SCADA Security Challenges and Solutions

SCADA and industrial networks operate as vital supporting infrastructure to critical applications and processes. Their secure, safe, continued availability is not negotiable. This short course identifies challenges and defines solutions, so that the operational integrity of these mission-critical networked services can be confidently assured.

Thus, the objective of this course is to familiarize SCADA personnel with the security issues they need to be aware of and provide detailed knowledge of security threats and recognized solutions. Further, it provides students with the tools to assess and mitigate security vulnerabilities -- and appreciate the ways in which IT-oriented security measures will help, and understand where unique-to-SCADA approaches are necessary.

Who Should Attend
The course is suitable for SCADA professionals (managers, planners, support personnel), instrumentation personnel, IT- professionals and SCADA vendors/designers.

Very little is assumed about existing security knowledge, but delegates should have a working understanding of SCADA and industrial networking technologies. For beginners, we recommend our SCADA and Industrial Networks; Fundamentals, Principles and Emerging Trends course prior to this course.

Features of Presentation
Each delegate receives a permanent, comprehensive workbook that is much more than a set of lecture notes.

These workbook manuals include:

  • A thorough, descriptive text format, designed to be a highly readable, valuable reference on the job.
  • A text-book style Subject Index and a comprehensive Table of Contents, consistent with enabling effective reference access to content details.
  • A thorough, highly readable subject-specific glossary that provides detailed descriptive treatment of key items of terminology.

This course is presented as a workshop program with a series of scada security analysis and design activities. Delegates will have opportunity to develop concepts and interact with others in creating strategies to support and maintain state-of-the-art industrial network security. If the hands-on activity is impractical due to lack of computers, students will be guided through an in-class demonstration of the workshop elements, and be left with software to complete the hands-on part of the course on their own time.

Program Outline: SCADA Security Challenges and Solutions

(i) Introduction
Security Challenges are Universal
Increased Vulnerability Due To Open Systems Trend
Increased Vulnerability From Motivated, Knowledgeable Attackers
Some Documented SCADA Security Failure Incidents

(ii) Open Systems Issues Push The Agenda
Protocols of the Internet Architecture
Ethernet and Other IT-derived Networks
Fieldbus Standards
IEC Standards
Ethernet/IP and CIP
Computer Operating Systems; Windows and Unix/Linux

(iii) Points of Vulnerability
The IT Infrastructure
Leased Infrastructure; Frame Relay and Other Services
The Sensor/Fieldbus Networks
Wireless LAN Systems
Rogue (Undocumented) Dial and Wireless Links
Infected/Compromised Portable Equipment
Network Management Systems

(iv) SCADA Network Protocols
Features Common to Most SCADA Networks
The MODBUS Protocol and Lack of Security
Demonstration: MODBUS Dialog
The DNP3 Protocol and Its Security Limitations
The Near-Universal Trend to Ethernet-Based Networks
Network Management Systems

(v) Encryption
Starting With a Secure Physical Environment
Traditional Purpose of Assuring Privacy is a Minor Issue
Traditional Symmetric Key Cryptography
Public Key Cryptography and RSA
Protecting Field Networks From Intrusion With Encryption

(vi) Firewalls and Perimeter Security
Firewall Design Objectives
Survey of Firewall Types
Network Address Translation
Creating and Populating a SCADA DMZ
Field-Level Firewalls in the SCADA Network

(vii) Access Control and Authorization: Managing Users
Limitations of User ID's and Passwords
Multi-Factor Authentication Methods
Microsoft's Active Directory Services
RADIUS, TACACS and Diameter Authentication Services

(viii) Intrusion Detection and Prevention
NIDS Principles and Features
Deployment Scenarios
Packet Signature and Traffic Pattern Analysis
Strategies For Dealing With The Volumes of Data

(ix) Wireless Security Issues
Wireless Technology Offers Compelling Advantages
Early Misadventures With Wireless Security
TKIP and the WPA/IEEE 802.11i Supplemental Standard
Private Point-to-Point Wireless Services
Cellular/Mobile Data Networks; Benefits and Risks

(x) Creating and Documenting A Security Solution
Essential Elements of a Secure Environment
Promoting User Awareness
Elements of an Effective Security Policy
Defining a Model for Internet Access
10 Essential Steps to Improving SCADA Security

Glossary of Terminology
Suggestions For Further Reading

General Index


