SlideShare una empresa de Scribd logo

Unidirectional Network Architectures

EnergySec
EnergySec

This document discusses how unidirectional security gateways can maximize security and minimize compliance costs for industrial control systems. It argues that firewalls are porous and all firewalls forward attacks, while unidirectional gateways break the bidirectional channel required for most attacks. The document provides several examples of how unidirectional gateways can be applied in industrial environments and claims they provide stronger security than firewalls while also helping to reduce costs associated with NERC CIP compliance standards.

Tecnología
1 de 23
Descargar para leer sin conexión
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 2015 Maximize Security to Minimize Compliance Costs Michael H Firstenberg, GICSP, GCIH, CISSP Director of Industrial Security Waterfall Security Solutions
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 2 Firewalls Are Routers With Filters ● 99% of the Internet is hosts, routers and communications links: ● Hosts are sources and destinations of messages ● Routers forward messages through communications links ● Firewalls are routers with filters – the filter looks at each message and decides whether to forward it, or drop it ● No filter is or can ever be perfect All firewalls forward attacks from external networks to protected” networks Hosts Routers
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 3 Firewall have been with us for 30 years now. The good guys and the bad guys both know how to defeat them. All Firewalls Are Porous Photo: Red Tiger Security Attack Difficulty: Impossible Routine Easy Attack Type UGW Fwall 1) Phishing / drive-by-download – victim pulls your attack through firewall 2) Social engineering – steal a password / keystroke logger / shoulder surf 3) Compromise domain controller – create ICS host or firewall account 4) Attack exposed servers – SQL injection / DOS / buffer-overflow 5) Attack exposed clients – compromised web svrs/ file svrs / buf-overflows 6) Session hijacking – MIM / steal HTTP cookies / command injection 7) Piggy-back on VPN – split tunneling / malware propagation 8) Firewall vulnerabilities – bugs / zero-days / default passwd/ design vulns 9) Errors and omissions – bad fwall rules/configs / IT reaches through fwalls 10) Forge an IP address – firewall rules are IP-based
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 4 PLCs RTUs Historian Server Workstations Replica Server Waterfall TX agent Waterfall RX agent Corporate NetworkIndustrial Network Unidirectional Historian replication Waterfall TX Module Waterfall RX Module Historian Replication With Unidirectional Gateways ● Hardware-enforced unidirectional server replication ● Replica server contains all data and functionality of original ● Corporate workstations communicate only with replica server ● Industrial network and critical assets are physically inaccessible from corporate network & 100% secure from any online attack
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 5 Historian Replication With Unidirectional Gateways
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 6 Waterfall’s Family of Unidirectional Products Product Icon Description Unidirectional Security Gateway Combination of hardware and software that replicates servers out of a control system only – physically impossible to send anything back into the protected network Waterfall FLIP A reversible Unidirectional Security Gateway. Replicates servers in one direction, or the other, but never both at the same time. Inbound/Outbound Gateways One Unidirectional Security Gateway replicating servers in one direction. A second gateway independently replicates a different set of servers in the other direction. Application Data Control Software add-on providing fine-grain, policy-based inspection and control over industrial data flows, even for encrypted, compressed, proprietary and undocumented industrial protocols. Secure Bypass For emergency access to networks during declared CIP emergencies.
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 7 Typical Unidirectional Use Cases ● Safety systems – replicate Modbus servers and Syslog & SNMP clients ● Protection systems – replicate DNP3 & event log servers ● IT/OT integration – replicate historian & OPC servers and many others ● Optional: FLIP to replicate security updates back in as well ● Generation dispatch – base load replicates ICCP server out ● Peaking plant independently replicates ICCP server in as well ● Turbine vendor – replicate historian & other servers out to turbine vendor. ● Remote Screen View for adjustments At least one layer of unidirectional products breaks chain of attack from Internet through to ICS & protective relays
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 8 NERC-CIP V5 ● CIP V5 encourages the use of Unidirectional Security Gateways ● External Routable Connectivity: The ability to access a BES Cyber System that is accessible from a Cyber Asset that is outside of its associated Electronic Security Perimeter via a bi-directional routable protocol connection. ● 38 of 129 medium-impact requirements apply only if the affected cyber asset has external routable connectivity “When you are considering security for your control networks, you need to keep in mind innovative security technologies such as unidirectional gateways” Tim Roxey, NERC CSSO
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 9 CIP Standard Total Requirements ERC-Exempt Med Impact Requirements ERC-Exempt High Impact Requirements 002 BES Cyber System Categorization 7 - - 003 Security Management Controls 4 - - 004 Personnel and Training 19 15 - 005 Electronic Security Perimeters 8 7 5 006 Physical Security of BES Cyber Systems 14 11 - 007 Systems Security Management 20 5 - 008 Incident Reporting & Resp. Planning 9 - - 009 Recovery Plans 10 - - 010 Change Mgmt & Vuln Assessments 10 - - 011 Information Protection 4 - - 014 Physical Security 24 - - Totals: 129 38 5 NERC CIP V5 Details Proposed NERC CIP V6 preserves all of the above, and the new Low Impact External Routable Connectivity (LERC) definition also includes the word “bi-directional”
