verticale

Cyber Security: un approccio evolutivo alla protezione di reti industriali complesse

(in lingua inglese)

- The Security and Information Systems Division
- IT and OT – before / now and forever more
- Why mix of IT/OT will work –Supervast opportunities
- Securing critical infrastructures in the Convergence Era
- The role of Cyber-Physical Systems
- Requirements for coordinating safety and security
- Cyberattacking electrical infrastructure
- Drivers of safety / security
- Benchmark of safety / security standards
- Enabling a secure digital infrastructure

Scarica il PDF Scarica il PDF
Aggiungi ai preferiti Aggiungi ai preferiti


Atti di convegni o presentazioni contenenti case history
mcT Cyber Security novembre 2017 Cyber Security per i sistemi ICS - Industrial Control System

Pubblicato
da Benedetta Rampini
mcT Cyber Security 2017Segui aziendaSegui




Settori: 

Parole chiave: 


Estratto del testo
Milano, 30 novembre 2017 Gli atti dei convegni e pi di 8.000 contenuti su www.verticale.net Cyber Security Alimentare Petrolchimico Petr The future of Industrial Cyber Security

Claudio Iacovelli
Security & Information Systems Division
Sales Technical Support
Milan, Nov 30th, 2017 2 The Security and Information Systems Division Contributing to the security of economic, political and social systems by exploiting synergies between IT/OT, secure communication networks, physical and logical security 3 Important changes are taking place in various sectors
4 2016 Leonardo - Societ per azioni The future Physical and Digital worlds overlapping at an unprecedented rate Biotechnologies, blockchain,
nanotechnologies, robotics, 3d
printing, cyber-physical systems,
massive usage of augmented reality
and artificial intelligence. Societies will be a networked cyber-
physical ecosystem
of services, systems,
people, information Low investments, limited risks, disruptive effects.
Whatever the objective, the cyber option will be
more and more appealing for hostile entities. 5 2016 Leonardo - Societ per azioni IT and OT ' before 6 2016 Leonardo - Societ per azioni IT and OT ' now and forever more 7 2016 Leonardo - Societ per azioni Why mix of IT/OT will work ' Supervast opportunities ' Highly granular
' Real-time analytics and visibility
' Billions of data points to extract value from ' Lower management costs
' Faster response and remediation
' Better workforce management
' Reduced utility operation costs
' Accelerated business performance ' planning, forecasting, optimisation ' Direct access to data for realtime decision making 8 2016 Leonardo - Societ per azioni Securing critical infrastructures in the Convergence Era
Critical infrastructure must be secure
and able to withstand and rapidly
recover from all hazards and risks Cyber attacks have increased in
recent years, and their dangers can
really damage both the automation
systems and the systems for
controlling and monitoring
power
plants and industrial installations Proactive and well coordinated
efforts are necessary to strengthen
and keep secure, functioning, and
resilient critical infrastructure ' including assets, networks, systems
' that are vital to public confidence
and to the success of the national
security program 9 2016 Leonardo - Societ per azioni Resilience: a resource against existential threat Critical infrastructures are a key
target, and in case of a conflict,
opponents and enemies focus on
these systems and systems Due to digitization, automation and
control systems may be damaged
by a failure or computer attack European Commission considers
resilience as a strategic priority,
and promotes new initiatives to
further improve EU cyber resilience
and response, with a focus on
energy and transport sectors 10 2016 Leonardo - Societ per azioni The role of Cyber-Physical Systems
Critical infrastructure systems cannot just be
thrown together without proper and effective
precautions
Like the IT network technology that preceded
it, the control system technology can be
vulnerable to cyber-attacks These networks control heavy machinery and
equipment in the physical world There can be immediate real world
consequences
when critical infrastructure is
taken offline, or its network has been
damaged and control systems are
compromised Cyber-Physical Systems are next generation of engineered systems in which physical systems and cyber systems not only are converged, but also computing, communication, and control technologies are tightly integrated 11 2016 Leonardo - Societ per azioni Requirements for coordinating safety and security
Need for new paradigms for specifying and modeling
cyber physical systems based on system-of-systems
engineering
Need for new approaches in risk assessment and
