Suche senden
Hochladen
Scada assessment case study
âą
3 gefÀllt mir
âą
1,248 views
Network Intelligence India
Folgen
Technologie
Melden
Teilen
Melden
Teilen
1 von 7
Empfohlen
Callpaper concept: An overview
Callpaper concept: An overview
Pankaj Kumar
Â
Introduction to HMI (Human Machine Interface) | Just Engineering
Introduction to HMI (Human Machine Interface) | Just Engineering
Justengg1
Â
Virtual instrumentation
Virtual instrumentation
Abhijeet Agarwal
Â
Seminar report skinput techonology
Seminar report skinput techonology
Golam Murshid
Â
Internet of things (io t)
Internet of things (io t)
Biniam Behailu
Â
Biometric Voting System
Biometric Voting System
VisualBee.com
Â
Wearables & Smart Homes
Wearables & Smart Homes
Duncan Purves
Â
Pace IT - Basic Client-Side Virtualization
Pace IT - Basic Client-Side Virtualization
Pace IT at Edmonds Community College
Â
Empfohlen
Callpaper concept: An overview
Callpaper concept: An overview
Pankaj Kumar
Â
Introduction to HMI (Human Machine Interface) | Just Engineering
Introduction to HMI (Human Machine Interface) | Just Engineering
Justengg1
Â
Virtual instrumentation
Virtual instrumentation
Abhijeet Agarwal
Â
Seminar report skinput techonology
Seminar report skinput techonology
Golam Murshid
Â
Internet of things (io t)
Internet of things (io t)
Biniam Behailu
Â
Biometric Voting System
Biometric Voting System
VisualBee.com
Â
Wearables & Smart Homes
Wearables & Smart Homes
Duncan Purves
Â
Pace IT - Basic Client-Side Virtualization
Pace IT - Basic Client-Side Virtualization
Pace IT at Edmonds Community College
Â
Seminar report Of Touchless Touchscreen
Seminar report Of Touchless Touchscreen
Lovely Professional University
Â
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing
Yehia Mamdouh
Â
Skinput technology
Skinput technology
Nandini Nagaraj
Â
Human machine interface
Human machine interface
R A Akerkar
Â
InTouch HMI SCADA
InTouch HMI SCADA
Wonderware United Kingdom
Â
Rain technology ppt
Rain technology ppt
DC Graphics
Â
DakNet PPT
DakNet PPT
Seminar Links
Â
SMART DUST
SMART DUST
Khyravdhy Tannaya
Â
SCADA Introduction
SCADA Introduction
PranavAutomation
Â
Sniffer for Detecting Lost Mobile
Sniffer for Detecting Lost Mobile
Seminar Links
Â
IOT and Characteristics of IOT
IOT and Characteristics of IOT
AmberSinghal1
Â
Future of Wireless Technology
Future of Wireless Technology
Nisha Menon K
Â
Components of IOT Implementation
Components of IOT Implementation
Aashiq Ahamed N
Â
PID Controllers
PID Controllers
Hussain K
Â
Seminar report of digital twin
Seminar report of digital twin
faheem m m
Â
IOT Networks
IOT Networks
Marc Nader
Â
Voice morphing
Voice morphing
sukhbeer2314
Â
Hyper transport technology
Hyper transport technology
Akhil Kumar
Â
Voicemorphing
Voicemorphing
Vibhu Mishra
Â
Project report on mesh hybrid topology network vision
Project report on mesh hybrid topology network vision
Jignesh Ameta
Â
Invensys upstream scada technology awareness
Invensys upstream scada technology awareness
chrisjsmith
Â
[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...
TI Safe
Â
Weitere Àhnliche Inhalte
Was ist angesagt?
