SCADA Roadmap Europe
•Als ODP, PDF herunterladen•
1 gefällt mir•743 views
Slides of my SCADA Roadmap Europe presentation held at the AK IT Security II Lecture on December 14th 2015 at IAIK.
Empfohlen
Weitere ähnliche Inhalte
Andere mochten auch
Andere mochten auch (7)
Ähnlich wie SCADA Roadmap Europe
Ähnlich wie SCADA Roadmap Europe (20)
Kürzlich hochgeladen
Kürzlich hochgeladen (20)
SCADA Roadmap Europe
- 1. AK IT Security II 2015/16Stefan More 1
- 2. 2 ● Definition ● Motivation ● State of CIIP in Europe ● EU „SCADA Roadmap“
- 3. SCADA ● Supervisory Control ● and ● Data Acquisition ● type of Industrial Control System (ICS) 3
- 9. 9 Where? Industrial Control System ● (Smart) Power Grid + Generation ● Gas / Oil / Water ● Transportation ● Chemical Plants ● Donut Factory ● ...
- 11. 11 SCADA Protection: Motivation ✔ Used by Critical Infrastructure ✔ Safety vs. Security ✔ Old systems, suddenly interconnected – Security by Obscurity? ✔ Connected to other ICT ✔ Real attackers: Stuxnet, Daesh, ...
- 12. 12 Let's protect Critical Infrastructure — European Commission https://commons.wikimedia.org/wiki/File:Berlaymont-Building-1.Jpg
- 13. 13 Let's protect Critical Infrastructure! … Critical Information Infrastructure → Consultation (Green Paper, ...)
- 15. 15 COM(2009) 149 on CIIP ● preparedness and prevention ● detection and response ● mitigation and recovery ● international cooperation ● and criteria for EC infrastructures in the field of ICT
- 16. 16 Let's protect Critical Infrastructure! … Critical Information Infrastructure
- 17. 17 Let's protect Critical Infrastructure! … Critical Information Infrastructure … Industrial Control Systems
- 18. 18 Let's protect Critical Infrastructure! … Critical Information Infrastructure … Industrial Control Systems
- 20. 20 ENISA 2011 Report on ICS ● Expert poll ● Document-based research ● Input from CPNI UK, NIST, IEEE, ANSI/ISA, IEC, ISO
- 21. 21 ENISA 2011 Report on ICS ● ~100 key findings ● 7 recommendations
- 22. 22 ENISA Report Recommendations ● Pan-European and National ICS Security Strategies ● Good Practices Guide for ICS Security ● ICS security plan templates ● Awareness and Training ● common test bed / security certification framework ● national ICS-computer emergency response ● research leveraging existing Research Programmes
- 23. 23 Beyond the ENISA Report ● Cyber Europe ● ENISA 2015 Reports: ● Certification of Cyber Security skills of ICS/SCADA professionals ● Analysis of ICS-SCADA Cyber Security Maturity Levels in Critical Sectors ● A lot of work to do: – https://www.enisa.europa.eu/media/news-items/is-europe-ready-to-protect-scada ● See AK IT Security II
- 25. 25 References • ENISA Documents: • Protecting Industrial Control Systems. Recommendations for Europe and Member States • https://www.enisa.europa.eu/media/key-documents/brochures-and-leaflets/scada- security-leaflet/ • News: Is Europe ready to protect SCADA? https://www.enisa.europa.eu/media/news-items/is-europe-ready-to-protect-scada • Wikipedia: SCADA https://en.wikipedia.org/wiki/SCADA • Journal of Homeland Security and Emergency Management http://www.degruyter.com/view/j/jhsem.2005.2.2/jhsem.2005.2.2.1117/jhsem.2005.2.2.1117.xml • Presentations: SCADA StrangeLove https://media.ccc.de/search/?q=scada • Presentation: Damn Vulnerable Chemical Process https://www.youtube.com/watch?v=TPUzNMcFb4A
- 26. AK IT Security II 2015/16Stefan More / smore@tugraz.at 26
- 27. SCADA Roadmap Europe AK IT Security II 2015/16 Stefan More / smore@tugraz.at 27