Industrial Training on PLC SCADA HMI for fresher engineersSneha Yadav
S. R Thermonix offering Industrial Training opportunity in Delhi for B.Tech./B.E/Diploma/ fresher’s, who are looking for a start in Automation and Power plant Industry.
SR Thermonix is a leading company who provides training programs for industrial automation, process automation, PLC, SCADA, VFD, Control Panels, Feed Instruments, DCS and Embedded system trainings. Our experienced technical team provides practical guidance to our trainees. We help trainees to built their skills to become a skilled programmer.
PLC and SCADA plays a important role in industrial automation because it helps the industry to increase their productivity and quality.
We have an extensive range of PLC, HMI and SCADA training courses available, covering all levels of expertise from the complete novice to the advanced systems engineer.
You can choose any certification according to your choice... Some modules given below...
. Industrial Automation Training
PLC
SCADA
HMI
VFD
DCS
Panel Designing
Drives
Instrumentation
Auto-Cad
Educational Requirement :-
BE/B.Tech/Diploma ITI in Electrical Engineer/Electrical Technician/Electronics Design Engineer/Electronics Engineer/Instrumentation Engineer/Engineer
Duration :-
1 month, 2 months, 3 months, 4 months/weeks, 6 months/weeks
DMC, a Siemens Solution Partner with the most S7 Certified Engineers in the United States, recently shared some insights to people new to Siemens to help avoid common mistakes at the 2011 Siemens Automation Summit. Over the years we have encountered numerous applications written by novices and seen first-hand some of the more common errors made.
SCADA StrangeLove: Too Smart Grid in da Cloud [31c3]qqlan
For two years SCADA StrangeLove speaks about Industrial Control Systems and nuclear plants. This year we want to discuss Green Energy. Our hackers' vision of Green Energy, SmartGrids and Cloud IoT technology.
We will also speak about the security problems of traditional "heavy" industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence. Our latest research was devoted to the analysis of the architecture and implementation of the most wide spread platforms for wind and solar energy generation which produce many gigawatts of it. It may seem (not) surprising but the systems which manage huge turbine towers and household PhotoVoltaic plants are not only connected to the internet but also prone to many well known vulnerabilities and low-hanging 0-days. Even if these systems cannot be found via Shodan, fancy cloud technologies leave no chances for security. We will also speak about the security problems of traditional "heavy" industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common and why one should not develop brand new web server. Specially for the specialists on the other side of the fences, we will show by example of one industry the link between information security and industrial safety and will also demonstrate how a root access gained in a few minutes can bring to nought all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence.
──────────
➤Speaker: Sergey Gordeychik, Aleksandr Timorin
Industrial Training on PLC SCADA HMI for fresher engineersSneha Yadav
S. R Thermonix offering Industrial Training opportunity in Delhi for B.Tech./B.E/Diploma/ fresher’s, who are looking for a start in Automation and Power plant Industry.
SR Thermonix is a leading company who provides training programs for industrial automation, process automation, PLC, SCADA, VFD, Control Panels, Feed Instruments, DCS and Embedded system trainings. Our experienced technical team provides practical guidance to our trainees. We help trainees to built their skills to become a skilled programmer.
PLC and SCADA plays a important role in industrial automation because it helps the industry to increase their productivity and quality.
We have an extensive range of PLC, HMI and SCADA training courses available, covering all levels of expertise from the complete novice to the advanced systems engineer.
You can choose any certification according to your choice... Some modules given below...
. Industrial Automation Training
PLC
SCADA
HMI
VFD
DCS
Panel Designing
Drives
Instrumentation
Auto-Cad
Educational Requirement :-
BE/B.Tech/Diploma ITI in Electrical Engineer/Electrical Technician/Electronics Design Engineer/Electronics Engineer/Instrumentation Engineer/Engineer
Duration :-
1 month, 2 months, 3 months, 4 months/weeks, 6 months/weeks
DMC, a Siemens Solution Partner with the most S7 Certified Engineers in the United States, recently shared some insights to people new to Siemens to help avoid common mistakes at the 2011 Siemens Automation Summit. Over the years we have encountered numerous applications written by novices and seen first-hand some of the more common errors made.
