verticale

Resilienza delle filiere delle infrastrutture critiche: la partnership Ansaldo Energia-Leonardo

(in lingua Inglese)

- AE Business and Digital strategic evolution
1- Smart product and service
2- Lighthouse Plant Scope
3- Service Monitoring & Cyber Security through same secure channel

- Leonardo Cybersecurity & Digital Factory Solutions
1- Details on Cyber Security & Intelligence
2- The role of Leonardo
3- Secure Connected Factor
4- Concept Architecture based on container
5 - Cyber Monitoring

Scarica il PDF Scarica il PDF
Aggiungi ai preferiti Aggiungi ai preferiti


Atti di convegni o presentazioni contenenti case history
mcT Cyber Security novembre 2018 Cyber Security per l'industria nel mondo Cloud e I-IoT

Pubblicato
da Benedetta Rampini
mcT Cyber Security 2018Segui aziendaSegui




Settori: 

Parole chiave: 


Estratto del testo
Milano, 29 novembre 2018 Gli atti dei convegni e più di 10.000 contenuti su www.verticale.net Cyber Security Alimentare Petrolchimico Petr Resilienza delle filiere delle infrastrutture critiche: la partnership Ansaldo Energia-Leonardo Luca MANUELLI - Chief Digital Officer AE Giorgio MOSCA - Director of Security Strategy and Technology LDO Milan 29/11/2018 AGENDA SCENARIO 2 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent a. AE Business and Digital strategic evolution b. Leonardo Cybersecurity & Digital Factory Solutions BUSINESS STRATEGIC EVOLUTION ANSALDO ENERGIA ' AEN 4.0 3 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent Technology independence Ansaldo Thomassen Ansaldo Energia Switzerland Siemens license Gas Turbines ABB license Steam Turbines & Generators GE license Steam Turbines & Generators 1853 1949 1989 1991 2005 2016 GT26 and GT36 OEM GTs, STs and
Generators Third Party GTs
F Class Third Party GTs
E Class Ansaldo Energia PSM Ansaldo Foundation 2014 Incorporation of Joint Ventures with Shanghai Electric Company 2 PROPRIETARY  TECHNOLOGIES SUPPORTED BY GENOA  MANUFACTURING SITES + MANAGEMENT CAPABILITIES  OF ALL «STATE OF ART»  GT TECHNOLOGIES = 3^ PLAYER IN  POWER GENERATION AEDT ROADMAP - Global R&D 
Network
- Genoa Factories
- Repair Network 
and Service Hubs
ANSALDO ENERGIA Digital Transformation Roadmap ANSALDO ENERGIA DIGITAL TRANSFORMATION SMART   PRODUCT & SERVICE SMART   EPC SMART   FACTORY LIGHTHOUSE   PLANT BYTES 2 ENERGY QUALITY 4.0 CYBER SECURITY SMART ORGANIZATION SMART SAFETY DIGITAL MARKETING   & SALES 4 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent SMART PRODUCT & SERVICE ANSALDO ENERGIA DIGITAL TRANSFORMATION SMART   PRODUCT & SERVICE SMART   EPC SMART   FACTORY LIGHTHOUSE   PLANT BYTES 2 ENERGY QUALITY 4.0 CYBER SECURITY SMART ORGANIZATION SMART SAFETY DIGITAL MARKETING   & SALES 5 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent Technical Data Management 4 Quality Data
Management and
Additive Manufacturing
5 Cyber
Security
8 Smart
Training
7 Equipment Performance
Management
3 Physical Operations Management 2 Production
Operations
Management 1 Smart
Safety
6 APPLICATION AREAS ANSALDO ENERGIA Lighthouse Plant Scope AEDT- Smart Factory Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent 6 ANSALDO ENERGIA Lighthouse Plant ANSALDO ENERGIA - Lighthouse Plant Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent 7 Technical Data Management 4 Quality Data
Management and
Additive Manufacturing
5 Cyber
Security
8 Smart
Training
7 Equipment Performance
Management
3 Physical Operations Management 2 Production
Operations
Management 1 Smart
Safety
6 APPLICATION AREAS PARTNERS Research Center Vendors GOVERNANCE MODEL DEFINITION OF DIGITAL RISKS and the related technological implementation INTEGRATION MODEL FOR NEW TECHNOLOGIES ON INDUSTRIAL NETWORKS RISK MITIGATION FOR VALUE CHAIN OF OUR SUPPLIERS (minimal security baseline for suppliers and secure remote access rules) TECHNOLOGICAL ENFORCEMENT FOR INDUSTRIAL SYSTEMS AND NETWORKS OF FACTORY RI 8.1 CYBER SECURITY ENFORCEMENT SECURITY EVENTS MANAGEMENT data collection from security sensors and from interconnected systems with Factory, data correlation and interpretation MONITORING AND DETECTION OF BEHAVIOURAL IT/OT ANOMALIES e.g. IT: anomalies related to not authorized
