easily lead
to blackouts
Palo Alto Networks Proprietary and Confidential 12
A falta de segurança no
setor elétrico pode se
transformar em um
desastre!
How digital
energy
networks
will respond
to the next
global
attack?
Are there ICS
cybersecurity
experts in the
national
energy
companies?
Are the digital
networks in the
energy sector
protected?
Network Segmentation and the
Zero Trust Model
Why security solutions fail?
One popular solution used in ICS Cybersecurity is to
install a firewall between business and control
networks.
Known as “Bastion Model” since it is based on a
single point of security.
Example: Chinese Wall
Pathways inside the control network
• Protecting only the perimeter of the OT
network is not enough.
• There are lots of pathways inside the OT
network that bypass perimeter security.
• It’s necessary to protect the factory floor
with modern and in-depth defense
technologies where problems in one area
are not allowed to migrate to another
area.
• The Solution is the use of security zones,
as defined in ISA-IEC 62443 standard.
ISA/IEC 62443 – The Zones and Conduits Model
HMI Zone
Parent Zone
Conduit
Security technologies and policies must be added to enforce
communications security between different zones
Security ZoneSecurity Zone
Network Segmentation with NGFW and Services
• Maximize visibility over OT traffic
• Reduce the attack surface
– Granular inter-zone policy (L7)
– Secure mobile/internet access
as allowed
• Stop known exploits, malware, C2
traffic
• Quickly discover and stop 0-day
threatsNGFW as a
Security “Conduit”
(ISA 62443)
Zone
1
Zone
2
Zone
3
Business Case
Scenario
Palo Alto Networks Proprietary and Confidential 19
Cyberprotect a countrywide automation
network of a electric power distribution
company
Establish zones and conduits
Create a security layer over 3rd party
links
Ensure remote access security
1st Generation
Standard Cabling
2nd Generation
Peer-to-peer connections
Since 1985
3rd Generation
Digital
Substations
HMI
Substation
Controller
Serial Connection
Bay
Bay
Parallel wiring
Fault recorder
Protection
RTU
Mimic board
Ancient past
Parallel wiring
1st generation:
Standard cabling
RTU
Registrador
Proteção
Control center
Local HMI
Substation
Controller
Firewall
IEC 61850
GOOSE
IEC 61850 MMS
Engineering PC
Firewall
Virtual Private
Network (VPN)
Trusted Zone
18/5000
Untrusted
Zone
The customer is digitizing its infrastructure
Recorder
Protection
Parallel Cabling Parallel Cabling
And Segmenting ICS and SCADA is a challenge
• Production system runtime
• Legacy systems
• Cost to implement
• Flat networks
IntelligentDevice
Level 1
Process
Level 0 Actuator
PLC,RTU,IE
D
ManufacturingOperations
Level 3
Historian
Process sys
DMZ
Level 3.5
Patch Srv
Jmp Srv
Controls Systems
Level 2 HMI
Eng. Sta
Implementing firewalls in
power grids is a critical task
• Power grids cannot stop. SCADA servers
cannot be restarted.
• Communication between control centers and
substations will necessarily pass through
perimeter firewalls. Any interruption in this
communication will cause the control center to
operate blindly, even for a short time.
This unattended operation time can cause
several problems, including power failures
(blackouts)
• Industrial power protocols should be
addressed in the Firewall (DNP-3, IEC 104,
and others). Errors in treatment can block
critical operations and cause major problems. 22 | ©
2018 Palo
Alto
Networks,
Inc. All
Rights
Reserved.
Zero Trust – Firewall is the new core of the OT Network
• Zero Trust, based in the principle of “never trust, always verify,”
• As a company focused on ICS Cybersecurity, TI Safe developed a methodology to implement zero
trust on critical infrastructures.
• The main challenge is to implement the firewall as network core, replacing switches’ routing
functionalities on an operational network.
Users Control Application
control
TI Safe
ICS-SOC
Malware
containment
Third party
network isolation
Network
visibility
Zero Trust Design Concepts
Define business
outcomes
Design from the
inside out
Determine who/what
needs access
Inspect and log
all traffic
24 | © 2019, Palo Alto Networks. All Rights Reserved.
5 Steps to implement a Zero Trust Network
1. Define protection
surface
2. Map the
transaction flows
3. Architect a
Zero Trust network
4. Create Zero
Trust Policy
25 | © 2019, Palo Alto Networks. All Rights Reserved.
5. Monitor and
maintain the
network
1. Define protection surface
Understand external requirements
– Contractual obligations
– Laws & regulations (e.g NERC-CIP)
Palo Alto Networks Proprietary and Confidential 26
Translate external requirements
into cybersecurity requirements
2. Map the transaction flows (zones and conduits)
Prior to the project implementation, zones were physically mapped to the firewalls and then
logically interconnected on a security rules plan.
Sample relationships between zones
SCADA
OPC
SCADA OPC
3. Architect a Zero Trust Network
Unknown TCP and UDP protocols, non-standard communication ports, multiple links (i.e. fiber, telecom