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 10 Regional Auditors Weigh In ● Q: Is External Routable Connectivity (ERC) possible through Unidirectional Security Gateways? ● No. ● No, though auditors would typically seek evidence that validates a unidirectional claim. ● A Unidirectional Gateway configured to allow outbound traffic from the ESP but not allow inbound traffic to enter the ESP would effectively eliminate External Routable Connectivity. ● Q: Is Remote Screen View (RSV) Interactive Remote Access (IRC)? ● No. ● [With RSV] … the user-initiated process to push screen snapshots through the ESP is originating from within the ESP. By definition, that does not constitute Interactive Remote Access.
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 11 CIP V5 Segmentation Entities may choose to segment generating units at a 1500 MW generation resource and their associated BES Cyber Systems such that each segmented unit, or group of units, and their associated BES Cyber Systems do not meet the 1500 MW criteria described in CIP‐002‐5.1, Attachment 1, Criterion 2.1. Segmenting generating units and their associated BES Cyber Systems can reduce risks to the reliable operation of the BES. ● Eliminate / duplicate shared systems, eg: coal feeds, air compressors ● Provide evidence of analysis, that no systems remain able to impact 1500MW or more within 15 minutes ● Demonstrate access restrictions on network interfaces “(eg: firewall rules)” But: firewalls provide only minimal protection to segmented networks. How does this reduce risks to reliable operation of the BES?
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 12 Secure Segmentation ● Take a tiny fraction of segmentation’s CIP compliance cost savings and apply them to securing segmented DCS networks unidirectionally ● Strong security: ● Breaks one large target into many smaller targets ● Each smaller target is safe from simultaneous / coordinated attack from the Internet or corporate network ● Dramatically reduce cost of risks Unidirectionally protecting segmented units is good business
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 13 Use Case: Protecting Protection Equipment ● Recloser discipline – need to protection equipment after faults ● Continuous commands to adjust other components ● FLIP separates control equipment from protection equipment ● Relays are continuously monitored & occasionally updated ● All software can be hacked. Relays are software. Protecting relays is essential to prevent damage to equipment How many FLIPs are normal, not suspicious? Relays RTUs FLIP Substation Electronic Security Perimeter Firewall WAN EMS
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 14 Use Case: Protecting Entire Substation ● Continuous monitoring of substation via DNP3 / IEC 60870-5-104 ● FLIP on demand when commands come through ● FLIP trigger raises alarm if too many FLIPs ● Trigger controller cannot be compromised by network attack How many FLIPs are normal, not suspicious? Relays RTUs Substation Electronic Security Perimeter FLIP WAN EMS
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 15 Use Case: Continuous Adjustment ● Continuous monitoring of substation via DNP3 / IEC 60870-5-104 ● Continuous command channel ● Separate channels, not command/response ● Unlike firewall, do not forward messages, resists fuzzing & buffer- overflow attacks How many FLIPs are normal, not suspicious? Relays RTUs Substation Electronic Security Perimeter WAN EMS
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 16 Use Case: In/Out Gateways for Balancing Authority ● BA sends ICCP setpoints to partner utilities every 2 seconds + polls utilities for ICCP data every 2 seconds ● Independent channels – not command/response channels ● Each channel replicates one or more ICCP servers ● Multiply redundant – automatic at site, manual fail-over between sites ● Minimal ICCP reconfiguration needed
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 17 Inbound + Outbound: Stronger than Firewalls ● Multiple computers/layers of protection must all be compromised, rather than just one layer in the firewall ● TX Agents are clients. They do not forward messages. They ask for data and forward the answers/data ● No protocol-level attacks pass through – no fuzzing/buffer overflows. All communications / TCP / ICCP sessions terminate in agent hosts ● Targeted / persistent attacks are “flying blind” – targeted attack requires insider assistance Inbound / outbound gateways do not forward packets or filter packets, they forward data
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 18 Attack Modelling ● Quantitative Risk (earthquakes, pandemic) = Likelihood * Cost ● Qualitative Risk (Cyber) = Threat * Vulnerability * Likelihood * Cost ● Qualitative scores mean nothing to senior decision-makers ● Attack modelling – describe attacks, not qualitative risks ● Attack training / expertise is essential to defense ● Design basis threat: what is the simplest attack able to breach our defences with a high degree of confidence No defense is perfect. Attack expertise is essential to evaluating a defensive posture
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 19 Current Defensive Posture: Design Basis Threat Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 20 Proposed Upgrade to Next-Gen Firewall – No Change Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 21 Proposed Upgrade to Unidirectional Security Gateway Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 22 Evolving Best Practices – Unidirectional Gateways NERC CIP V5 exempts unidirectionally- protected sites from over 30% of requirements DHS recommends unidirectional gateways in security assessments (ICS CERT) Unidirectional gateways – limit the propagation of malicious code (ISA SP- 99-3-3 / IEC 62443-3-3) ENISA - unidirectional gateways provide better protection than firewalls ANSSI Cybersecurity for ICS – many requirements for hardware-enforced unidirectionality NIST – gateways are used in guarantee- ing protection of critical systems (NIST 800-82)
Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 23 ● Medium Impact ERC exemptions dramatically reduce CIP V5 costs ● Generating plant segmentation and other uses of Unidirectional Security Gateways and related products dramatically improve security ● Attack modelling makes security benefits of Unidirectional Gateways clear to senior decision-makers ● Net present value modelling makes operating cost of firewalls clear, even excluding CIP program costs NERC CIP program costs are naturally reduced when strong, unidirectional security is deployed For articles & whitepapers to dig deeper on these topics: www.waterfall-security.com Strong Security Is Good Business

