Day 1 Presentation 5-ABB Cyber Security in Mining - FINAL
Day 1 Presentation 5-ABB Cyber Security in Mining - FINAL
Day 1 Presentation 5-ABB Cyber Security in Mining - FINAL
Cyber security roadmap – reaching maturity with ABB Cyber Security Services
Attacks are real and have an actual safety, health, environmental, and financial impact
Attacks are real and have an actual safety, health, environmental, and financial impact
Myth #1 – We are not interesting enough to be a target Myth #2 – Security doesn’t pay off
“Small companies and industries outside of media attention are “Strong security is a waste of time and money”
not a relevant target”
False False
– If it’s worth having, it’s worth stealing – Compromised control systems are NOT reliable and
– Attackers’ business models are often built on economies of trustworthy and can prevent the customer from achieving its
scale mission.
– Critical infrastructure is often a network of smaller entities – Misoperations due to cyber events can become a safety issue.
– Business continuity insurance can become more expensive or
even unavailable.
Myth #3 – We are air-gapped so we’re immune Myth #4 – We’re not on the Internet so we’re immune
“Our system is air-gapped so attackers have no way in” “Our system does not have a direct connection to the Internet so
attackers have no way in”
False False
– Staff needs to get data into and out of the system – Majority of incidents are staged attacks
• Production schedules, engineering updates, … • (Spear)phishing to compromise legitimate user accounts
• Production reports, emission reports, … • Compromise of perimeter networks first, e.g. DMZ,
– Entirely isolated systems are extremely cumbersome and enterprise network
expensive to operate • Lateral movement to reach more interesting targets
• If no communication is built-in, convenient workarounds are
improvised, e.g. unapproved networks, temporary
connections, portable media
Risk impact Information disclosure, financial loss Safety, health, environmental, financial
Cyber security roadmap – reaching maturity with ABB Cyber Security Services
Process Cyber security is not destination but an evolving target – it is not a product but a process
Balance Cyber security is about finding the right balance – it impacts usability and increases cost
Project
Design
Product Engineering
FAT
Design
Commissioning
Implementation
SAT
Verification
Release
Support
Plant
Operation
Maintenance
Review
Upgrade
ABB addresses cyber security throughout the entire lifecycle and expects the same from our suppliers
Cyber security roadmap – reaching maturity with ABB Cyber Security Services
Note:
IEC 62443-2-1 Ed 2.0 is
still a work in progress
and only available as draft
from ISA here
First step: Determine risk and define target maturity level for each domain
2 2
11 6
9 6
6 12
4 3
Overview
Provides a comprehensive view of your site’s cyber security
status
Identifies strengths and weaknesses for defending against an
attack within your plant’s control systems
Reduces potential for system and plant disruptions
Increases plant and community protection
Supplies a solid foundation from which to build a sustainable
cyber security strategy
Overview
Cyber security awareness training
– Raise awareness for cyber security threats and risks
– For various audiences (technical as well as management)
Overview
Modern operating systems and embedded software often need
to be patched to defend against emerging threats.
Overview
A common threat to control systems is the infection with
malware, often generic malware circulating on the Internet but
also target malware for control systems. Common anti-virus
solutions are a part of the security architecture recommended by
ABB.
Overview
1) Patch Tuesday
The Security Patch Disc Service provides an
efficient way for customers with no remote 2) ABB Updates Status Document
- Microsoft Releases
connectivity with the need to deploy security monthly patches
3) Security Patch Testing Executed
patches and antivirus data files - 2nd Tuesday of the - ABB identifies the
month patches as tested
and marks them as 4) ABB Updates Status Document
- ABB teams install
"T" in the Security and test the various 5) Security Patch
Benefits: Updates Validation ABB products for Patches then go Disc Production
Status product compatibility issues from "Testing" to
The resulting media removes the need for bulletin's with security "Qualified". Security Patch Disc
customers to locate the ABB documentation, - Product bulletins patches released
master is produced,
released to ABB Patches may remain
find the appropriate patches, download them Library, MCS, in the testing state manufactured, and
from the Internet, and transfer them via SolutionsBank if further work is shipped.
needed.
mobile media to the control system
Significantly reduced effort, but also reduced
risk of transferring a virus or malware using
mobile media (e.g. USB drive)
Overview
An important challenge in any cyber security management system
is to maintain a system configuration that is as secure as
possible – a task commonly referred to as system hardening.
This service lets you benefit from the in-depth expertise of ABB
and the hardening policies that have been vetted rigorously by
ABB’s product and service teams.
Overview
If the worst does happen, and cyber-attack or natural disaster
strikes, then ABB’s backup and emergency response services
enable a rapid recovery to normal operations.
Overview
Firewalls protect the perimeter of a network against outsider
intrusion.
Overview
In-depth survey to obtain detailed information about
– the system infrastructure
– the effectiveness and status of existing cyber security measures.
Pinpoints areas that require action to help protect your system by ensuring
it has multiple layers of security.
Proposes a solution that will maintain the system's cyber security at best-
practice levels
Overview
This service contains an IEC 62443 based process for performing
a cyber security risk assessments. The assessment shall improve
the security of the products and systems, perform a threats /
risks based security status evaluation and a plan for prioritizing
the threats / risks for the control system.
Overview
Cyber Security will always be a challenge on a global scale; no
single solution can keep increasingly interconnected systems
secure
Multiple security layers detect and deter threats – if, where and
when they may arise.
Overview
Implementing user accounts and access rights is the
recommended mechanism to enforce the principle of least
privilege on the user level. Defining user access rights and user
policies, are all important measures.
This service gives the customer peace of mind that users of the
system always have the approved and relevant access rights.
Overview
Identifies, classifies and helps prioritize opportunities to improve
the security of your control system by comparing data collected
against industry best practices and standards to detect security
vulnerabilities.
Features:
– Automatic, non-invasive data gathering
– Proactive analysis of KPIs to detect possible security
weaknesses
– On-demand analysis
– On-site or remote access for site personnel and ABB experts
– Configurable alerts (locally and e-mail)