operator, satellite, etc.) to connect one or more sites, are a few elements that increase the project complexity.
Example of physical planning of a firewall
IP info IP info IP info IP info IP info IP info IP info
Zone
description
Zone
description
Zone
description
Zone
description
Zone
description
Zone
description
SCADAOPC
OCC Control
Operator Zone
Historic
Engineering Zone
DMZ
between IT
and OT zones
Antivirus Patch Web
Processes
Level 0
Level 1
Level 2
Level 3
Level 3,5
Level 4
SCADA
Servers Zone
PLCs Zone
Corporate Zone
(IT)
Historic Replica
PLCs Zone
Engineering StationsIHM
Remote Access
3. Architect a Zero Trust Network
Sample Architecture - Operational Control Center
CybersecurityManagement
Network
TI Safe´s ICS-SOC
Cortex
Wildfire
Development Stations
3. Architect a Zero Trust Network
Sample Architecture – Small Hydroelectric Plant
SCADA
Level 2
SHP Control
Nível 3
Dispatch
Control
SDSC
Level 1
Local control
room
UAC IED
CybersecurityManagement
Network
TI Safe´s ICS-SOC
Engineering
Cortex
Wildfire
Generation Units (Turbines)
PLC
Engineering Supervisory Historian
OT Firewall
Zero trust
Control Network
TI Safe´s ICS-SOC
3. Architect a Zero Trust Network
Sample Architecture - Power Generating Units
4. Create Zero Trust Policy ➔ App-ID
Palo Alto Networks Proprietary and Confidential 32
Allow all
Assess IT
and OT
protocols
(investigate
Unknown
TCP!)
Validate
collected
protocols
Create
apps and
services (if
needed)
Lockdown
policies
4. Create Zero Trust Policy ➔ User-ID
Palo Alto Networks Proprietary and Confidential 33
Understand
user
identification
requirements
Configure
user database
(ex. MS Active
Directory)
Create user
groups based
on field roles:
operation,
engineering,
maintenance
Configure
internal and
external VPNs
(remote users
must use
jump servers)
Lockdown
policies
4. Create Zero Trust Policy ➔ Content-ID
Palo Alto Networks Proprietary and Confidential 34
Do not allow
direct access
to the
internet
Block all
medium to
critical
threats by
default due
to legacy
systems
Implement
antimalware
to create
secure
fileshares
Restrict
access to
operational
files
Lockdown
policies
5. Monitor and maintain the zero trust network
Only implementing NGFW in
the Zero Trust architecture on
a power grid does not solve all
the problems.
It´s necessary to monitor and
manage equipments
24x7x365 to respond to cyber
attacks without causing a
production outage.
We did it through our ICS-SOC
TI Safe's ICS-SOC integrates
cybersecurity functions with
industrial processes
monitoring to prevent and
respond to cyber attacks
against critical infrastructures.
Palo Alto Networks Proprietary and Confidential 35
5. Monitor and maintain the zero trust network
Log sources for ICS-SOC
Palo Alto Networks Proprietary and Confidential 36
Active Directory Firewall Industrial Firewalls
Network Services
such as DNS,
DHCP, etc
SCADA Industrial IDS
Network events
from Switches and
Firewalls (Physical
and virtuals)
Netflow and JFlow
Layer 7 Packet
Analisys
Proxy Servers
Operating Systems
Events (Linux /
UNIX / Windows)
Physical Security
Systems
5. Monitor and maintain the zero trust network
Energy SIEM – Event Management for the Electrical Sector
• Security intelligence platform with unified architecture
to collect, store, analyze and structure data of events
(logs), network flows, threats, vulnerabilities and risks
of electrical energy environments: generation,
transmission and distribution.
• Event correlation activities are performed on a single
screen, with the possibility of clear incident
identification, flow telemetry, risk modeling, and
impact analysis.
• Modular and scalable structure that allows you to
manage the security of environments of all types and
sizes.
• Platform established in partnership with leading
technology of big data and analytics.
• Integrated cyber security dashboards and operating
information, including information on Modbus, ICCP,
DNP-3, IEC 60870-5-104, Siemens S7 protocols,
among others specific to power.
What TI Safe and Palo Alto
Networks did to help?
A new joint product
Energy
clients
PAN
NGFW
TI Safe
ICS-SOC
TI Safe ICS
Cybersecurity
for Energy
TI Safe Cybersecurity for Energy
• Generating Units
• Power Substations
• Operational Control Centers
TI Safe´s ICS-SOC
TI Safe Cybersecurity for Energy
Cybersecurity policies
Edge Security with Next
Generation Firewall
Secure Remote Access
Secure cloud
communication for
industry 4.0
Zones and Conduits
Segmentation with zero
trust
Vulnerability
Monitoring
Malware protection and
control
Continuous monitoring
by TI Safe´s ICS-SOC
4-eyed Auditing and
Management
TI Safe Cybersecurity for Energy
– Strategic planning
and logistics
• Industrial
execution systems
• Batch control
• Continuous control
• Discrete control
Level 4
Level 3
Level 2, 1
Level 0
PA-3220
PA-820
PA-220
PA-220R
Cortex
Wildfire
TI Safe´s ICS-SOC
TI Safe’s ICS-SOC current coverage
Energy distribution
companies that supply 40
million Brazilians are
already protected by
TI Safe´s ICS-SOC.
45Palo Alto Networks Proprietary and Confidential
Questions?
Marcelo Branquinho
marcelo@tisafe.com
+5521994002290
www.tisafe.com