Seminar report Of Touchless Touchscreen
Seminar report Of Touchless Touchscreen
Lovely Professional University
Â
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing
Yehia Mamdouh
Â
Skinput technology
Skinput technology
Nandini Nagaraj
Â
Human machine interface
Human machine interface
R A Akerkar
Â
InTouch HMI SCADA
InTouch HMI SCADA
Wonderware United Kingdom
Â
Rain technology ppt
Rain technology ppt
DC Graphics
Â
DakNet PPT
DakNet PPT
Seminar Links
Â
SMART DUST
SMART DUST
Khyravdhy Tannaya
Â
SCADA Introduction
SCADA Introduction
PranavAutomation
Â
Sniffer for Detecting Lost Mobile
Sniffer for Detecting Lost Mobile
Seminar Links
Â
IOT and Characteristics of IOT
IOT and Characteristics of IOT
AmberSinghal1
Â
Future of Wireless Technology
Future of Wireless Technology
Nisha Menon K
Â
Components of IOT Implementation
Components of IOT Implementation
Aashiq Ahamed N
Â
PID Controllers
PID Controllers
Hussain K
Â
Seminar report of digital twin
Seminar report of digital twin
faheem m m
Â
IOT Networks
IOT Networks
Marc Nader
Â
Voice morphing
Voice morphing
sukhbeer2314
Â
Hyper transport technology
Hyper transport technology
Akhil Kumar
Â
Voicemorphing
Voicemorphing
Vibhu Mishra
Â
Project report on mesh hybrid topology network vision
Project report on mesh hybrid topology network vision
Jignesh Ameta
Â
Was ist angesagt?
(20)
Seminar report Of Touchless Touchscreen
Seminar report Of Touchless Touchscreen
Â
Scada Industrial Control Systems Penetration Testing
Scada Industrial Control Systems Penetration Testing
Â
Skinput technology
Skinput technology
Â
Human machine interface
Human machine interface
Â
InTouch HMI SCADA
InTouch HMI SCADA
Â
Rain technology ppt
Rain technology ppt
Â
DakNet PPT
DakNet PPT
Â
SMART DUST
SMART DUST
Â
SCADA Introduction
SCADA Introduction
Â
Sniffer for Detecting Lost Mobile
Sniffer for Detecting Lost Mobile
Â
IOT and Characteristics of IOT
IOT and Characteristics of IOT
Â
Future of Wireless Technology
Future of Wireless Technology
Â
Components of IOT Implementation
Components of IOT Implementation
Â
PID Controllers
PID Controllers
Â
Seminar report of digital twin
Seminar report of digital twin
Â
IOT Networks
IOT Networks
Â
Voice morphing
Voice morphing
Â
Hyper transport technology
Hyper transport technology
Â
Voicemorphing
Voicemorphing
Â
Project report on mesh hybrid topology network vision
Project report on mesh hybrid topology network vision
Â
Ăhnlich wie Scada assessment case study
Invensys upstream scada technology awareness
Invensys upstream scada technology awareness
chrisjsmith
Â
[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...
TI Safe
Â
Guard Era Corp Brochure 2008
Guard Era Corp Brochure 2008
GuardEra Access Solutions, Inc.
Â
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Real-Time Innovations (RTI)
Â
Linda Jackman - Oracle
Linda Jackman - Oracle
Greentech Media
Â
CA Nimsoft xen desktop monitoring
CA Nimsoft xen desktop monitoring
CA Nimsoft
Â
OMG DDS: The data centric future beyond message-based integration
OMG DDS: The data centric future beyond message-based integration
Gerardo Pardo-Castellote
Â
ActionPacked! Networks Hosts Cisco Application Visibility & Control Webinar
ActionPacked! Networks Hosts Cisco Application Visibility & Control Webinar
ActionPacked Networks
Â
SCADA packages for Power Distribution Utilities
SCADA packages for Power Distribution Utilities
Chanmeet Singh
Â
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
Javier Guillermo, MBA, MSc, PMP
Â
Alstom Grid And Capgemini Form Global Alliance For Smart Grid: About the Firs...
Alstom Grid And Capgemini Form Global Alliance For Smart Grid: About the Firs...
Capgemini
Â
Safety Monitoring system for a manufacturing workstation using Web Service Te...
Safety Monitoring system for a manufacturing workstation using Web Service Te...
FAST-Lab. Factory Automation Systems and Technologies Laboratory, Tampere University of Technology
Â
Scada
Scada
billy_lx
Â
SCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US Utilities
FitCEO, Inc. (FCI)
Â
Convergence India 2013 Multi-network Forum - Verimatrix
Convergence India 2013 Multi-network Forum - Verimatrix
Verimatrix
Â
Scada system architecture, types and applications
Scada system architecture, types and applications
Uchi Pou
Â
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7
CA API Management
Â
Zigbee Wireless Sensor Network - RTLS and Automation
Zigbee Wireless Sensor Network - RTLS and Automation
Jose MarĂa Carazo Cepedano
Â
The Stuxnet Worm creation process
The Stuxnet Worm creation process
Ajay Ohri
Â
391 394
391 394
Editor IJARCET
Â
Ăhnlich wie Scada assessment case study
(20)
Invensys upstream scada technology awareness
Invensys upstream scada technology awareness
Â
[White paper] detecting problems in industrial networks though continuous mon...