Recomendados

Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15
Jay Steidle
 
Q radar architecture deep dive
Q radar architecture deep diveQ radar architecture deep dive
Q radar architecture deep dive
Kamal Mouline
 
ESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfESM_101_6.9.0.pdf
ESM_101_6.9.0.pdf
Protect724v2
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
Cisco Canada
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
AlienVault
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
Mohamed Zohair
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
Prime Infoserv
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 

Recomendados

Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15Gartner_Critical Capabilities for SIEM 9.21.15
Gartner_Critical Capabilities for SIEM 9.21.15
Jay Steidle
 
Q radar architecture deep dive
Q radar architecture deep diveQ radar architecture deep dive
Q radar architecture deep dive
Kamal Mouline
 
ESM_101_6.9.0.pdf
ESM_101_6.9.0.pdfESM_101_6.9.0.pdf
ESM_101_6.9.0.pdf
Protect724v2
 
Data Center Security
Data Center SecurityData Center Security
Data Center Security
Cisco Canada
 
Beginner's Guide to SIEM
Beginner's Guide to SIEM Beginner's Guide to SIEM
Beginner's Guide to SIEM
AlienVault
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
Mohamed Zohair
 
IBM Qradar & resilient
IBM Qradar & resilientIBM Qradar & resilient
IBM Qradar & resilient
Prime Infoserv
 
SIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security ArsenalSIEM - Your Complete IT Security Arsenal
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 
QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdf
PencilData
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
Quadrisk
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
OWASP Delhi
 
Cloud-Native Security
Cloud-Native SecurityCloud-Native Security
Cloud-Native Security
VMware Tanzu
 
Cours sd
Cours sdCours sd
Cours sd
BENNADJIAbdelali
 
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptxSentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
ssuser951f851
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
Priyanka Aash
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
Sagar Joshi
 