More Related Content

What's hot

CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesTI Safe
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...TI Safe
 
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaTI Safe
 
CLASS 2016 - Palestra Márcio Santos
CLASS 2016 - Palestra Márcio Santos CLASS 2016 - Palestra Márcio Santos
CLASS 2016 - Palestra Márcio Santos TI Safe
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 James Nesbitt
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingTonex
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Palestra realizada no S4x17 - Miami - EUA (em Inglês)
Palestra realizada no S4x17 - Miami - EUA (em Inglês)Palestra realizada no S4x17 - Miami - EUA (em Inglês)
Palestra realizada no S4x17 - Miami - EUA (em Inglês)TI Safe
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn Kingsley
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomiIvan Carmona
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Marco Armoni AIPSI - SMAU Milano 2017
Marco Armoni AIPSI - SMAU Milano 2017Marco Armoni AIPSI - SMAU Milano 2017
Marco Armoni AIPSI - SMAU Milano 2017SMAU
 

What's hot (20)

CLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José AntunesCLASS 2016 - Palestra José Antunes
CLASS 2016 - Palestra José Antunes
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
CLASS 2018 - Palestra de Jens Puhlmann (Security Manager, NA - ICS Security M...
 
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
 
CLASS 2016 - Palestra Márcio Santos
CLASS 2016 - Palestra Márcio Santos CLASS 2016 - Palestra Márcio Santos
CLASS 2016 - Palestra Márcio Santos
 
Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015 Industrial Control Cyber Security Europe 2015
Industrial Control Cyber Security Europe 2015
 
ICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity TrainingICS (Industrial Control System) Cybersecurity Training
ICS (Industrial Control System) Cybersecurity Training
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
Palestra realizada no S4x17 - Miami - EUA (em Inglês)
Palestra realizada no S4x17 - Miami - EUA (em Inglês)Palestra realizada no S4x17 - Miami - EUA (em Inglês)
Palestra realizada no S4x17 - Miami - EUA (em Inglês)
 
John kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultantJohn kingsley OT ICS SCADA Cyber security consultant
John kingsley OT ICS SCADA Cyber security consultant
 
