Sergey Gordeyhcik-Industrial CyberSecurity Mission Centric Approach-工業(yè)互聯(lián)網(wǎng)安全論壇_第1頁
Sergey Gordeyhcik-Industrial CyberSecurity Mission Centric Approach-工業(yè)互聯(lián)網(wǎng)安全論壇_第2頁
Sergey Gordeyhcik-Industrial CyberSecurity Mission Centric Approach-工業(yè)互聯(lián)網(wǎng)安全論壇_第3頁
Sergey Gordeyhcik-Industrial CyberSecurity Mission Centric Approach-工業(yè)互聯(lián)網(wǎng)安全論壇_第4頁
Sergey Gordeyhcik-Industrial CyberSecurity Mission Centric Approach-工業(yè)互聯(lián)網(wǎng)安全論壇_第5頁
已閱讀5頁,還剩55頁未讀 繼續(xù)免費閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進行舉報或認領(lǐng)

文檔簡介

employee

IndustrialCyberSecurity

MissionCentricApproach

SergeyGordeyhcik

SCADAStrangeLove

ResearchTeam

WWW.SCADA.SL

GroupofsecurityresearchersfocusedonICS/SCADA

AlexanderTimorin

DmitrySerebryannikov

SergeyDrozdov

AlexanderTlyapov

DmitrySklyarov

SergeyGordeychik

AlexanderZaitsev

EvgenyErmakov

SergeySidorov

AlexeyOsipov

GlebGritsai

SergeyScherbel

AndreyMedov

IlyaKarpov

TimurYunusov

ArtemChaykin

IvanPoliyanchuk

ValentinShilnenkov

DenisBaranov

KirillNesterov

VladimirKochetkov

DmitryEfanov

RomanIlin

VyacheslavEgoshin

DmitryNagibin

RomanPolushin

SergeyBobrov

YuriGoltsevYuriyDyachenko

tosaveHumanityfromindustrialdisasterandtokeepPurityOfEssence

CYBERSECURITY?

INDUSTRIALCYBERSECURITY

Functional

Safetyand

Reliability

Industrial

Safety

Information

Security

Thesecretsofcybersecurity,ValentinGpanovich,EfimRozenberg,SergeyGordeychik.RailwayStrategies,Issue130

/schofieldpublishingltd/docs/railway_strategies_issue_130_june_2

THREATS?

THREATS?

/story/four-cyber-attacks-on-uk-railways-in-a-year-10498558

/technology/2016/jan/07/ukrainian-blackout-hackers-attacked-media-company

INTERCONNECTEDWORLD

32C3,Hamburg,TheGreatTrainCyberRobbery

220,558ONLINE,17,042INENTERPRISES

/analysis/publications/75343/industrial-cybersecurity-threat-landscape/

ICSONLINE:CHINA

ICSONLINE:CHINA

/blog/2016/03/census-scanning-from-siemens-s7-plc-cpustatus/

GREATERCHINA

~10,000OF“SMART”POWERGRIDOBJECTS

?GREENENERGY

?SMARTGRID

?DIGITALSUBSTATIONS121,000KMOFRAILWAYS

?19,000KMOFHIGH-SPEEDLINES

?HIGHLYAUTOMATED

?NATIONALHIGH-SPEEDRAILGRID(4+4)

DIGITALSUBSTATIONTAKEOVER

CTF-STYLEWHITEHATINDUSTRIALCHALLENGE

/press/news/41213/

DIGITALSUBSTATIONTAKEOVER:GOALS

?FINDVULNERABILITIESINIEC-61850SUBSTATIONS

?CREATEEXPLOIT

?TRIGGERCYBER-PHISICALATTACK

RelayProtection

/press/news/41213/

VULNERABILITIESINRELAYPROTECTION

REMOTECODEEXECUTION?

?togetfirmware?

?togetdebugsymbols?

?todebug?

?..PowerPC

?no“operationsystem”

CONFIRMATIONCODE“311299”

Toaccessthisinformation,theconfirmationcode“311299”needstobeprovidedwhenprompted."

...Siemensdoesnotpublishofficialdocumentationonthesestatistics.ItisstronglyrecommendedtoworktogetherwithSiemensSIPROTECcustomercareorcommissioningexpertstoretrieveandinterpretthestatisticsandtestinformation..."

DEVICEMEMORY

/2015/12/now-declared-capabilities.html

CODEREUSE

Linux

VxWorks6.x

61850Stack

MisfortuneCookie

SSHserver

Kudos@repdet@k_v_Nesterov@samincube

RAILWAYCOMPUTERBASEDINTERLOCKING

RAILWAYGSM-RISSUES

VULNERABILITIESOF(U)SIM

?Remotedatarecovery(Kc,TIMSI)

–Chaneldecryption(includingA5/3)

–?Clone?theSIMandmobilestation

?SIM“malware”

?BlockSIMviaPIN/PUKbrute

?ExtendedOTAfeatures(FOTA)

KarstenNohl,https://srlabs.de/rooting-sim-cards/

AlexanderZaitsev,SergeyGordeychik,AlexeyOsipov,PacSec,Tokyo,Japan,2014

LOCALVENDORS

INDUSTRIALCYBERSECURITY

Functional

Safetyand

Reliability

Industrial

Safety

Information

Security

Thesecretsofcybersecurity,ValentinGpanovich,EfimRozenberg,SergeyGordeychik.RailwayStrategies,Issue130

/schofieldpublishingltd/docs/railway_strategies_issue_130_june_2

MISSIONCENTRICAPPROACH

Industrialsafety:directlyaffectphysicalsafety.

Economical:decreaserailroadtrafficcapacityorotherquantitativeeconomicalcharacteristics(traindelays,localpoweroutage)

Reliabilityandfunctionalsafetyimpact:ICScrashes,outofservice,etc.

COMPUTERBASEDINTERLOCKING

1

2

FORMALREQUIREMENTS

CBI:THREATMODEL

1.Safety(CyberPhysicalThreats)

?setalessrestrictivesignallight

?operateaswitchwithatrainpassingoverit

?setconflictingroutes…

2.Economics(freightefficiency)

?CBICPUcrash

?Blockingofcontrol

?Falseindication…

3.Reliabilityandfunctionalsafety

?CBICPUreboot

?Networkcrash…

Signallingcybersecurity:theneedforamission-centricapproach

ValentinGapanovich,EfimRozenbergandSergeyGordeychik

/index.php/signalling/signalling-cyber-security-the-need-for-a-mission-centric-approach.html

FULLPICTURE

LETDOITTOGETHER!

?GOVERNMENT

REGULATORYAUTHORITIES

LAWENFORCEMENTS

CERTS

?RESEARCHERS

?ICSVENDORS

?SECURITYVENDORS

?OPERATORSOFCRITICALINFRASTRUCTURE

#SCADASOS

Q:WTFSACADSOS?

A:SCADASOS-(un)Secure

OpenSmartGridsisopen

initiativetoriseawarenesson

insecuritiesofSmartGrid,

PhotovoltaicPowerStations

andWindFarms.

Q:Howtoparticipate

A:FindInternet-connectedPV

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負責。
  • 6. 下載文件中如有侵權(quán)或不適當內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準確性、安全性和完整性, 同時也不承擔用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

最新文檔

評論

0/150

提交評論