SIEM and SOC
SIEM and SOCSIEM and SOC
SIEM and SOC
Abolfazl Naderi
 
Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practice
Kate Carruthers
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
M sharifi
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
Patten John
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Hunting
n|u - The Open Security Community
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
Owais Ahmad
 
Medical Device Threat Modeling with Templates
Medical Device Threat Modeling with TemplatesMedical Device Threat Modeling with Templates
Medical Device Threat Modeling with Templates
Priyanka Aash
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
Splunk
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
Ahmed Ayman
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
Exigent Technologies LLC
 
Soc
SocSoc
Soc
Mukesh Chaudhari
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
Narudom Roongsiriwong, CISSP
 
Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Oliver Pfaff
 

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

QRadar Architecture.pdf
QRadar Architecture.pdfQRadar Architecture.pdf
QRadar Architecture.pdf
 
Cloud Audit and Compliance
Cloud Audit and ComplianceCloud Audit and Compliance
Cloud Audit and Compliance
 
SIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur VatsSIEM - Activating Defense through Response by Ankur Vats
SIEM - Activating Defense through Response by Ankur Vats
 
Cloud-Native Security
Cloud-Native SecurityCloud-Native Security
Cloud-Native Security
 
Cours sd
Cours sdCours sd
Cours sd
 
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptxSentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
SentinelOne-Connector-For-Fortinet-Launch-Deck-Final (1).pptx
 
Threat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formalThreat Hunting - Moving from the ad hoc to the formal
Threat Hunting - Moving from the ad hoc to the formal
 
What is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the BasicsWhat is SIEM? A Brilliant Guide to the Basics
What is SIEM? A Brilliant Guide to the Basics
 
SIEM and SOC
SIEM and SOCSIEM and SOC
SIEM and SOC
 
Data governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practiceData governance – an essential foundation to good cyber security practice
Data governance – an essential foundation to good cyber security practice
 
QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk QRadar, ArcSight and Splunk
QRadar, ArcSight and Splunk
 
What is SIEM
What is SIEMWhat is SIEM
What is SIEM
 
SIEM and Threat Hunting
SIEM and Threat HuntingSIEM and Threat Hunting
SIEM and Threat Hunting
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
 
Medical Device Threat Modeling with Templates
Medical Device Threat Modeling with TemplatesMedical Device Threat Modeling with Templates
Medical Device Threat Modeling with Templates
 
Threat Hunting
Threat HuntingThreat Hunting
Threat Hunting
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)
 
How to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organizationHow to implement NIST cybersecurity standards in my organization
How to implement NIST cybersecurity standards in my organization
 
Soc
SocSoc
Soc
 
Secure Design: Threat Modeling
Secure Design: Threat ModelingSecure Design: Threat Modeling
Secure Design: Threat Modeling
 

Destacado

Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
EnergySec
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Oliver Pfaff
 
CIP Version 5 Immersion Workshop
CIP Version 5 Immersion WorkshopCIP Version 5 Immersion Workshop
CIP Version 5 Immersion Workshop
EnergySec
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
EnergySec
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
EnergySec
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
EnergySec
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
EnergySec
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
EnergySec
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
EnergySec
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
EnergySec
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
EnergySec
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
EnergySec
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
EnergySec
 

Destacado (17)

Where Are All The ICS Attacks?
Where Are All The ICS Attacks?Where Are All The ICS Attacks?
Where Are All The ICS Attacks?
 
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
Real-Time-Communications Security-How to Deploy Presence and Instant Messagin...
 
Unidirectional Data Flow Architecture (Redux) in Swift
Unidirectional Data Flow Architecture (Redux) in SwiftUnidirectional Data Flow Architecture (Redux) in Swift
Unidirectional Data Flow Architecture (Redux) in Swift
 
Unidirectional data flow
Unidirectional data flowUnidirectional data flow
Unidirectional data flow
 
CIP Version 5 Immersion Workshop
CIP Version 5 Immersion WorkshopCIP Version 5 Immersion Workshop
CIP Version 5 Immersion Workshop
 
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
Patrick Miller - Tackling Tomorrow's Biggest Cybersecurity Problems with Real...
 
Wireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of ReachWireless Sensor Networks: Nothing is Out of Reach
Wireless Sensor Networks: Nothing is Out of Reach
 
Slide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and MitigationsSlide Griffin - Practical Attacks and Mitigations
Slide Griffin - Practical Attacks and Mitigations
 
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
Steve Parker - The Internet of Everything: Cyber-defense in an Age of Ubiquit...
 
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
The Path to Confident Compliance and the Transition to NERC CIP Version 5 – A...
 
Explore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWsExplore the Implicit Requirements of the NERC CIP RSAWs
Explore the Implicit Requirements of the NERC CIP RSAWs
 
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber DefenseGary Leatherman - A Holistic Approach for Reimagining Cyber Defense
Gary Leatherman - A Holistic Approach for Reimagining Cyber Defense
 
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s RoleNERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
NERC CIP Version 5 and Beyond – Compliance and the Vendor’s Role
 
Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!Please, Come and Hack my SCADA System!
Please, Come and Hack my SCADA System!
 
Where Cyber Security Meets Operational Value
Where Cyber Security Meets Operational ValueWhere Cyber Security Meets Operational Value
Where Cyber Security Meets Operational Value
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change ManagementLessons Learned For NERC CIPv5 Compliance & Configuration Change Management
Lessons Learned For NERC CIPv5 Compliance & Configuration Change Management
 

Similar a Unidirectional Network Architectures

Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
RoutecoMarketing
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
 

Similar a Unidirectional Network Architectures (20)

Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
 
[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg[CLASS 2014] Palestra Técnica - Michael Firstenberg
[CLASS 2014] Palestra Técnica - Michael Firstenberg
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 
Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01Routeco cyber security and secure remote access 1 01
Routeco cyber security and secure remote access 1 01
 
Security Design Considerations Module 3 - Training Sample
Security Design Considerations Module 3 - Training SampleSecurity Design Considerations Module 3 - Training Sample
Security Design Considerations Module 3 - Training Sample
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Schneider Electric Security Notification Security Notification -Embedded Web ...
Schneider Electric Security Notification Security Notification -Embedded Web ...Schneider Electric Security Notification Security Notification -Embedded Web ...
Schneider Electric Security Notification Security Notification -Embedded Web ...
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...
 
University Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical DataUniversity Management System - UMS-X1 Technical Data
University Management System - UMS-X1 Technical Data
 
Operational Technology Security Solution for Utilities
Operational Technology Security Solution for UtilitiesOperational Technology Security Solution for Utilities
Operational Technology Security Solution for Utilities
 
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim[CLASS2014] Palestra Técnica - Franzvitor Fiorim
[CLASS2014] Palestra Técnica - Franzvitor Fiorim
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
 
Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.Secure Out Of Band Management - Comm Devices Inc.
Secure Out Of Band Management - Comm Devices Inc.
 
ICS case studies v2
ICS case studies v2ICS case studies v2
ICS case studies v2
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 

Más de EnergySec

Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
EnergySec
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
EnergySec
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
EnergySec
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
EnergySec
 
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
EnergySec
 
Red Teaming and Energy Grid Security
Red Teaming and Energy Grid SecurityRed Teaming and Energy Grid Security
Red Teaming and Energy Grid Security
EnergySec
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
EnergySec
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
EnergySec
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
EnergySec
 
Event Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEvent Correlation Applications for Utilities
Event Correlation Applications for Utilities
EnergySec
 

Más de EnergySec (16)

Jack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, AnecdotallyJack Whitsitt - Yours, Anecdotally
Jack Whitsitt - Yours, Anecdotally
 
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber SecurityDaniel Lance - What "You've Got Mail" Taught Me About Cyber Security
Daniel Lance - What "You've Got Mail" Taught Me About Cyber Security
 
Industrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With ScissorsIndustrial Technology Trajectory: Running With Scissors
Industrial Technology Trajectory: Running With Scissors
 
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
SAP’s Utilities Roadmap Overview, The Evolution of Regulatory Compliance and ...
 