management of complex systems, in order to
explore many system risk scenarios
Need for new methods for reliability analysis of
cyber physical systems
Need for understanding of ICS security trends
relative to cyber threats, vulnerabilities, attacks and
patterns, agents, risks, and the impacts of all these on
the industrial environment and entities that depend on
it
Need for interpreting and understanding activities on
the control network through continuous monitoring Some safety-critical domains such as civil aviation, automotive, space, energy, automation and industrial control, railway, have particular requirements There are various drivers for integrating security (cyber) and safety systems engineering disciplines Dependability Timeliness Reliability Availability Integrity Maintainability 12 2016 Leonardo - Societ per azioni Cyberattacking electrical infrastructure
Electrical infrastructure and control systems may
be affected by various forms of cyber-attacks,
such as:
' hacking ' malware ' social engineering ' overloading processes ' hardware vulnerabilities ' software weaknesses ' zero-day exploits ' physical attacks ' electromagnetic attacks The number and type of cyber systems and electronics / digital equipment used by the industry is vast, making it difficult to develop metrics that are meaningful to individual entities across the industry The magnitude or number of constantly changing security threats and vulnerabilities is not known with any degree of certainty 13 2016 Leonardo - Societ per azioni New way of thinking security
Electrical infrastructures require a truly
holistic approach, because are relying
on cyber-physical systems, and the
threat assessment must take into
account all components Attacks able to mix the cyber and
physical realms: 1. Physical-cyber attack refers to an
attack originating in the physical
domain with the impact felt in the
cyber domain 2. Cyber-physical attack refers to
the exact opposite; such attacks
involve actions that originate in
cyberspace but impact the physical
characteristics of a system by
impairing the ability of cyber-
physical systems to monitor and
control physical processes 14 2016 Leonardo - Societ per azioni Industry 4.0 Ecosystem
Cyber-Factory Security: - Threat prevention, detection, investigation, response, IP protection Safety: -Availability, reliability, integrity, resilience, recovery Productivity: -Process improvement, flexibility, customization, supply chain Efficiency: -Computing optimization, power efficiency, environmental impact Acceptability: -HMI, change management, occupational risks, drudgery, privacy Adoption: regulation, certification, qualification, responsibility 15 2016 Leonardo - Societ per azioni Safety-Security convergence
Fail-Secure Design of fail-safe & fail-secure functions Joint safety-security response team Joint risk- assessment and threat analysis Development of system self-healing mechanisms 16 Drivers of safety / security Specific industry standards Regulation SIL parameter Focus on hazards analysis and mitigation Focus on the likelihood of component faults under normal operating conditions Primary goal: functional analysis Compliance with regulatory Sectoral guidelines Selection and implementation of security
controls (applying a risk-based approach)
Focus on software and network communications integrity Focus on threat modeling and assessment of component resiliency to network-based attacks and exploitable software / hardware conditions Focused on security levels, zones, conduits Security metrics (maturity model for operational cyber security) Primary goal: reduce the risks in / through cyberspace SAFETY SECURITY 17 Benchmark of safety / security standards ISO/IEC Guide 51 Safety aspects (Hazard analysis) IEC 61508 Functional Safety IEC 61511 Functional Safety IEC 61513 Instrumentation and control for systems important to safety IEC 62061 Safety of machinery / SIL ISO 13849 Performance of safety systems IEC 60601 Protection of medical electrical equipment ISO 26262 Automotive Safety EN 50126/7/8 Protection of machinery control systems DO-254 Airborne safety critical systems (HW/SW) ARP4754 Safety validation ARP4761 Safety assessment ACSEC Information security and data privacy (security aspects) ISO/IEC 27000 (Threat and risk analysis) ISO/IEC 21827 Systems Security Engineering - Capability Maturity Model IEC 62443 Industrial communication networks/systems / SL IEC 62351 Data and communications security IEC 62859 Instrumentation and control systems ISO/IEC 15408 Common Criteria ISO/IEC 18045 IT Security techniques (CC) DO 326A Cybersecurity applied to aircraft safety DO 355 Security verification and validation SAFETY SECURITY 18 Differences of safety Vs security Focusing on