connections
e.g. OT: unattended industrial commands sent
from systems not registered in learning phase
of related functions RI 8.2 MONITORING AND REPORTING OF SECURED PRODUCTION LIFECYLE 8. Cyber Security ANSALDO ENERGIA - Lighthouse Plant Development and validation of a Cyber Security model and technological solution to support the risk mitigation related to the Smart Factory digitalization and network interconnection and the resiliency of the Manufacturing Assets Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent 8 MES/MOM ERP PLM APS IT PLATFORMS ANALYTICS PLATFORM QUALITY ANALYTICS PLATFORM TRACKING PLATFORM 1089643 IOT CLOUD SIMULATION AUGMENTED REALITY ADDITIVE MANUFACTURING VIRTUAL REALITY HORIZONTAL VERTICAL INTEGRATION 4.0 TECHNOLOGIES BIG DATA IT Applicative/Functional Architecture:
- Centralized Platform for data collection, analysis and correlation of
information collected by smart factory devices and equipment enriched
by OSINT Database and Cloud Cyber Security Intelligence Tools Enabling I4.0 Technologies:
- Interconnection with IoT World in order to collect data through network
probes and Cyber Security agents
distributed iti on entire perimeter of
Factory
- Cloud focalized to process and store data
- Big Data to support a continuous service for monitor and management
of detected anomalies 8. Cyber Security CLOUD BIG DATA IOT ANSALDO ENERGIA - Lighthouse Plant ANALYTICS PLATFORM Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent 9 SMART PRODUCT & SERVICE ANSALDO ENERGIA DIGITAL TRANSFORMATION SMART   PRODUCT & SERVICE SMART   EPC SMART   FACTORY LIGHTHOUSE   PLANT BYTES 2 ENERGY QUALITY 4.0 CYBER SECURITY SMART ORGANIZATION SMART SAFETY DIGITAL MARKETING   & SALES 10 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent SMART PRODUCT & SERVICE Apps Roadmap ANSALDO ENERGIA DIGITAL TRANSFORMATION 11 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent Preventive  Maintenance [Time based] Customized Maintenance Data Analysis &  Diagnostic Yesterday Today Tomorrow Maintenance Road Map FIXED MAINTENANCE INTERVALS Smart Alerts Remote  Monitoring Flexible & Technology - Value creation - Flexible & Technology - Value creation  Swift & Competitive  - Efficiency - PLM-> Field Service MRO/SBOM As Maintained Predictive  Diagnostic Corrective Maintenance [Troubleshooting] Digital Spare Parts Catalogue Configuration Management SBOM/As Maintained Predictive  Maintenance Condition Based  Maintenance [Adaptive] Improved Maintenance MRO Plus/ Smart  Maintenance SLM Additive  manufacturing Smart Tracking Neural Networks Machine Learning  Internet of Things Cyber security Plant Digital Twin Advanced Sensors 3D Robotics Augmented Reality Smart Safety On site Repair HGP Refurbish. Inspection Fact Finding Maintenance  operations Design &  historical data Service Monitoring & Cyber Security through same secure channel SMART PRODUCT & SERVICE 12 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent DMZ AEN Services Monitor IPS/Service DCS Produce Production Environment Operator Systems Cyber Security ' A secure channel will ensure AE Services and Grid Operator channel. ' Cyber Security is provided remotely using the same secure VPN channel opened for RM&D Service services. ' Additional secure remote support ensures management of local systems (e.g probes, systems provided in revamping phase) Simulation Labs SCADA Control CUSTOMER AEN 4.0 DMZ Grid Operator  Channel ANSALDO ENERGIA DIGITAL TRANSFORMATION AE APPROACH FOR CYBER SECURITY ' PARTNERSHIP 13 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent Technology Operators Constraints
for Cyber Security Cyber Security Vendors Cyber Security 
Technologies Cyber Security IT/OT Integrator:  Strong competence on Cyber  Security on traditional IT and OT  (Operation Technology)   Power Plant Cybersecurity Solution & Services ' Asset monitoring