Industry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working TogetherIndustry Reliability and Security Standards Working Together
Industry Reliability and Security Standards Working Together
 
What the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each OtherWhat the Department of Defense and Energy Sector Can Learn from Each Other
What the Department of Defense and Energy Sector Can Learn from Each Other
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
 
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
Beyond Public Private Partnerships: Collaboration, Coordination and Commitmen...
 
Sea Changes, Strategic Implications, Board Cyber Perspectives
Sea Changes, Strategic Implications, Board Cyber PerspectivesSea Changes, Strategic Implications, Board Cyber Perspectives
Sea Changes, Strategic Implications, Board Cyber Perspectives
 
Red Teaming and Energy Grid Security
Red Teaming and Energy Grid SecurityRed Teaming and Energy Grid Security
Red Teaming and Energy Grid Security
 
Open Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and EducationOpen Platform for ICS Cybersecurity Research and Education
Open Platform for ICS Cybersecurity Research and Education
 
CIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s PerspectiveCIP-014-1: Next Steps from an Auditor’s Perspective
CIP-014-1: Next Steps from an Auditor’s Perspective
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy Sector
 
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...What to Do When You Don’t Know What to Do: Control System Patching Problems a...
What to Do When You Don’t Know What to Do: Control System Patching Problems a...
 
Event Correlation Applications for Utilities
Event Correlation Applications for UtilitiesEvent Correlation Applications for Utilities
Event Correlation Applications for Utilities
 

Último

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Último (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Unidirectional Network Architectures