Inside Focusing on Physical asset For managing faults and random failure Trusted users Stable risks Correctness Quantitative Metrics EAL / SIL Focusing on Outside Focusing on IT/OT Systems and Data For managing systematic failure via deterministic approach Malicious users Variable dynamic risks Effectiveness Non-quantitative Metrics SL Security Levels SAFETY'S PERSPECTIVE SECURITY'S PERSPECTIVE 19 2016 Leonardo - Societ per azioni 1. Do you have the appropriate policies in place' 2. Is cyber security really a point of concern for your industrial control systems' 3. Is cyber security about ensuring safe, reliable and expected system behavior' 4. Do you know your IT/OT security gaps' 5. How can you be sure of integration of cloud computing and on- premise systems' 6. Can you afford to fall behind' 7. Are your companies prepared to handle a coordinated cyber attack' 8. Are operational systems maintained in a secure state' 9. Have you undertaken a program of assurance able to collect evidence to demonstrate the cybersecurity of your systems' Key questions on cyber security 20 Possible security gaps around the cyber technologies Network visibility Asset management Vulnerability management Incident handling Configuration management of security controls Threat intelligence sharing 21 New tasks and capabilities to be performed Test the communication robustness OT risk management Combine IT and OT security monitoring Integrate and apply OT threat intelligence Test&assess the security of OT / control systems Use data and decision analysis 22 2016 Leonardo - Societ per azioni How to securing complex integrated systems'
Leonardo is committed to designing and creating
autonomous systems for dual markets (civilian
and military), unmanned ground, air and surface
vehicles and different applications for machine
learning, artificial intelligence, integrated cyber
security
Leonardo has developed and deployed a cyber
security model, which includes comprehensive
threat analysis, risk assessment and security
requirement identification
Moreover, its engineering functions have
improved some methodologies for assessing
software vulnerabilities and weaknesses, and
designed a controls automation platform Cyber security is integrated into every aspect of Leonardo product lifecycle 23 An integrated approach to cyber security Optional phases applicable when: ' customer infrastructure is managed by Leonardo ' services are supplied by Leonardo Platform/Process context
Analysis Applicable standard/best
practices, IEC analysis
(safety and security) Perimeter Analysis
definition Cyber Security
requirement definition Threat Modeling & Cyber
Security requirement
integration Cyber Security & Cyber
Resilience design Security Assessment Risk Assessment Secure by Design: Requirement, Design,Implementation,Verification Cyber Security & Cyber Resilience strategy Strategy Cyber Threat Analysis, Secure Design development Design Cyber Security Implementation or remediation Development Industrial SOC
Managed Decision Support
System Intelligence Operation Center Cyber Security Monitoring Operation Cyber Security Quality Management Continual Service Improvement Continuous Risk
Assessment Continuous Vulnerability
Assessment Cyber Security
solution
implementation Leonardo Secure
System
Development Firmware Security SSDLC Secure by Configuration: Installation with minimal attack surface Secure by Operation: Secure Operation and Maintenance 24 Key points Develop and adopt a sustainable innovation strategy and process Plan, implement and verify the emerging-technologies road map Need to verify the quality and actuality of cyber solutions adopted Need to verify the cyber technologies implementation and integration methodologies 25 2016 Leonardo - Societ per azioni 1. Security by design 2. Long-term resistance 3. Labelling 4. Safe/Secure Coherent Architecture 5. Autonomy/AI & Decision Support 6. Infrastructural resilience as a response to existential risk Enabling a secure digital infrastructure 26 2016 Leonardo - Societ per azioni Takeaways The era of a tactical or partial approach
to security has come and gone
Significant technological changes and
interdependencies require the review of
cybersecurity and the alignment between
safety and security
Cyber security can't be periodic, but rather
it needs to be continuous
Cyber security can't be confined to the IT
department
Cyber security can't be achieved just be
being compliant with particular guidelines Cyber security can't be addressed only with technologies Operational/cyber risks need more than the "traditional" risk management approach THANK YOU FOR YOUR ATTENTION claudio.iacovelli@leonardocompany.com


© Eiom - All rights Reserved     P.IVA 00850640186