' Remote diagnostic
' Predictive maintenance Services
' Digital Field Services Digital Power Plant Solution & Services Power generation  key role CUSTOMERS' DIGITAL  TRANSFORMATION Business partner  on Power generation: Ù Strong competence of energy environment Integrated Digital Secure Plant Solution & Services ENERGY MARKET AGENDA SCENARIO 14 Ansaldo Energia s.p.a. reserves all rights on this document that can not be reproduced in any part without its written consent a. AE Business and Digital strategic evolution b. Leonardo Cybersecurity & Digital Factory Solutions © Leonardo - Società per azioni 15 Company General Use Leonardo in Cyber Security Portfolio, Assets, Competencies and Cyber Community CONSULTANTS SECURITY  GOVERNANCE CSIRT CYBER SECURITY IoC ANALYSTS  THREAT  INTELLIGENCE SCADA PROTECTION  LABORATORY SCADA CYBER  PROTECTION THREAT INTELLIGENCE  NEXT GENERATION  SOC TECHNOLOGIES (HW/SW)  People COMMUNITY Ethical Hackers Web Security Experts Security Specialists Security Consultants Security Architects © Leonardo - Società per azioni 16 Company General Use Capabilities ' 24/7/365 operated and
monitored by our own team ' Service provided to more than
150 countries ' ISO 27001 & ISO 22301
certified ' +5000 customers, +15,000 sec
event per second, +350000
device monitored Specialised Teams ' Highly qualified team of cyber
experts with extensive knowledge
and experience ' 500+ Leonardo cyber
professionals across EMEA
countries ' Aimed at executive and technical
profiles
Experience w/ Complex Scenarios ' Leonardo support hundreds of clients
worldwide with Cyber operational
services with relevant experience on
CNI, Defence & Gov Sectors ' Leonardo is currently the provider in the
Gov't and defense MSS in Italy
' Largest WW contract for NATO
Computer Incident Response
Capabilities
' Ability to support clients to develop new
solutions
' +2,500 penetration test, +1,000 security
risk assessments in over 15 years, +20
severe incident managed per week Details on Cyber Security & Intelligence CYBER SECURITY THREAT  INTELLIGENCE © Leonardo - Società per azioni 17 Company General Use The approach to security and resilience
Design, Build, Manage, Remediate
SDDC is designed to ensure flexibility, scalability and a high level of automation,
also for the security components
. Equipped with innovative technologies which
natively integrate processing, storage, and virtualization and able to deliver IaaS
and PaaS solutions, with a significant reduction in time-to-deploy for new
services
while ensuring the opportunity for customization Software Defined Data Center (SDDC) Security Operation Center (Next Gen SOC), to add and integrate the
usual SOC services
(vulnerabilities assessment, proactive managed
security, incident handling) with next generation cyber intelligence
and AI services
based on real-time analysis of open sources, dark and
deep web in order to anticipate cyber threats' and vulnerabilities'
identification Next Generation Security Operation Center Integrated cutting-edge IT infrastructures to ensure a high level of flexibility and automation reducing time and costs for the
activation of new services and ensuring the security of systems, networks and applications
Computer Security Incident Response Team (CSIRT) Security Operation  Center (SOC) Hybrid Cloud / Software Defined Data Center (SDDC) Network Operation Center (NOC) MANAGE & OPERATE REMEDIATE Strutture  O perative DESIGN ANTICIPATE Intelligence Operation Center (IoC)  IMPLEMENT DESIGN ©  2017 Leonardo MW Ltd ' All rights reserved © Leonardo - Società per azioni 18 Company General Use Secure multi-layered digital resilience for industrial applications Secure Communications OT Sensor Access Control Firewall/IPS/IDS End-to-End Encryption Secure IoT Gateway Connections Risk Assesment Policies and auditing Threat Modeling Secure Coding & Release Update & Patches Vendor Control Artificial Intelligence SOC Activity Monitoring User Awareness Assessment Secure Decommissioning Secure Lifecycle Management (design, configuration, operation) Real Time Monitoring &