SCADA StrangeLove: Too Smart Grid in da Cloud [31c3]qqlan
For two years SCADA StrangeLove speaks about Industrial Control Systems and nuclear plants. This year we want to discuss Green Energy. Our hackers' vision of Green Energy, SmartGrids and Cloud IoT technology.
We will also speak about the security problems of traditional "heavy" industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence. Our latest research was devoted to the analysis of the architecture and implementation of the most wide spread platforms for wind and solar energy generation which produce many gigawatts of it. It may seem (not) surprising but the systems which manage huge turbine towers and household PhotoVoltaic plants are not only connected to the internet but also prone to many well known vulnerabilities and low-hanging 0-days. Even if these systems cannot be found via Shodan, fancy cloud technologies leave no chances for security. We will also speak about the security problems of traditional "heavy" industrial solutions, about the things that Zurich Airport and Large Hadron Collider have in common and why one should not develop brand new web server. Specially for the specialists on the other side of the fences, we will show by example of one industry the link between information security and industrial safety and will also demonstrate how a root access gained in a few minutes can bring to nought all the years of efforts that were devoted to the improvement of fail-safety and reliability of the ICS system. On top of it you will learn about our new releases, some funny and not so funny stories about discovery and fixing of vulnerabilities and the latest news from the front struggling for the Purity of Essence.
──────────
➤Speaker: Sergey Gordeychik, Aleksandr Timorin
The main aim of this project is to avoid the accident and death in the gas leakage explosion in house, hotels and industries. Domestically we use natural gas and it is very useful for burning purpose. If this gas is leaked in our kitchens, hotels or factories and not sensed in time, it may lead to fatal disaster, and may cause human and material loss. For this purpose we have developed “GAS LEAKAGE DETECTION SYSTEM”.
Moxa products are specifically designed for substation transmission and distribution systems. Moxa’s solutions include the advanced technologies that are fueling the power revolution. For example, PRP/HSR for seamless redundancy, SNMP/MMS management for power SCADA integrated network monitoring, IEEE 1613 and IEC 61850 certifications for substation applications, and IEEE 1588 compliance for precision time synchronization are key features that upgrade large-scale electric power networks to the next level of reliability and efficiency. All of Moxa’s products are toughened to overcome harsh environments, ensuring consistent operations even in the most demanding conditions. Tap into Moxa’s expertise in communication and computing to easily build an efficient and effective power grid.
The MYC-CZU3EG CPU Module is a powerful MPSoC System-on-Module (SoM) based on Xilinx Zynq UltraScale+ ZU3EG which features a 1.2 GHz quad-core ARM Cortex-A53 64-bit application processor
Инструмент ChangelogBuilder для автоматической подготовки Release NotesPositive Hack Days
1. Основные понятия и определения: продукт, пакет, связи между ними.
2. Как узнать, какие изменения произошли в продукте?
3. Проблемы changelog и release note.
4. Решение: инструмент ChangelogBuilder для автоматической подготовки Release Notes
Как мы собираем проекты в выделенном окружении в Windows DockerPositive Hack Days
1. Обзор Windows Docker (кратко)
2. Как мы построили систему билда приложений в Docker (Visual Studio\Mongo\Posgresql\etc)
3. Примеры Dockerfile (выложенные на github)
4. Отличия процессов DockerWindows от DockerLinux (Долгий билд, баги, remote-регистр.)
Типовая сборка и деплой продуктов в Positive TechnologiesPositive Hack Days
1. Проблемы в построении CI процессов в компании
2. Структура типовой сборки
3. Пример реализации типовой сборки
4. Плюсы и минусы от использования типовой сборки
1. Что такое BI. Зачем он нужен.
2. Что такое Qlik View / Sense
3. Способ интеграции. Как это работает.
