180 likes | 605 Views
ISA S99 – WG4 IEC 62443. Markus Brändle CHCRC.C5. PAS: Scope 1/2. This PAS provides guidance on security objectives to: automation system designers manufacturers (vendors) of devices, subsystems, and systems integrators of subsystems and systems
E N D
ISA S99 – WG4IEC 62443 Markus Brändle CHCRC.C5
PAS: Scope 1/2 This PAS provides guidance on security objectives to: • automation system designers • manufacturers (vendors) of devices, subsystems, and systems • integrators of subsystems and systems • automation system owners/operators (responsible for PCS operation) The PAS considers the following concerns: • graceful migration/evolution for existing systems • meeting security objectives with COTS technologies and products • reliability/availability of the secured communications service • scalability (especially down to small, low cost, low risk systems) • separation of security, safety and automation functionality requirements where appropriate
PAS: Scope 2/2 Operational policies … specify how the provisions of corporate security policy are implemented in respective organizational areas. They define what a specific organizational area will do to achieve the objectives of corporate policy. Operational Procedures define how to perform Operational Policy. They define activities and may refer to relevant methods and references, i.e. standards. Operational practice should contain specific measurable requirements and detail the procedures by providing specific practices of the owner/operator. As these are even more specific to the organization and organizational area only examples may be provided by this PAS. The measures provided by this PAS are rather process based and general in nature than technically specific or prescriptive in terms of countermeasures and configurations.
PAS: Generic reference configuration • Good insight into the recommendations for concrete solutions. • Language of these contributions must be changed to a more normative specification with options • Must be adapted to match S99 zones and conduits
PAS: Security Policy - Measures 8.1 Availability management 8.2 Integrity management 8.3 Logical access management 8.4 Physical access management 8.5 Partition management 8.6 External access management • Mostly process requirements 99.03 • Some technical requirements 99.04
PAS: Conclusions • PAS written as policy statements with few concrete requirements “This PAS will provide countermeasures as processes, and this in form of a proposed policy” more applicable to 99.03 • Compliance testing for products? • Document does not seem to address some of the unique issues of IACS explicitly, e.g. patch management or importance of availability • Good starting point on the areas/issues to be covered
65/360/NP: Informative material • Summary of threat actions & consequences • Typical attack vectors
65/360/NP: Elements • Structure • Elements for securing external network communications paths into industrial automation and process control networks, e.g. • Interactive remote access to a control network (IRA) • Portable engineering computer (PEC) • Elements for securing internal communications paths within an industrial automation or process control network • Elements for devices of an industrial automation or process control network • Rationale given for each requirement • Responsibilities assigned
65/360/NP: Security Levels • Security levels • NONE • LOW • REDUCED • FULL • ISOLATED • Requirements given with respect to security level The remote client [SRL:{ LOW}: should, SRL:{ REDUCED ,FULL}: shall] run a file system integrity checker. The file system integrity …. • Appendix contains evaluation of security levels
65/360/NP: Conclusions • Very detailed & extensive document • Compliance testing possible • Requirements better suited for 99.04 than PAS • Style of requirement definition useful for 99.04 (rationale & security levels) • Work needed to filter, restructure and adapt requirements • Unfinished document