Device Mgmt
Cyber Monitoring & Predictive Analitycs Secure Cloud / DC Platform and Application
Integration Verification
Unified Threat Management
Secure Connected Factory Cloud/DC Applications Privacy Data at Rest Mobile Worker OT, IT, IoT Security Monitoring Intelligence Services DSS Industrial SOC & CERT Secure Gateway Phisycal
Security
Data at Rest
Chip Security
Devices User Secure Booting Device Authentication Device Identity Anti Tampering © Leonardo - Società per azioni 19 Company General Use The role of Leonardo Right choice, correct integration 
System Integrator ' quality Ensuring and measuring customer protection
Service provider ' reliability Monitoring new threats and technologies 
Partner ' innovation Resilienza delle filiere delle infrastrutture critiche: la partnership Ansaldo Energia-Leonardo Luca MANUELLI - Chief Digital Officer AE Giorgio MOSCA - Director of Security Strategy and Technology LDO Milan 29/11/2018 Q&A Secure Connected Factory - enabling Digital Resilience Services Real Time Monitoring
& Device Management
Mobile Worker Cyber Monitoring &
Predictive Analytics
Secure IoT Gateway Secure Connected Factory Manufacturing Energy Secure IoT Gateway
Configuration
Naval Radar Aircraft Oil & Gas SECURE CONNECTED FACTORY PLC/SCADA Cloud Connection Management Edge Analytics Secure IoT Gateway PLC/SCADA Cloud Connection Management Edge Analytic Secure IoT Gateway 1 Device Provisioning Rules & Alerts Remote control GEO Dashboard Telemetry Monitoring Real Time Monitoring & Device Management Device Provisioning Rules & Alerts Remote control GEO Dashboard Telemetry Monitorin Real Time Monitoring & Device Management 2 Cyber Detection & Analysis EMODS Predictive Mantenaince Cyber Monitoring & EMODS Cyber Detection & Analysis EMODS Predictive Mantenaince Cyber Monitorin & EMODS 3 Maintenance (AR) Actions Blockchain Certification Mobile Worker Maintenance (AR) Actions Blockchain Certificatio Mobile W 4 © Leonardo - Società per azioni 22 Company General Use Threat Modeling ' Critical Infrastructures: Energy domain Concentratore CR © Leonardo - Società per azioni 23 Company General Use Concept Architecture based on containers Operational model, OS and infrastructure indipendent
Dev Ops to reduce time to market
Secure Platform and Secure Application Life Cycle Benefits © Leonardo - Società per azioni 24 Company General Use Device Management Secure Connected Factory Secure Operation Add, update and remove a device just with few click also by using PKI
for authentication and authorization Digital Twin Create and set custom properties, rules and
commands in order to enable remote control of
plants Advanced type of alerting with push
notification, sms and phone call Collaboration © Leonardo - Società per azioni 25 Company General Use Real Time Monitoring Secure Connected Factory Plant Monitoring Visualize interactive plant map with live
data Dashboard View machine status details and real time
telemetry © Leonardo - Società per azioni 26 Company General Use Cyber Monitoring Secure Connected Factory Network Discovery Discover OT & IT network assets and
communications Cyber Detection Build machine learning based reference
behavior and identify anomalies and incidents Energy Resilience Correlate security incident to energy resilience
performance indicators © Leonardo - Società per azioni 27 Company General Use Predictive Maintenance Secure Connected Factory Rule engines for the generation of alarms and/or actions applied to pre- or post- algorithm calculations. Algorithmic techniques for the determination of anomalies based on historical temporal data Algorithms for data clustering and classification Stream - Rule Engine Anomaly Clustering Modeling Residual Useful Life determination: Algorithms for predictive analysis based on ARIMA, ANN, logistic regression and deep learning. RUL - Forecast


© Eiom - All rights Reserved     P.IVA 00850640186