Sb fortinet-nozomi
Sb fortinet-nozomiSb fortinet-nozomi
Sb fortinet-nozomi
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Marco Armoni AIPSI - SMAU Milano 2017
Marco Armoni AIPSI - SMAU Milano 2017Marco Armoni AIPSI - SMAU Milano 2017
Marco Armoni AIPSI - SMAU Milano 2017
 

Similar to Ignite 2019

IEC61850: Use of IEC61850 to telecontrol MV grids (Article)
IEC61850: Use of IEC61850 to telecontrol MV grids (Article)IEC61850: Use of IEC61850 to telecontrol MV grids (Article)
IEC61850: Use of IEC61850 to telecontrol MV grids (Article)iGrid T&D
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetIvan Carmona
 
A Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsA Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsIJECEIAES
 
Nokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENNokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENJuan Boggiano
 
Como abordar los retos de los grandes proyectos de IoT
Como abordar los retos de los grandes proyectos de IoT Como abordar los retos de los grandes proyectos de IoT
Como abordar los retos de los grandes proyectos de IoT TECNALIA Research & Innovation
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdfJokaTek
 
Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...Carotek
 
Device Connection Systems for Industrial Ethernet
Device Connection Systems for Industrial EthernetDevice Connection Systems for Industrial Ethernet
Device Connection Systems for Industrial EthernetMETZ CONNECT USA Inc.
 
4g security presentation
4g security presentation4g security presentation
4g security presentationKyle Ly
 
COM526_Lecture 1.pdf
COM526_Lecture 1.pdfCOM526_Lecture 1.pdf
COM526_Lecture 1.pdfSherefHesham
 
Малоресурсная криптография - Сергей Мартыненко
Малоресурсная криптография - Сергей МартыненкоМалоресурсная криптография - Сергей Мартыненко
Малоресурсная криптография - Сергей МартыненкоHackIT Ukraine
 
Design & Implementation Of Fault Identification In Underground Cables Using IOT
Design & Implementation Of Fault Identification In Underground Cables Using IOTDesign & Implementation Of Fault Identification In Underground Cables Using IOT
Design & Implementation Of Fault Identification In Underground Cables Using IOTIRJET Journal
 
Advanced Security Management in Metro Ethernet Networks
Advanced Security Management in Metro Ethernet NetworksAdvanced Security Management in Metro Ethernet Networks
Advanced Security Management in Metro Ethernet NetworksIJNSA Journal
 
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_EN
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_ENNokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_EN
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_ENJuan Boggiano
 

Similar to Ignite 2019 (20)

IEC61850: Use of IEC61850 to telecontrol MV grids (Article)
IEC61850: Use of IEC61850 to telecontrol MV grids (Article)IEC61850: Use of IEC61850 to telecontrol MV grids (Article)
IEC61850: Use of IEC61850 to telecontrol MV grids (Article)
 
Unit_3.pptx
Unit_3.pptxUnit_3.pptx
Unit_3.pptx
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
1.pptx
1.pptx1.pptx
1.pptx
 
Sb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinetSb securing-industrial-control-systems-with-fortinet
Sb securing-industrial-control-systems-with-fortinet
 
A Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart SubstationsA Defense-in-depth Cybersecurity for Smart Substations
A Defense-in-depth Cybersecurity for Smart Substations
 
Nokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENNokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_EN
 
Como abordar los retos de los grandes proyectos de IoT
Como abordar los retos de los grandes proyectos de IoT Como abordar los retos de los grandes proyectos de IoT
Como abordar los retos de los grandes proyectos de IoT
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
BRKIOT-2108.pdf
BRKIOT-2108.pdfBRKIOT-2108.pdf
BRKIOT-2108.pdf
 
Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...Internet of Things - structured approach to the physical plant network - Rock...
Internet of Things - structured approach to the physical plant network - Rock...
 