[White paper] detecting problems in industrial networks though continuous mon...
Â
Guard Era Corp Brochure 2008
Guard Era Corp Brochure 2008
Â
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Extending OPC-UA through Architecture Flexibility, Performance, and Scalability
Â
Linda Jackman - Oracle
Linda Jackman - Oracle
Â
CA Nimsoft xen desktop monitoring
CA Nimsoft xen desktop monitoring
Â
OMG DDS: The data centric future beyond message-based integration
OMG DDS: The data centric future beyond message-based integration
Â
ActionPacked! Networks Hosts Cisco Application Visibility & Control Webinar
ActionPacked! Networks Hosts Cisco Application Visibility & Control Webinar
Â
SCADA packages for Power Distribution Utilities
SCADA packages for Power Distribution Utilities
Â
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
NMS Projects and POCs completed and ongoing for OSS NAM v 1.5 Linkedin
Â
Alstom Grid And Capgemini Form Global Alliance For Smart Grid: About the Firs...
Alstom Grid And Capgemini Form Global Alliance For Smart Grid: About the Firs...
Â
Safety Monitoring system for a manufacturing workstation using Web Service Te...
Safety Monitoring system for a manufacturing workstation using Web Service Te...
Â
Scada
Scada
Â
SCADA Exposure Will Short-Circuit US Utilities
SCADA Exposure Will Short-Circuit US Utilities
Â
Convergence India 2013 Multi-network Forum - Verimatrix
Convergence India 2013 Multi-network Forum - Verimatrix
Â
Scada system architecture, types and applications
Scada system architecture, types and applications
Â
How to Choose A SOA Gateway from Layer 7
How to Choose A SOA Gateway from Layer 7
Â
Zigbee Wireless Sensor Network - RTLS and Automation
Zigbee Wireless Sensor Network - RTLS and Automation
Â
The Stuxnet Worm creation process
The Stuxnet Worm creation process
Â
391 394
391 394
Â
Mehr von Network Intelligence India
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
Network Intelligence India
Â
The Economics of Security
The Economics of Security
Network Intelligence India
Â
Web Application Security Strategy
Web Application Security Strategy
Network Intelligence India
Â
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
Network Intelligence India
Â
National Cyber Security Policy 2013
National Cyber Security Policy 2013
Network Intelligence India
Â
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
Network Intelligence India
Â
PCI DSS for Penetration Testing
PCI DSS for Penetration Testing
Network Intelligence India
Â
Understanding Governance
Understanding Governance
Network Intelligence India
Â
Cyber Security in Civil Aviation
Cyber Security in Civil Aviation
Network Intelligence India
Â
Spear Phishing Methodology
Spear Phishing Methodology
Network Intelligence India
Â
Mobile Device Management (MDM)
Mobile Device Management (MDM)
Network Intelligence India
Â
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies
Network Intelligence India
Â
Information Rights Management (IRM)
Information Rights Management (IRM)
Network Intelligence India
Â
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
Network Intelligence India
Â
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
Network Intelligence India
Â
Advanced persistent threats(APT)
Advanced persistent threats(APT)
Network Intelligence India
Â
XML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus Scanner
Network Intelligence India
Â
Cyber fraud in banks
Cyber fraud in banks
Network Intelligence India
Â
Advanced persistent threats
Advanced persistent threats
Network Intelligence India
Â
Who will guard the guards
Who will guard the guards
Network Intelligence India
Â
Mehr von Network Intelligence India
(20)
Vapt pci dss methodology ppt v1.0
Vapt pci dss methodology ppt v1.0
Â
The Economics of Security
The Economics of Security
Â
Web Application Security Strategy
Web Application Security Strategy
Â
ISO 27004- Information Security Metrics Implementation
ISO 27004- Information Security Metrics Implementation
Â
National Cyber Security Policy 2013
National Cyber Security Policy 2013
Â
RBI Gopalakrishna Committee Report on IT
RBI Gopalakrishna Committee Report on IT
Â
PCI DSS for Penetration Testing
PCI DSS for Penetration Testing
Â
Understanding Governance
Understanding Governance
Â
Cyber Security in Civil Aviation
Cyber Security in Civil Aviation
Â
Spear Phishing Methodology
Spear Phishing Methodology
Â
Mobile Device Management (MDM)
Mobile Device Management (MDM)
Â
IT Act 2000 Penalties, Offences with case studies
IT Act 2000 Penalties, Offences with case studies
Â
Information Rights Management (IRM)
Information Rights Management (IRM)
Â
Distributed Denial of Service (DDos) Testing Methodology
Distributed Denial of Service (DDos) Testing Methodology
Â
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
Â
Advanced persistent threats(APT)
Advanced persistent threats(APT)
Â
XML Interfaces to the popular Nessus Scanner
XML Interfaces to the popular Nessus Scanner
Â
Cyber fraud in banks
Cyber fraud in banks
Â
Advanced persistent threats
Advanced persistent threats
Â
Who will guard the guards
Who will guard the guards
Â
KĂŒrzlich hochgeladen
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Â
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
Â
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
Â
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
Â
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Â
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
Â
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
sudhanshuwaghmare1
Â
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
The Digital Insurer
Â
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
lior mazor
Â
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
apidays
Â
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