  • 1. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 2015 Maximize Security to Minimize Compliance Costs Michael H Firstenberg, GICSP, GCIH, CISSP Director of Industrial Security Waterfall Security Solutions
  • 2. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 2 Firewalls Are Routers With Filters ● 99% of the Internet is hosts, routers and communications links: ● Hosts are sources and destinations of messages ● Routers forward messages through communications links ● Firewalls are routers with filters – the filter looks at each message and decides whether to forward it, or drop it ● No filter is or can ever be perfect All firewalls forward attacks from external networks to protected” networks Hosts Routers
  • 3. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 3 Firewall have been with us for 30 years now. The good guys and the bad guys both know how to defeat them. All Firewalls Are Porous Photo: Red Tiger Security Attack Difficulty: Impossible Routine Easy Attack Type UGW Fwall 1) Phishing / drive-by-download – victim pulls your attack through firewall 2) Social engineering – steal a password / keystroke logger / shoulder surf 3) Compromise domain controller – create ICS host or firewall account 4) Attack exposed servers – SQL injection / DOS / buffer-overflow 5) Attack exposed clients – compromised web svrs/ file svrs / buf-overflows 6) Session hijacking – MIM / steal HTTP cookies / command injection 7) Piggy-back on VPN – split tunneling / malware propagation 8) Firewall vulnerabilities – bugs / zero-days / default passwd/ design vulns 9) Errors and omissions – bad fwall rules/configs / IT reaches through fwalls 10) Forge an IP address – firewall rules are IP-based
  • 4. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 4 PLCs RTUs Historian Server Workstations Replica Server Waterfall TX agent Waterfall RX agent Corporate NetworkIndustrial Network Unidirectional Historian replication Waterfall TX Module Waterfall RX Module Historian Replication With Unidirectional Gateways ● Hardware-enforced unidirectional server replication ● Replica server contains all data and functionality of original ● Corporate workstations communicate only with replica server ● Industrial network and critical assets are physically inaccessible from corporate network & 100% secure from any online attack
  • 5. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 5 Historian Replication With Unidirectional Gateways
  • 6. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 6 Waterfall’s Family of Unidirectional Products Product Icon Description Unidirectional Security Gateway Combination of hardware and software that replicates servers out of a control system only – physically impossible to send anything back into the protected network Waterfall FLIP A reversible Unidirectional Security Gateway. Replicates servers in one direction, or the other, but never both at the same time. Inbound/Outbound Gateways One Unidirectional Security Gateway replicating servers in one direction. A second gateway independently replicates a different set of servers in the other direction. Application Data Control Software add-on providing fine-grain, policy-based inspection and control over industrial data flows, even for encrypted, compressed, proprietary and undocumented industrial protocols. Secure Bypass For emergency access to networks during declared CIP emergencies.
  • 7. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 7 Typical Unidirectional Use Cases ● Safety systems – replicate Modbus servers and Syslog & SNMP clients ● Protection systems – replicate DNP3 & event log servers ● IT/OT integration – replicate historian & OPC servers and many others ● Optional: FLIP to replicate security updates back in as well ● Generation dispatch – base load replicates ICCP server out ● Peaking plant independently replicates ICCP server in as well ● Turbine vendor – replicate historian & other servers out to turbine vendor. ● Remote Screen View for adjustments At least one layer of unidirectional products breaks chain of attack from Internet through to ICS & protective relays
  • 8. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 8 NERC-CIP V5 ● CIP V5 encourages the use of Unidirectional Security Gateways ● External Routable Connectivity: The ability to access a BES Cyber System that is accessible from a Cyber Asset that is outside of its associated Electronic Security Perimeter via a bi-directional routable protocol connection. ● 38 of 129 medium-impact requirements apply only if the affected cyber asset has external routable connectivity “When you are considering security for your control networks, you need to keep in mind innovative security technologies such as unidirectional gateways” Tim Roxey, NERC CSSO
  • 9. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 9 CIP Standard Total Requirements ERC-Exempt Med Impact Requirements ERC-Exempt High Impact Requirements 002 BES Cyber System Categorization 7 - - 003 Security Management Controls 4 - - 004 Personnel and Training 19 15 - 005 Electronic Security Perimeters 8 7 5 006 Physical Security of BES Cyber Systems 14 11 - 007 Systems Security Management 20 5 - 008 Incident Reporting & Resp. Planning 9 - - 009 Recovery Plans 10 - - 010 Change Mgmt & Vuln Assessments 10 - - 011 Information Protection 4 - - 014 Physical Security 24 - - Totals: 129 38 5 NERC CIP V5 Details Proposed NERC CIP V6 preserves all of the above, and the new Low Impact External Routable Connectivity (LERC) definition also includes the word “bi-directional”
  • 10. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 10 Regional Auditors Weigh In ● Q: Is External Routable Connectivity (ERC) possible through Unidirectional Security Gateways? ● No. ● No, though auditors would typically seek evidence that validates a unidirectional claim. ● A Unidirectional Gateway configured to allow outbound traffic from the ESP but not allow inbound traffic to enter the ESP would effectively eliminate External Routable Connectivity. ● Q: Is Remote Screen View (RSV) Interactive Remote Access (IRC)? ● No. ● [With RSV] … the user-initiated process to push screen snapshots through the ESP is originating from within the ESP. By definition, that does not constitute Interactive Remote Access.