Device Connection Systems for Industrial Ethernet
Device Connection Systems for Industrial EthernetDevice Connection Systems for Industrial Ethernet
Device Connection Systems for Industrial Ethernet
 
4g security presentation
4g security presentation4g security presentation
4g security presentation
 
COM526_Lecture 1.pdf
COM526_Lecture 1.pdfCOM526_Lecture 1.pdf
COM526_Lecture 1.pdf
 
Evolution of internet by Ali Kashif
Evolution of internet  by Ali KashifEvolution of internet  by Ali Kashif
Evolution of internet by Ali Kashif
 
Малоресурсная криптография - Сергей Мартыненко
Малоресурсная криптография - Сергей МартыненкоМалоресурсная криптография - Сергей Мартыненко
Малоресурсная криптография - Сергей Мартыненко
 
Design & Implementation Of Fault Identification In Underground Cables Using IOT
Design & Implementation Of Fault Identification In Underground Cables Using IOTDesign & Implementation Of Fault Identification In Underground Cables Using IOT
Design & Implementation Of Fault Identification In Underground Cables Using IOT
 
Advanced Security Management in Metro Ethernet Networks
Advanced Security Management in Metro Ethernet NetworksAdvanced Security Management in Metro Ethernet Networks
Advanced Security Management in Metro Ethernet Networks
 
Smart Networks for the Industrial Internet of Things
Smart Networks for the Industrial Internet of ThingsSmart Networks for the Industrial Internet of Things
Smart Networks for the Industrial Internet of Things
 
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_EN
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_ENNokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_EN
Nokia_Mission-critical_Utilities_Network_Teleprotection_Application_Note_EN
 

More from TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
RetrospectivaTI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1TI Safe
 

More from TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci    por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 

Recently uploaded

AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekCzechDreamin
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераMark Opanasiuk
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsStefano
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...FIDO Alliance
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsUXDXConf
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...CzechDreamin
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...marcuskenyatta275
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka DoktorováCzechDreamin
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
The UX of Automation by AJ King, Senior UX Researcher, Ocado
The UX of Automation by AJ King, Senior UX Researcher, OcadoThe UX of Automation by AJ King, Senior UX Researcher, Ocado
The UX of Automation by AJ King, Senior UX Researcher, OcadoUXDXConf
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKUXDXConf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
THE BEST IPTV in GERMANY for 2024: IPTVreel
THE BEST IPTV in  GERMANY for 2024: IPTVreelTHE BEST IPTV in  GERMANY for 2024: IPTVreel
THE BEST IPTV in GERMANY for 2024: IPTVreelreely ones
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfFIDO Alliance
 

Recently uploaded (20)

AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
Intro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджераIntro in Product Management - Коротко про професію продакт менеджера
Intro in Product Management - Коротко про професію продакт менеджера
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
TEST BANK For, Information Technology Project Management 9th Edition Kathy Sc...
 
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová10 Differences between Sales Cloud and CPQ, Blanka Doktorová
10 Differences between Sales Cloud and CPQ, Blanka Doktorová
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
The UX of Automation by AJ King, Senior UX Researcher, Ocado
The UX of Automation by AJ King, Senior UX Researcher, OcadoThe UX of Automation by AJ King, Senior UX Researcher, Ocado
The UX of Automation by AJ King, Senior UX Researcher, Ocado
 
Connecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAKConnecting the Dots in Product Design at KAYAK
Connecting the Dots in Product Design at KAYAK
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024   Teams Premium - Pretty SecureECS 2024   Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
The Metaverse: Are We There Yet?
The  Metaverse:    Are   We  There  Yet?The  Metaverse:    Are   We  There  Yet?
The Metaverse: Are We There Yet?
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
THE BEST IPTV in GERMANY for 2024: IPTVreel
THE BEST IPTV in  GERMANY for 2024: IPTVreelTHE BEST IPTV in  GERMANY for 2024: IPTVreel
THE BEST IPTV in GERMANY for 2024: IPTVreel
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 