Â
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Zilliz
Â
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(âïž+971_581248768%)**%*]'#abortion pills for sale in dubai@
Â
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
Â
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Product Anonymous
Â
Architecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
Â
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Remote DBA Services
Â
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel AraĂșjo
Â
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Nanddeep Nachan
Â
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Rustici Software
Â
KĂŒrzlich hochgeladen
(20)
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Â
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Â
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Â
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
Â
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Â
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Â
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
Â
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
Â
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
Â
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Â
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Â
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
Â
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
Â
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Â
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
Â
Architecting Cloud Native Applications
Architecting Cloud Native Applications
Â
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
Â
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Â
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
Â
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
Â
Scada assessment case study
1.
SCADA ASSESSMENT CASE
STUDY From
2.
SCADA Assessment â
Case Study NOTICE This document contains information which is the intellectual property of Network Intelligence (India) Pvt. Ltd. (also called NII Consulting). This document is received in confidence and its contents cannot be disclosed or copied without the prior written consent of NII. Nothing in this document constitutes a guaranty, warranty, or license, expressed or implied. NII disclaims all liability for all such guaranties, warranties, and licenses, including but not limited to: Fitness for a particular purpose; merchantability; non infringement of intellectual property or other rights of any third party or of NII; indemnity; and all others. The reader is advised that third parties can have intellectual property rights that can be relevant to this document and the technologies discussed herein, and is advised to seek the advice of competent legal counsel, without obligation of NII. NII retains the right to make changes to this document at any time without notice. NII makes no warranty for the use of this document and assumes no responsibility for any errors that can appear in the document nor does it make a commitment to update the information contained herein. COPYRIGHT Copyright. Network Intelligence (India) Pvt. Ltd. All rights reserved. NII Consulting is a registered trademark of Network Intelligence India Pvt. Ltd. TRADEMARKS Other product and corporate names may be trademarks of other companies and are used only for explanation and to the owners' benefit, without intent to infringe. NII CONTACT DETAILS Name K. K. Mookhey Title Principal Consultant Company Network Intelligence (India) Pvt. Ltd. Address 204 Eco Space, Off Old Nagardas Road, Andheri (East), Mumbai 400069 E â Mail kkmookhey@niiconsulting.com ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com
3.
SCADA Assessment â
Case Study 1 Background Recently, we were assigned to perform network assessment of the SCADA Network for one of our clients. This case study outlines a brief introduction to SCADA, the sort of assessment we carried out, and typical vulnerabilities that can be found on SCADA systems 2 SCADA (Supervisory Control And Data Acquisition): It generally refers to an industrial control system: a computer system monitoring and controlling a process. The process can be industrial, infrastructure or facility-based as described below: ï· Industrial processes include those of manufacturing, production, power generation, fabrication, and refining, and may run in continuous, batch, repetitive, or discrete modes. ï· Infrastructure processes may be public or private, and include water treatment and distribution, wastewater collection and treatment, oil and gas pipelines, electrical power transmission and distribution, Wind Farms, civil defense siren systems, and large communication systems. ï· Facility processes occur both in public facilities and private ones, including buildings, airports, ships, and space stations. They monitor and control HVAC, access, and energy consumption. Common system components:- A SCADA's System usually consists of the following subsystems: ï· A Human-Machine Interface or HMI is the apparatus which presents process data to a human operator, and through this, the human operator monitors and controls the process. ï· A supervisory (computer) system, gathering (acquiring) data on the process and sending commands (control) to the process. ï· Remote Terminal Units (RTUs) connecting to sensors in the process, converting sensor signals to digital data and sending digital data to the supervisory system. ï· Programmable Logic Controller (PLCs) used as field devices because they are more economical, versatile, flexible, and configurable than special-purpose RTUs. ï· Communication infrastructure connecting the supervisory system to the Remote Terminal Units. ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com
4.