4. Метрики, KPI, планирование ресурсов команд, ретроспектива релиза продукта, тренды.
5. Подключение внешних источников данных (Excel, БД СКУД, переговорные комнаты).
Approof — статический анализатор кода для проверки веб-приложений на наличие уязвимых компонентов. В своей работе анализатор основывается на правилах, хранящих сигнатуры искомых компонентов. В докладе рассматривается базовая структура правила для Approof и процесс автоматизации его создания.
Задумывались ли вы когда-нибудь о том, как устроены современные механизмы защиты приложений? Какая теория стоит за реализацией WAF и SAST? Каковы пределы их возможностей? Насколько их можно подвинуть за счет более широкого взгляда на проблематику безопасности приложений?
На мастер-классе будут рассмотрены основные методы и алгоритмы двух основополагающих технологий защиты приложений — межсетевого экранирования уровня приложения и статического анализа кода. На примерах конкретных инструментов с открытым исходным кодом, разработанных специально для этого мастер-класса, будут рассмотрены проблемы, возникающие на пути у разработчиков средств защиты приложений, и возможные пути их решения, а также даны ответы на все упомянутые вопросы.
От экспериментального программирования к промышленному: путь длиной в 10 летPositive Hack Days
Разработка наукоемкого программного обеспечения отличается тем, что нет ни четкой постановки задачи, ни понимания, что получится в результате. Однако даже этом надо программировать то, что надо, и как надо. Докладчик расскажет о том, как ее команда успешно разработала и вывела в промышленную эксплуатацию несколько наукоемких продуктов, пройдя непростой путь от эксперимента, результатом которого был прототип, до промышленных версий, которые успешно продаются как на российском, так и на зарубежном рынках. Этот путь был насыщен сложностями и качественными управленческими решениями, которыми поделится докладчик
Уязвимое Android-приложение: N проверенных способов наступить на граблиPositive Hack Days
Немногие разработчики закладывают безопасность в архитектуру приложения на этапе проектирования. Часто для этого нет ни денег, ни времени. Еще меньше — понимания моделей нарушителя и моделей угроз. Защита приложения выходит на передний план, когда уязвимости начинают стоить денег. К этому времени приложение уже работает и внесение существенных изменений в код становится нелегкой задачей.
К счастью, разработчики тоже люди, и в коде разных приложений можно встретить однотипные недостатки. В докладе речь пойдет об опасных ошибках, которые чаще всего допускают разработчики Android-приложений. Затрагиваются особенности ОС Android, приводятся примеры реальных приложений и уязвимостей в них, описываются способы устранения.
Разработка любого софта так или иначе базируется на требованиях. Полный перечень составляют бизнес-цели приложения, различные ограничения и ожидания по качеству (их еще называют NFR). Требования к безопасности ПО относятся к последнему пункту. В ходе доклада будут рассматриваться появление этих требований, управление ими и выбор наиболее важных.
Отдельно будут освещены принципы построения архитектуры приложения, при наличии таких требований и без, и продемонстрировано, как современные (и хорошо известные) подходы к проектированию приложения помогают лучше строить архитектуру приложения для минимизации ландшафта угроз.
Доклад посвящен разработке корректного программного обеспечения с применением одного из видов статического анализа кода. Будут освещены вопросы применения подобных методов, их слабые стороны и ограничения, а также рассмотрены результаты, которые они могут дать. На конкретных примерах будет продемонстрировано, как выглядят разработка спецификаций для кода на языке Си и доказательство соответствия кода спецификациям.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. Group of security researchers focused on ICS/SCADA
to save Humanity from industrial disaster and to keep Purity Of
Essence
Sergey Gordeychik Gleb Gritsai Denis Baranov
Roman Ilin Ilya Karpov Sergey Bobrov
Artem Chaykin Yuriy Dyachenko Sergey Drozdov
Dmitry Efanov Yuri Goltsev Vladimir Kochetkov
Andrey Medov Sergey Scherbel Timur Yunusov
Alexander Zaitsev Dmitry Serebryannikov Dmitry Nagibin
Dmitry Sklyarov Alexander Timorin Vyacheslav Egoshin
Roman Ilin Alexander Tlyapov Evgeny Ermakov
Alexey Osipov Kirill Nesterov
6. .. communication network protocols used for process or industrial
automation, building automation, substation automation,
automatic meter reading and vehicle automation applications…
(c) wiki
http://en.wikipedia.org/wiki/List_of_automation_protocols
39. --snip--
Comment to PT-SOL-2014001:
The upload path has been changed. It is still possible to upload files, but they can't
overwrite system critical parts any more.