Ignite 2019

  • 1. Marcelo Branquinho CEO & Founder TI Safe, Brazil Safety First: Protecting the Power Distribution with Zero Trust for ICS
  • 2. About Marcelo Branquinho • CEO & Founder of TI Safe • Background in electrical engineering and ICS Cybersecurity • Senior Member of ISA • Soccer fanatic, as all Brazilians ☺ Palo Alto Networks Proprietary and Confidential
  • 3. Agenda Digital transformation and its risks for Power Systems Network Segmentation and the Zero Trust Model What TI Safe and PAN did to help Q&A
  • 4. Digital transformation and its risks for Power Systems
  • 5. Generation Transmission Distribution Consumption Electric Power Systems https://electrical-engineering-portal.com/electric-power-systems
  • 6. Digital Transformation of Electric Power Systems Asset Lifecycle Management Grid Optimization Integrated Customer Services General services, beyond electricity Sources: Accenture research for the Digital Transformation of Industries project & Global Digital Transformation Benefits Report 2019, Schneider Electric Building blocks of digitization Service platforms Smart devices The ‘cloud’ Advanced analytics
  • 7. IoE – IIoT in Energy Networks (Internet of Energy) • Internet of Energy (IoE) refers to the modernization and automation of electricity infrastructures for energy producers. • This allows energy production to progress more efficiently and cleanly with the least amount of waste. • An example of IoE technology includes the use of intelligent sensors, common among other IoT technology applications, which enable IoE facilitated mechanics such as power monitoring, distributed storage and renewable energy integration.
  • 8. Smart digital substations • The Digitization of substations has an architecture based on the IEC 61850 standard. • The digitization converts data from primary equipment into the substation - such as current transformers, voltage transformers, circuit breakers, switches and power transformers for digital protections by sample values and GOOSE messages. • All signals are transmitted through fiber optics, eliminating completely the use of metal cables and reducing the risk of fatal accidents caused by electric shocks and open circuits in current transformers, which can reduce infrastructure costs and maintenance at the substation.
  • 9. Attacks on IEDs via GOOSE protocol Protocol •The IEC 61850 protocol provides a model and rules for organizing data in a consistent manner across all types of IEDs. •The GOOSE (GenericObject Oriented Substation Events) is part of the IEC-61850 protocol and encapsulates logic and analogue data such as the status of disconnectors, shutter control, interlocks, general alarms and the temperature of power transformers that are transmitted in Ethernet packets. Threat •Thus, malware can be created to capture, alter and re-inject GOOSE messages into the network and, exploiting security holes in the GOOSE message protocol, attack the power grid causing service interruption. •The attack uses an Exploit GOOSE via spoofing where an attacker publishes false Layer 2 packets and devices that receive these packets mistakenly believe that they are receiving valid packets sent by a secure and trusted entity. Vulnerability •This attack is possible due to lack of encryption and authentication in GOOSE messages because of latency problems in IED devices (the IEC-61850 protocol specifies a maximum delay of 4ms for GOOSE messages) Transmission Time Attack Event
  • 10. Cyber attacks may paralyze digital power structures
  • 11. Electricity is the core of the critical infrastructure Palo Alto Networks Proprietary and Confidential 11
  • 12. Interconnected systems – Chain Disconnections • Integrated power generation & distribution • Critical paths on a few substations • Vulnerabilities exploitaition can easily lead to blackouts Palo Alto Networks Proprietary and Confidential 12
  • 13. A falta de segurança no setor elétrico pode se transformar em um desastre! How digital energy networks will respond to the next global attack? Are there ICS cybersecurity experts in the national energy companies? Are the digital networks in the energy sector protected?
  • 14. Network Segmentation and the Zero Trust Model
  • 15. Why security solutions fail? One popular solution used in ICS Cybersecurity is to install a firewall between business and control networks. Known as “Bastion Model” since it is based on a single point of security. Example: Chinese Wall
  • 16. Pathways inside the control network • Protecting only the perimeter of the OT network is not enough. • There are lots of pathways inside the OT network that bypass perimeter security. • It’s necessary to protect the factory floor with modern and in-depth defense technologies where problems in one area are not allowed to migrate to another area. • The Solution is the use of security zones, as defined in ISA-IEC 62443 standard.