SCADA Assessment â
Case Study SCADA Server / Control Centre Architecture Web Server RAID server SCADA DWeZones UPS Logger /EMS Firewall DMZ Workstation ISR NMS Zone Monit Printer SERVER oring Consoles GPS system S SERVERS SERVERS System (B&W) Syste Printer with Dual Rack Switch m Monitors (Colou r) ICCP Archival Development NID Server(PDS) Communication Server (N/W Intrusion SERVERS ROUTERS VIDEO Detection PROJECTION System) To other SYSTEM To Backup zones location of the site. The main subsystems are: 1. SCADA/EMS Subsystem 2. Inter-Site Communication ICCP Subsystem 3. Web Subsystem and the Security Infrastructure 4. ISR Subsystem (HIS) 5. Archive Subsystem 6. Network Management Subsystem 7. Video Projection System (VPS) 8. Development Subsystem 9. User Interface (UI) Subsystem 10. GPS Time & Frequency Subsystem 11. WAN Subsystem 12. LAN Subsystem 13. Peripheral Devices SCADA/EMS Subsystem: Carries out the SCADA processing and the EMS calculations, feeds the historical information server, sends the data to the operator Consoles. The SCADA functions are Data Acquisition, Data processing, Alarm, and Tagging. EMS functions are Network Status Processor, Optimal Power Flow, Contingency Analysis, Security enhancement and Voltage VAR dispatch. Inter-Site Communication ICCP Subsystem: The inter-site communication (or OAG -Open Access Gateway) subsystem, handles the communication with different (sites) zones of the client using the different communication protocols. The one zone (site) communicates to the other zones systems using the standard IEC870-6 (TASE.2)/ICCP protocol. It interfaces with the SCADA/EMS servers on ISD protocol. ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com
5.
SCADA Assessment â
Case Study Web Subsystem and the Security Infrastructure: The DMZ web subsystem is implemented with the SCADA/EMS server at site. Remote users can access the real-time data and displays through the DMZ web servers. Remote access is provided with appropriate permission and authorization mechanisms. The Web Access area is isolated by two Firewalls. The Web access system consists of Web server, Mail server and Data Replica Server. ISR Subsystem (HIS): The Information Storage and Retrieval subsystem stores user-defined data and events into the ORACLE-based historic database. The ISR system will store: ï· Real time database snapshot, storage and playback ï· Historical Information ï· SOE data ï· Alarm message log ï· Storage of files Archive Subsystem: The Archive subsystem provides centralized storage for whole systemâs data. The Archive subsystem consists of an archive server and a tape autoloader to archive the information such as ISR data, Save cases, Source code files, System Backup (for restore) etc. Network Management Subsystem: The Network Management system monitors the interfaces to the SCADA/EMS servers, workstations, devices, and all SCADA/EMS gateway and routers and gathers performance statistics like resource utilisation. Video Projection System (VPS): VPS is a big display device with 8 segments of 67 inches size each. VPS is driven through a PC installed in its wall and connected on dual LAN Development Subsystem: Development System provides complete autonomous environment for future program development, application building, testing, and system integration, etc. for the system. User Interface (UI) Subsystem: The User Interface (UI) subsystem composed of workstation consoles with graphic cards to drive multiple monitors. GPS Time & Frequency Subsystem: The Time & Frequency subsystem (TFS) captures the GPS time and power system frequency, and synchronizes the time of all the servers and workstations via the LAN, using the standard Network Time Protocol (NTP). WAN Subsystem: The Wide Area Network (WAN) subsystem for connecting Main site and other sites comprises of routers and Modems and wide band communication link from ISP Network. Two Routers are installed in each zone for providing 2 Mbps (redundant) and 64 kbps Link. The main and backup sites are connected to each other through 2 Mbps channels. LAN Subsystem: The SCADA/EMS Local Area Network (LAN) subsystem provides the inter-connection of all the servers, workstations, and peripherals. LAN is formed with redundant standard Ethernet switches. Peripheral Devices: Loggers, Laser printers & Colour Video Copiers. ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com
6.
