This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have receive...
Upcoming SlideShare
Loading in …5
×

[White Paper] TI Safe SCADA Security Testbed v1 - English

1,221 views

Published on

This document aims to technically describe the TI Safe Scada Security Testbed (SST).

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

[White Paper] TI Safe SCADA Security Testbed v1 - English

  1. 1. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 1 TI SAFE SCADA SECURITY TESTBED (SST) VERSION 1.0 LABORATORY FOR SECURITY TESTS IN AUTOMATION NETWORKS AND SCADA SYSTEMS OF CRITICAL INFRASTRUTURES
  2. 2. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 2 Foreword This document aims to technically describe the TI Safe Scada Security Testbed (SST). Intellectual property All product names mentioned herein are trademarks of their respective manufacturers. This document and its information contained are confidential and proprietary of TI Safe Information Security. All property rights (including, without limitation, trademarks, trade secrets, etc..) evidenced by or contained in attachments or documents concerning this relate only to TI Safe. TI Safe provides restricted use of this material to employees, customers and business partners expressly authorized by the agreement to maintain the integrity and confidentiality. The use, distribution, or unauthorized reproduction will be considered a violation of property rights and apply civil or criminal action under the law. Warning This document is intended to be complete and clear. TI Safe is not responsible for any damages, financial losses or business resulting from imperfections or omissions contained herein. This document is subject to change without notice. It is recommended to contact the TI Safe for updates and/or additional information. Contacts TI Safe offers different channels of communication with their customers, suppliers and associates: Rio de Janeiro Centro Empresarial Cittá America - Barra da Tijuca - Av. das Américas, 700, bloco 01, sala 331 CEP - 22640-100 - Rio de Janeiro, RJ – Brasil Telefone: +55 (21) 2173-1159 / Fax: (21) 2173-1165 São Paulo Rua Dr. Guilherme Bannitz, nº 126 - 2º andar Cj 21, CV 9035 - Itaim Bibi CEP - 04532-060 - São Paulo, SP - Brasil Telefone: +55 (11) 3040-8656 / Fax: (11) 3040-8656
  3. 3. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 3 Certificate of changes in this document Versão Data Autor Descrição 1.01 11/07/2013 Marcelo Branquinho First draft generated. 1.02 17/08/2013 Marcelo Branquinho Translated to english language. 1.03 05/09/2013 Marcelo Branquinho Inserted SST photo and fixed mistakes.
  4. 4. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 4 IIIIIIIINNNNNNNNTTTTTTTTRRRRRRRROOOOOOOODDDDDDDDUUUUUUUUCCCCCCCCTTTTTTTTIIIIIIIIOOOOOOOONNNNNNNN Increasingly, the issue of protection of Critical Infrastructure has become a subject of great importance and has received increasing attention as to some countries and organizations have created entities with specific functions to handle the matter. Although the strategies adopted by countries are different, the end goal is always the same: Protect Critical Infrastructure and its key elements against threats and vulnerabilities related to emergencies situations, natural disasters and terrorists activities and/or espionage. This can be achieved by structuring policies and competent bodies, techniques and mechanisms involving, for example, methodologies of Critical Infrastructure Protection and systems, whose application allows identifying, analyze, evaluate and treat risks including the ability to manage the consequences of incidents in adverse situations. To address these new threats and vulnerabilities, and provide a testing framework, development of security systems and protection and monitoring, scenario building and simulation events, TI Safe Information Security has developed the SCADA Security Testbed, a complete laboratory for testing and simulations of scenarios for security and protection of automation networks of critical infrastructures. According to the Brazilian Official Gazette of February 11th of 2008, are considered Critical Infrastructure facilities, services and assets which, if disrupted or destroyed, would seriously impact on social, economic and/or political. The priority areas of the Critical Infrastructures, without prejudice to any other that may come to be defined, are expressed in items I through V of article. 3 of Ordinance Number 02 of the Brazilian Institutional Security Cabinet of the Presidency of the Republic, of February 8th of 2008. They are respectively the Ordinance as: Energy, Transportation, Water, Telecommunications and Finance. The increasing number of incidents caused by the lack of security in the real or virtual world has been a major concern of nations and companies that are subject to risks of increasing intensity.
  5. 5. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 5 These incidents can affect hundreds of thousands of people around the world, as they are directly related to essential services and survival of society. Cases recently show that cyber attacks are increasingly sophisticated and that they use powerful techniques and methods used and directed. News of successful attacks as attacks on Iranian nuclear plants (via the Stuxnet malware) and stoppage of more than 30,000 computers in company Saudi Aramco (through Shamoon malware) make a clear and urgent need for a strategy of security and protection of the Critical Infrastructure encompassing prevention, detection, response and crisis management. It is noticeable that attacks on Critical Infrastructure can be used as a form of intimidation or, if milder, simply aiming to destabilize a government or company to wear their image before with the public. This was clearly perceived through the actions of the hacktivists group Anonymous during the popular movements that took millions of Brazilians to the streets recently. Moreover, the spread of information networks, the integration between different infrastructure and growing interdependence among sectors results in consequences that can not be neglected. One is that the vulnerabilities in Critical Infrastructures tend to grow, which has become the problems increasingly complex. Another consequence is that a disruption can spread from one sector to another, causing a cascade of problems, making unavailable one or more services.