  • 17. ISA/IEC 62443 – The Zones and Conduits Model HMI Zone Parent Zone Conduit Security technologies and policies must be added to enforce communications security between different zones Security ZoneSecurity Zone
  • 18. Network Segmentation with NGFW and Services • Maximize visibility over OT traffic • Reduce the attack surface – Granular inter-zone policy (L7) – Secure mobile/internet access as allowed • Stop known exploits, malware, C2 traffic • Quickly discover and stop 0-day threatsNGFW as a Security “Conduit” (ISA 62443) Zone 1 Zone 2 Zone 3
  • 19. Business Case Scenario Palo Alto Networks Proprietary and Confidential 19 Cyberprotect a countrywide automation network of a electric power distribution company Establish zones and conduits Create a security layer over 3rd party links Ensure remote access security
  • 20. 1st Generation Standard Cabling 2nd Generation Peer-to-peer connections Since 1985 3rd Generation Digital Substations HMI Substation Controller Serial Connection Bay Bay Parallel wiring Fault recorder Protection RTU Mimic board Ancient past Parallel wiring 1st generation: Standard cabling RTU Registrador Proteção Control center Local HMI Substation Controller Firewall IEC 61850 GOOSE IEC 61850 MMS Engineering PC Firewall Virtual Private Network (VPN) Trusted Zone 18/5000 Untrusted Zone The customer is digitizing its infrastructure Recorder Protection Parallel Cabling Parallel Cabling
  • 21. And Segmenting ICS and SCADA is a challenge • Production system runtime • Legacy systems • Cost to implement • Flat networks IntelligentDevice Level 1 Process Level 0 Actuator PLC,RTU,IE D ManufacturingOperations Level 3 Historian Process sys DMZ Level 3.5 Patch Srv Jmp Srv Controls Systems Level 2 HMI Eng. Sta
  • 22. Implementing firewalls in power grids is a critical task • Power grids cannot stop. SCADA servers cannot be restarted. • Communication between control centers and substations will necessarily pass through perimeter firewalls. Any interruption in this communication will cause the control center to operate blindly, even for a short time. This unattended operation time can cause several problems, including power failures (blackouts) • Industrial power protocols should be addressed in the Firewall (DNP-3, IEC 104, and others). Errors in treatment can block critical operations and cause major problems. 22 | © 2018 Palo Alto Networks, Inc. All Rights Reserved.
  • 23. Zero Trust – Firewall is the new core of the OT Network • Zero Trust, based in the principle of “never trust, always verify,” • As a company focused on ICS Cybersecurity, TI Safe developed a methodology to implement zero trust on critical infrastructures. • The main challenge is to implement the firewall as network core, replacing switches’ routing functionalities on an operational network. Users Control Application control TI Safe ICS-SOC Malware containment Third party network isolation Network visibility
  • 24. Zero Trust Design Concepts Define business outcomes Design from the inside out Determine who/what needs access Inspect and log all traffic 24 | © 2019, Palo Alto Networks. All Rights Reserved.
  • 25. 5 Steps to implement a Zero Trust Network 1. Define protection surface 2. Map the transaction flows 3. Architect a Zero Trust network 4. Create Zero Trust Policy 25 | © 2019, Palo Alto Networks. All Rights Reserved. 5. Monitor and maintain the network
  • 26. 1. Define protection surface Understand external requirements – Contractual obligations – Laws & regulations (e.g NERC-CIP) Palo Alto Networks Proprietary and Confidential 26 Translate external requirements into cybersecurity requirements
  • 27. 2. Map the transaction flows (zones and conduits) Prior to the project implementation, zones were physically mapped to the firewalls and then logically interconnected on a security rules plan. Sample relationships between zones SCADA OPC SCADA OPC
  • 28. 3. Architect a Zero Trust Network Unknown TCP and UDP protocols, non-standard communication ports, multiple links (i.e. fiber, telecom operator, satellite, etc.) to connect one or more sites, are a few elements that increase the project complexity. Example of physical planning of a firewall IP info IP info IP info IP info IP info IP info IP info Zone description Zone description Zone description Zone description Zone description Zone description SCADAOPC
