1 / 22

Joint Program Office for Special Technology Countermeasures

Joint Program Office for Special Technology Countermeasures. J P O S T C. Control Systems Vulnerabilities. Tri-Service Power Expo 2003 National Defense Industrial Association 15-17 July 2003 Norfolk, Virginia. Briefing Classification:. UNCLASSIFIED. Contact Information.

bestd
Download Presentation

Joint Program Office for Special Technology Countermeasures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Joint Program Office for Special Technology Countermeasures J P O S T C Control Systems Vulnerabilities Tri-Service Power Expo 2003 National Defense Industrial Association 15-17 July 2003 Norfolk, Virginia Briefing Classification: UNCLASSIFIED

  2. Contact Information Joint Program Office for Special Technology Countermeasures Naval Surface Warfare Center, Dahlgren Division Dahlgren, VA 22448-5100 Mike Burks (540) 653-4973 burksmw@nswc.navy.mil

  3. UNCLASSIFIED

  4. Agenda • Types of Control Systems • Architecture • Impact of Disruption • Reducing Vulnerabilities

  5. Supervisory Control and Data Acquisition SCADA • Used in Electric Power, NG, POL, Water, Waste Water • Older Systems - Primary Conduits of Raw Data In and Commands Out • Newer Systems - Process and Store Significant Amount of Data Internally • Local Control Augmented by Centralized Control Using SCADA

  6. Distributed Control Systems DCS • Control Large Manufacturing and Production Facilities • Process and Store Significant Amount of Data • Chemical Plant Processes Monitoring • Power Plant DCS Linked to Energy Management Center • Power Plant DCS Vulnerabilities Can Extent to Control Center

  7. Programmable Logic Controllers PLC • Used in Manufacturing Facilities, Industrial Facilities, Power Plants,Substations, Water Facilities, US NAVY Warships • May Be used as a Remote Terminal Unit (RTU) for SCADA • Older Systems - PLC Impact Localized • Newer Systems - PLC Impact Widespread • Networking PLC will Increase Vulnerabilities

  8. Control System Architecture Communications Network Sensor Remote Terminal Unit 1 Fiber, Radio, Modem, Microwave, Telephone, Wireless, Powerline Carrier Sensor Remote Terminal Unit 2 Central Monitoring Unit Sensor Programmable Logic Controller

  9. Requirements • Highly Reliable • Make Automated Changes to Processes • Use Real Time Operating System • High Performance • High Functionality

  10. Polled Communications System Polled System • Master Polls Slaves in Sequence • Slave Responds Only If Requested (Half-Duplex) • No Digital Collisions on Network • Slave To Master To Slave Communications

  11. Interrupt Communications Systems Interrupt System (Report By Exception) • Slave Monitors Inputs and Initiates Report Based On Change • Erratic System Operation Caused by Digital Collisions on Network • Master Polls After Slave Fails to Transmit • Slave To Slave Communication

  12. Software Vulnerabilities • Use Insecure Industry-Wide Protocols (DNP3.0, Modbus, Profibus, etc.) • Relying On Obscurity for Security • Heavy Use of Clear Text or ASCII • Protocol Analyzers Available to Decode Structures • Architectures Common Across All Industries • Operating Systems DOS, VMS, UNIX, NT, LINUX, SOLARIS • Proprietary Software Discussed at Conferences and Periodicals • Security Patches Impact Functionality and Performance

  13. Representative RF Threats Surplus Military RF Devices Man Portable RF Devices

  14. Communication Network Instrumentation Central Monitoring Station Remote Station Communication Network Instrumentation Central Monitoring Station Remote Station Communication Network Instrumentation Central Monitoring Station Remote Station Corporate Architecture LAN, WAN, INTERNET

  15. Corporate Network • Highly Networked System • Easy Access to Control Systems From Corporate Intranet • Few Firewalls and Intrusion Detection at Operational Facilities • (Power Plants & Substations) • Remote Maintenance Performed by Vendors • Direct Remote Access Not Protected by Corporate Security

  16. Impacts of Disruptions Depends on Level of Sophistication of Intrusion Electric Power • Outages (Hours to Days) and Equipment Damage • Revert to Manual Operation of System • Monetary Chemical/LNG • Safety Related Safeguards Interrupted • Potentially Catastrophic • Monetary

  17. Impacts of Disruptions Depends on Level of Sophistication of Intrusion Telecommunications • Loss of Service (Hours) and Equipment Damage • Monetary Water and Wastewater • Contamination • Public Confidence • Monetary Manufacturing • Equipment Damage • Monetary

  18. Example of Impact Bellingham, Washington June 1999 • Pressure surge occurred during SCADA slowdown • Control Room Operator Unable to Relieve Pressure • 237,000 gallons of gasoline released from ruptured 16 “ gasoline pipeline • SCADA data base modifications made before event • System Administrator saw errors 18 minutes before rupture • System Administrator did not notify operators • Remote dialup access to SCADA for account holders • Findings by National Transportation Safety Board faulted database modification

  19. Reducing Vulnerabilities (Short Term) • Assume All Control Systems are Vulnerable to Attack • Eliminate Back Doors Used For Maintenance • Implement a Business to Control System Security Policy • Limit Access to Control Systems • Install Security Patches and Insist Vendors Do the Same • Install Firewalls and Intrusion Detection

  20. Reducing Vulnerabilities (Long Term) Information Sharing Between Industries, (ISACs), and Government Support Development of Control System Security Technology • Specifying Security Technology in New Purchases • Firewalls • Intrusion Detection • Encryption • Secure Real Time Operating Systems Join Technical Organizations and Consortiums to Influence Industry • Consortium for Electric Infrastructure to Support a Digital Society (CEIDS) • IEEE-Instrument, Systems and Automation Society (IAS) • International Electrotechnical Commission (IEC)

  21. Dahlgren Test Bed Shielded Diagnostic Vans Citadelle Bastille

  22. Questions ?

More Related