  6. 6. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 6 CCCCCCCCRRRRRRRRIIIIIIIITTTTTTTTIIIIIIIICCCCCCCCAAAAAAAALLLLLLLL IIIIIIIINNNNNNNNFFFFFFFFRRRRRRRRAAAAAAAASSSSSSSSTTTTTTTTRRRRRRRRUUUUUUUUCCCCCCCCTTTTTTTTUUUUUUUURRRRRRRREEEEEEEE SSSSSSSSEEEEEEEECCCCCCCCUUUUUUUURRRRRRRRIIIIIIIITTTTTTTTYYYYYYYY The main concept of security and protection of Critical Infrastructure is directly related to the ability to act with the prevention, detection and response to serious incidents involving the Critical Infrastructure. There are several investments in strategic plans to manage risks and take the necessary actions to resume normal after an emergency situation caused by natural disaster (such as earthquake, hurricane and flood) or intentional (terrorism, cyber-attacks, for example). However, due to the peculiarities of each industrial plant, these plans need to be tailored to the specific needs and requirements. The challenge is thus to formulate and execute a strategy for security and protection of Critical Infrastructure in tune with key security standards and using equipment and tested and certified practices. Thus, a strategy of security and protection of Critical Infrastructure should allow the creation of plans to act preventively and also to minimize the impact caused by incidents, including consequent disorders in the delay in the restoration of services. In this scenario, the creation of a security testing platform for automation plant of critical infrastructure to act jointly with sectorial areas and companies of various sectors is indispensable.
  7. 7. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 7 TTII SSAAFFEE SSCCAADDAA SSEECCUURRIITTYY TTEESSTTBBEEDD VV.. 11..00 A Testbed is a platform for running experiments (as testing of new components and security updates, for example) in a safe and controlled manner. This structure is composed of elements that emulate the behavior of real systems and equipment and represent a replica of the real world of industrial processes. Due to factors specific to SCADA environments such as the criticality of real-time systems and the need for uninterrupted availability, test structures represent ideal platforms for observing the behavior of systems and analysis of control systems components. Located in the TI Safe’s office in Rio de Janeiro, the SST is directed by the TI Safe’s department of security and protection of Critical Infrastructure and serves as support for the research and development of the company in this area. Picture 1 - SST mounted in the TI Safe lab in Rio de Janeiro, Brazil. The SST provides monitoring capability, scenario creation and simulation that provide enough inputs for the security and protection of automation networks and SCADA systems of critical infrastructure. It also provides technical management aspects involved with the prevention, monitoring and incident response, with the internalization of new knowledge and skills through the development of centers of excellence and knowledge transfer in the areas addressed. Simulation scenarios can be developed to support the planning of strategies for security and protection of critical infrastructure.
  8. 8. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 8 The TI Safe SST in its current configuration includes two structures of different tests, integrated in a simulated automation plant, as shown in the diagram below: Picture 2 - Network Architecture of the TI Safe SCADA Security Testbed version 1.0 The first plant is simulating an automation network of a natural gas industry. It consists of a simulator of a small typical control system that consists of a Wago PLC brand that controls a tank of chemicals and a computer with a supervisory system connected to the PLC (Modbus protocol). This plant is inserted into the testbed as a security zone protected by a Tofino Argon 220 security module . The SST also has a second automation plant consisting of Siemens equipment. Unlike the first plant mentioned in the previous paragraph, this plant is fully configurable and can be programmed to illustrate the reality of any automation network that is necessary to simulate. This plant consists of a Siemens S7-1200 PLC and various machines (real and virtual) configured to simulate critical servers like historical databases, engineering stations and supervision, continuous server monitoring, among others (Profinet protocol). This plant
  9. 9. This document and its attachments are confidential and exclusively directed to the recipients thereof. If you have received this document in error and is not the intended recipient, please notify us and do not use, report, print, copy or transfer this document by any means or motive. Unauthorized use is your responsibility and determined according to the law. 9 is also inserted into the testbed as a second security zone and is protected by a Siemens Scalance S 623 security module . The plant also allows to simulate scenarios of industrial wireless networks through an Access Point Siemens Scalance W and remote access via Softnet VPN. Those automation plants are integrated into a single network that controls a functional environment that simulates the reality of the physical process of an industry. Through the SST is possible to detect threats and vulnerabilities and also to quantify the losses in case of security incidents. The main scenarios of use of the SCADA Security Testbed are: System of scenarios creation and simulation of attacks on plants. Research and testing defenses against Malware and Cyber Weapons. Risk Analysis and Management. Preparation of strategies for prevention, detection and response to incidents. Testing new versions of software and operating system upgrades (patch). Development of strategy of continuous monitoring. Testing of security equipment for specific environments and industrial protocols. Compliance with regulations, standards and legal instruments. Demonstrations to customers. Presentation of lectures, events and technical training given by TI Safe.

×