  • 29. OCC Control Operator Zone Historic Engineering Zone DMZ between IT and OT zones Antivirus Patch Web Processes Level 0 Level 1 Level 2 Level 3 Level 3,5 Level 4 SCADA Servers Zone PLCs Zone Corporate Zone (IT) Historic Replica PLCs Zone Engineering StationsIHM Remote Access 3. Architect a Zero Trust Network Sample Architecture - Operational Control Center CybersecurityManagement Network TI Safe´s ICS-SOC Cortex Wildfire Development Stations
  • 30. 3. Architect a Zero Trust Network Sample Architecture – Small Hydroelectric Plant SCADA Level 2 SHP Control Nível 3 Dispatch Control SDSC Level 1 Local control room UAC IED CybersecurityManagement Network TI Safe´s ICS-SOC Engineering Cortex Wildfire
  • 31. Generation Units (Turbines) PLC Engineering Supervisory Historian OT Firewall Zero trust Control Network TI Safe´s ICS-SOC 3. Architect a Zero Trust Network Sample Architecture - Power Generating Units
  • 32. 4. Create Zero Trust Policy ➔ App-ID Palo Alto Networks Proprietary and Confidential 32 Allow all Assess IT and OT protocols (investigate Unknown TCP!) Validate collected protocols Create apps and services (if needed) Lockdown policies
  • 33. 4. Create Zero Trust Policy ➔ User-ID Palo Alto Networks Proprietary and Confidential 33 Understand user identification requirements Configure user database (ex. MS Active Directory) Create user groups based on field roles: operation, engineering, maintenance Configure internal and external VPNs (remote users must use jump servers) Lockdown policies
  • 34. 4. Create Zero Trust Policy ➔ Content-ID Palo Alto Networks Proprietary and Confidential 34 Do not allow direct access to the internet Block all medium to critical threats by default due to legacy systems Implement antimalware to create secure fileshares Restrict access to operational files Lockdown policies
  • 35. 5. Monitor and maintain the zero trust network Only implementing NGFW in the Zero Trust architecture on a power grid does not solve all the problems. It´s necessary to monitor and manage equipments 24x7x365 to respond to cyber attacks without causing a production outage. We did it through our ICS-SOC TI Safe's ICS-SOC integrates cybersecurity functions with industrial processes monitoring to prevent and respond to cyber attacks against critical infrastructures. Palo Alto Networks Proprietary and Confidential 35
  • 36. 5. Monitor and maintain the zero trust network Log sources for ICS-SOC Palo Alto Networks Proprietary and Confidential 36 Active Directory Firewall Industrial Firewalls Network Services such as DNS, DHCP, etc SCADA Industrial IDS Network events from Switches and Firewalls (Physical and virtuals) Netflow and JFlow Layer 7 Packet Analisys Proxy Servers Operating Systems Events (Linux / UNIX / Windows) Physical Security Systems
  • 37. 5. Monitor and maintain the zero trust network Energy SIEM – Event Management for the Electrical Sector • Security intelligence platform with unified architecture to collect, store, analyze and structure data of events (logs), network flows, threats, vulnerabilities and risks of electrical energy environments: generation, transmission and distribution. • Event correlation activities are performed on a single screen, with the possibility of clear incident identification, flow telemetry, risk modeling, and impact analysis. • Modular and scalable structure that allows you to manage the security of environments of all types and sizes. • Platform established in partnership with leading technology of big data and analytics. • Integrated cyber security dashboards and operating information, including information on Modbus, ICCP, DNP-3, IEC 60870-5-104, Siemens S7 protocols, among others specific to power.
  • 38. What TI Safe and Palo Alto Networks did to help?
  • 39. A new joint product Energy clients PAN NGFW TI Safe ICS-SOC TI Safe ICS Cybersecurity for Energy
  • 40.
  • 41. TI Safe Cybersecurity for Energy • Generating Units • Power Substations • Operational Control Centers TI Safe´s ICS-SOC
  • 42. TI Safe Cybersecurity for Energy Cybersecurity policies Edge Security with Next Generation Firewall Secure Remote Access Secure cloud communication for industry 4.0 Zones and Conduits Segmentation with zero trust Vulnerability Monitoring Malware protection and control Continuous monitoring by TI Safe´s ICS-SOC 4-eyed Auditing and Management
  • 43. TI Safe Cybersecurity for Energy – Strategic planning and logistics • Industrial execution systems • Batch control • Continuous control • Discrete control Level 4 Level 3 Level 2, 1 Level 0 PA-3220 PA-820 PA-220 PA-220R Cortex Wildfire TI Safe´s ICS-SOC
  • 44. TI Safe’s ICS-SOC current coverage Energy distribution companies that supply 40 million Brazilians are already protected by TI Safe´s ICS-SOC.
  • 45. 45Palo Alto Networks Proprietary and Confidential Questions? Marcelo Branquinho marcelo@tisafe.com +5521994002290 www.tisafe.com