Comment to PT-SOL-2014002:
The system backup is created in a randomly chosen path an deleted afterwards.
Therefore an unauthorized access is made much more difficult and very unlikely.
Second comment to PT-SOL-2014002:
In order to compensate the weak encryption in the configuration file, the whole
configuration file is now encrypted via the new HTTP transmission.
--snip--
64. Trust in input data: this time it is Content-length
Mix up of size for memory allocation and size for copy
65. Controlling size of allocated memory
Size of overflowed buffer is limited – 0x19000 (with default
settings)
Single thread
Some no ASLR modules – enough to build ROP
Demo
72. 3e6cd1f7bdf743cac6dcba708c21994f - MD5 of ? (16 bytes)
d37fa1c3 - CONST (4 bytes)
0001 - user logout counter (2 bytes)
0001 - counter of issued cookies for this user (2 bytes)
00028ad7 - value that doesn’t matter (4 bytes)
0a00aac8 - user IP address (10.0.170.200) (4 bytes)
00000000000000008ad72143 - value that doesn’t matter (12 bytes)
So, what about 3e6cd1f7bdf743cac6dcba708c21994f ???
74. SECRET is generates after PLC start by PRNG.
PRNG is a little bit harder than standard C PRNG.
SEED in {0x0000 , 0xFFFF}
It’s too much for bruteforce (PLC so tender >_<)
75.
76. What about SEED ?
SEED very often depends on time value
SEED = PLC START TIME + 320
320 by practical way: secret generates after ~ 3-4 seconds of PLC
start using current time
How to obtain PLC START TIME ?
77. PLC START TIME = CURRENT TIME – UPTIME
Current time
Uptime
78. To generate cookie we should brute:
Logout number (2 bytes, max 65535)
Number of issued cookies (2 bytes, max 65535)
Seed value (2 bytes, but max 100)
Still too many values to bruteforce …
79. But if user (admin) not logged out properly then after 7 logins it is
not possible to login again
We should restart PLC or wait 30 minutes (cookie expire time)
80. We can minimize logout and issued cookies counters to 7.
To generate cookie we should brute:
Logout number (2 bytes, max 7)
Number of issued cookies (2 bytes, max 7)
Seed value (2 bytes, but max 100)
81.
82. Exploitation dependences:
>= 1 success logins to PLC after last restart
SNMP enabled and known read community string (but by
default its “public” )
BUT IT DOES NOT NEED LOGIN AND PASSWORD !!!
83. CVE Timeline:
End of July 2013 – vulnerability discovered
5 August 2013 – vendor notified
20 March 2014 – patch released, first public advisory
84. <13.01.2013
In S7 PLC private/public community string for SNMP protocol can't be changed …
>06.02.2013
… you cannot change the SNMP community string … This issue has no effect on security, as only non-
sensitive information can be changed via SNMP. … community strings changeable in TIA Portal v12.5.
>05.08.2013
… vulnerabilities related to S7 1500 and S7 1200 PLC in attached file … including hardcoded SNMP.
<22.10.2013
Hardcoded SNMP strings are in fact an issue …
We might eventually migrate to SNMPv3 …
85.
86.
87. PROFINET Discovery and basic Configuration Protocol (PN-DCP)
The Discovery and Basic Configuration Protocol DCP is a protocol definition
within the PROFINET context. It is a Data Link Layer based protocol to
configure station names and IP addresses. It is restricted to one subnet and
mainly used in small and medium applications without an installed DHCP
server.