SCADA Assessment â
Case Study 3 Network Assessment Tools used for Assessment: Auditpro (in-house developed Auditing tool), NMAP, Nessus, Super scan, Initial Phase: Prior to the assessment we tried to get maximum information of SCADA from the vendor. We gathered the following information: ï· 2 SCADA applications (Vendor A and Vendor B) were being used on different sites (zones) of the clientâs network. ï· Vendor Aâs tech support and Vendor Bâs tech support were maintaining the individual site (Zone) of the client. ï· Vendor Aâs SCADA applications were installed on Solaris OS. Oracle was being used as backend database. ï· Vendor Aâs SCADA software was almost obsolete. There were no patches available for the SCADA software and underlying OS. Vendor A was about to withdraw the support for SCADA in the year 2011. ï· AREAVAâs SCADA applications were installed on the windows 2003 servers and Open VMS operating systems. ï· Vendor Bâs SCADA applications were using its own proprietary database known as DB431. ï· Also, Client were using Oracle as database for some additional applications connected to the SCADA network. ï· A previously conducted Vulnerability Assessment by a different consulting firm on the SCADA Servers has resulted in the SCADA servers crashing during the port scanning stage itself. Armed with the above information, we proceeded to perform the vulnerability assessment first on the test environment of the SCADA (Vendor Aâs SCADA product). This was completed successfully without any SCADA server crash. The results were emailed to Vendor Aâs tech support and IT representatives of the customer. We then proceeded for the actual assessment. Vulnerabilities discovered The following vulnerabilities were discovered ï· All the operating systems were in a default configuration without any hardening having been done to the extent that: o Many vulnerable services i.e. echo, daytime, finger were found running on the Windows and Solaris Operating Systems. o Vulnerable services like telnet, BOOTP, source routing, SNMPv2 with default community string public and private were found on the network devices. o Oracle Databases were also not hardened for example we found scott, system user had been given full administrative privilege on database server. o No Patches had been applied on any of the systems ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com
7.
SCADA Assessment â
Case Study o Older IOS/Firmware were being used on the network devices i.e. router, switches, firewall. o No password policy was defined for the SCADA Network. o Administrator credentials of SCADA servers were commonly being shared with all users. o Password being used for administrative accounts on Windows servers and databases, network devices were easily guessable. Network Segregation or the Lack of it ï· Some SCADA Servers were exposed to public network. ï· No VLAN was segregation was found. ï· The bridge connecting the SCADA network to the TCP/IP network was weakly configured â essentially in its default state Other side-effects During the assessment, the Nmap scan completed successfully. However, when we started with Nessus scans the SCADA applications crashed twice. Thankfully, there were redundant servers available for the crashed servers due to which no severe /major incident taken placed. But this showed that simply running a scan is enough to bring SCADA systems to their knees. 4 Root Cause Problems 1. SCADA systems are highly expensive and very mission-critical. Therefore, they are not tweaked or hardened once theyâre up and running 2. SCADA systems are thought to be obscure â since no one knows how they work, no one is going to mess around with them, so why bother securing them 3. SCADA systems are thought to be isolated â but this has been shown to be false multiple times. Many SCADA systems are inter-connected to the corporate TCP/IP network or other TCP/IP networks opening them up to the same issues 4. SCADA vendors donât bother with security. Once a multi-million dollars system is up and running it is just left as it is. So whether it is the Siemens network being attacked by the Stuxnet worm or others, SCADA systems are highly vulnerable due to vendor apathy 5 Conclusion SCADA systems should be treated as highly vulnerable and can be the target of an attack. SCADA attacks are moving out of the realm of science fiction movies and are very much a reality today. Yet organizations continue to adopt a lax stance towards securing SCADA networks. The very first step should be to conduct a thorough assessment of these systems. This has to be done with care since these systems turn out to be highly susceptible to attacks. Stuxnet is a major wake up call to all organizations who thought SCADA systems would never come under attack. ©Network Intelligence India Pvt. Ltd. www.niiconsulting.com