  • 11. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 11 CIP V5 Segmentation Entities may choose to segment generating units at a 1500 MW generation resource and their associated BES Cyber Systems such that each segmented unit, or group of units, and their associated BES Cyber Systems do not meet the 1500 MW criteria described in CIP‐002‐5.1, Attachment 1, Criterion 2.1. Segmenting generating units and their associated BES Cyber Systems can reduce risks to the reliable operation of the BES. ● Eliminate / duplicate shared systems, eg: coal feeds, air compressors ● Provide evidence of analysis, that no systems remain able to impact 1500MW or more within 15 minutes ● Demonstrate access restrictions on network interfaces “(eg: firewall rules)” But: firewalls provide only minimal protection to segmented networks. How does this reduce risks to reliable operation of the BES?
  • 12. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 12 Secure Segmentation ● Take a tiny fraction of segmentation’s CIP compliance cost savings and apply them to securing segmented DCS networks unidirectionally ● Strong security: ● Breaks one large target into many smaller targets ● Each smaller target is safe from simultaneous / coordinated attack from the Internet or corporate network ● Dramatically reduce cost of risks Unidirectionally protecting segmented units is good business
  • 13. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 13 Use Case: Protecting Protection Equipment ● Recloser discipline – need to protection equipment after faults ● Continuous commands to adjust other components ● FLIP separates control equipment from protection equipment ● Relays are continuously monitored & occasionally updated ● All software can be hacked. Relays are software. Protecting relays is essential to prevent damage to equipment How many FLIPs are normal, not suspicious? Relays RTUs FLIP Substation Electronic Security Perimeter Firewall WAN EMS
  • 14. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 14 Use Case: Protecting Entire Substation ● Continuous monitoring of substation via DNP3 / IEC 60870-5-104 ● FLIP on demand when commands come through ● FLIP trigger raises alarm if too many FLIPs ● Trigger controller cannot be compromised by network attack How many FLIPs are normal, not suspicious? Relays RTUs Substation Electronic Security Perimeter FLIP WAN EMS
  • 15. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 15 Use Case: Continuous Adjustment ● Continuous monitoring of substation via DNP3 / IEC 60870-5-104 ● Continuous command channel ● Separate channels, not command/response ● Unlike firewall, do not forward messages, resists fuzzing & buffer- overflow attacks How many FLIPs are normal, not suspicious? Relays RTUs Substation Electronic Security Perimeter WAN EMS
  • 16. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 16 Use Case: In/Out Gateways for Balancing Authority ● BA sends ICCP setpoints to partner utilities every 2 seconds + polls utilities for ICCP data every 2 seconds ● Independent channels – not command/response channels ● Each channel replicates one or more ICCP servers ● Multiply redundant – automatic at site, manual fail-over between sites ● Minimal ICCP reconfiguration needed
  • 17. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 17 Inbound + Outbound: Stronger than Firewalls ● Multiple computers/layers of protection must all be compromised, rather than just one layer in the firewall ● TX Agents are clients. They do not forward messages. They ask for data and forward the answers/data ● No protocol-level attacks pass through – no fuzzing/buffer overflows. All communications / TCP / ICCP sessions terminate in agent hosts ● Targeted / persistent attacks are “flying blind” – targeted attack requires insider assistance Inbound / outbound gateways do not forward packets or filter packets, they forward data
  • 18. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 18 Attack Modelling ● Quantitative Risk (earthquakes, pandemic) = Likelihood * Cost ● Qualitative Risk (Cyber) = Threat * Vulnerability * Likelihood * Cost ● Qualitative scores mean nothing to senior decision-makers ● Attack modelling – describe attacks, not qualitative risks ● Attack training / expertise is essential to defense ● Design basis threat: what is the simplest attack able to breach our defences with a high degree of confidence No defense is perfect. Attack expertise is essential to evaluating a defensive posture
  • 19. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 19 Current Defensive Posture: Design Basis Threat Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
  • 20. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 20 Proposed Upgrade to Next-Gen Firewall – No Change Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
  • 21. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 21 Proposed Upgrade to Unidirectional Security Gateway Disable safeties Disable safeties Local misoperation Disable safeties Disable safeties Compromised insider Rem targeted misoperation Remote misoperation Physical Vandalism Remote misoperation Remote misoperation Autonomous malware Rem targeted ransomware Remote shutdown Drop malware Erase hard drives Erase hard drives Sleeper malware Ransomware Vandalism – delete files Remote misoperation Remote shutdown Remote shutdown Remote misoperation Virus triggers shutdown Drop malware Remote shutdown Embarrass Business Sleeper malware Erase hard drives Organized Crime IT Insider ICS Insider Hacktivist Intelligence Agency Military
  • 22. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 22 Evolving Best Practices – Unidirectional Gateways NERC CIP V5 exempts unidirectionally- protected sites from over 30% of requirements DHS recommends unidirectional gateways in security assessments (ICS CERT) Unidirectional gateways – limit the propagation of malicious code (ISA SP- 99-3-3 / IEC 62443-3-3) ENISA - unidirectional gateways provide better protection than firewalls ANSSI Cybersecurity for ICS – many requirements for hardware-enforced unidirectionality NIST – gateways are used in guarantee- ing protection of critical systems (NIST 800-82)
  • 23. Proprietary Information -- Copyright © 2015 by Waterfall Security Solutions 23 ● Medium Impact ERC exemptions dramatically reduce CIP V5 costs ● Generating plant segmentation and other uses of Unidirectional Security Gateways and related products dramatically improve security ● Attack modelling makes security benefits of Unidirectional Gateways clear to senior decision-makers ● Net present value modelling makes operating cost of firewalls clear, even excluding CIP program costs NERC CIP program costs are naturally reduced when strong, unidirectional security is deployed For articles & whitepapers to dig deeper on these topics: www.waterfall-security.com Strong Security Is Good Business