System of A Down- Attack: http://bit.ly/LRDkhX
90. “An attacker could could cause to go to into defect mode
if specially crafted PROFINET packets are sent to the
device. A cold restart is required to recover the system”
What is “specially crafted profinet
packets” ???
Just “set” request: set network ip, mask and
gateway to all zeroes 0.0.0.0
95. An additional cyber security layer to
Experion's™ High Security Network
Architecture, the Experion™ Control
Firewall, further protects the controller
network against message flooding and
denial of service attacks.
Max Richter - Last Days: http://bit.ly/1jsCnvE
98. Hot keys
“Open”, “Save”, “Import”/”Export”
Help (MS HLP)
Go-go hcp::
URI
Windows
File:, Shell:, Telnet:, LDAP:
Applications
Quicktime:, Skype:, Play:
IE Image toolbar
iKAT
List of URI handlers
Filesystem functions
99.
100.
101.
102.
103. ― Sensors and actuators are gateways to industrial
networks
• http://files.pepperl-fuchs.com/selector_files/navi/productInfo/doct/tdoct1933b_eng.pdf
108. More than 40 various binar vulnerabilities
(from previous PHDays)
Half of them are easy exploitable stack based
buffer overflows
Guess what, also no modern security (ASLR, DEP,
…)
Vulnerabilities are typical for 90s
109. No input validation
read is interface for recv()
116. How to load 100% CPU of critical energetic’s SCADA system
and drop all connections?
May be common routine:
select() … recv() … do_something()
Common routine will do!
117. Use MSG_PEEK
Wait for no less than
16 bytes
Don’t accept anything
smaller
Because
the bigger - the better
After all threads gone
ignore everything else
118.
119. Regex
# grep recv <decompiled bin function>
ret = recv(s, buf, buf_len, flags)
# grep ‘buf|buf_len’ <decompiled bin function>
ret = recv(s, buf2, buf[42], flags)
This not supposed to work in real world!
126. Group of security researchers focused on ICS/SCADA
to save Humanity from industrial disaster and to keep Purity Of
Essence
Sergey Gordeychik Gleb Gritsai Denis Baranov
Roman Ilin Ilya Karpov Sergey Bobrov
Artem Chaykin Yuriy Dyachenko Sergey Drozdov
Dmitry Efanov Yuri Goltsev Vladimir Kochetkov
Andrey Medov Sergey Scherbel Timur Yunusov
Alexander Zaitsev Dmitry Serebryannikov Dmitry Nagibin
Dmitry Sklyarov Alexander Timorin Vyacheslav Egoshin
Roman Ilin Alexander Tlyapov Evgeny Ermakov
Alexey Osipov Kirill Nesterov
Operator or other low privileged access
Able to send messages only to HMI and not allowed to talk to PLC
CEИспользованиеRN
Аэропорты Zurich, Geneve
25 электростанций
RAG - подземное хранилище газа
Другие “WinCC Open Architecture – больше чем SCADA”
Пишем свой веб сервер
???
PROFIT
however the impact is only minor since no relevant data can be written or read.
Изображены ТЭЦ, но данное верно и для ГЭС, электросетей и даже отчасти для НПЗ
Телеметрия промышленных процессов
Объединенная корпоративная сеть
Домен corp.tecX.energycompany.ru
MES/ERP системы
Интеграторы
Поддержка, внедрение
Администраторы
Аутсорс
Интернет
Скорее всего выделенные сети
Большие сети
Корпоративные ресурсы
Порталы, почта, документооборот, удаленный доступ к приложениям, административный доступ, сервисные приложения, обратная связь …
Наружная защита, исключающая вероятность дистанционных атак и вывода SCADA системы из строя.
Внутренние защищённые соты, обеспечивающие нормальное и независимое функционирование каждого элемента АСУ при постоянной связи с остальными модулями системы SCADA.