Presentation is loading. Please wait.

Presentation is loading. Please wait.

Detection and Analysis of Threats to the Energy Sector (DATES)

Published byChristal Stanley Modified over 5 years ago

Similar presentations

Presentation on theme: "Detection and Analysis of Threats to the Energy Sector (DATES)"— Presentation transcript:

1 Detection and Analysis of Threats to the Energy Sector (DATES)
LOGIIC successfully adapted available monitoring technology for a control environment. DATES builds a monitoring and SA capability specific to infrastructure systems, with purpose-built monitoring at the device, network, and host level. Alfonso Valdes Senior Computer Scientist SRI International Sponsored by the Department of Energy National SCADA Test Bed Program Managed by the National Energy Technology Laboratory The views herein are the responsibility of the authors and do not necessarily reflect those of the funding agency.

2 DATES Vision Future control systems with PCS aware defense perimeter with globally-linked cyber defense coordination... IDS systems fully tuned for control system protocols and highest threat TCP/IP attacks Realtime event correlation system to support local operator identification and response Specification-based policies enabling intrusion prevention without impacting availability An anonymous and secure peer sharing framework that allows Sector wide threat intelligence acquisition Enables rapid collaborative response to emerging threats

3 Detection and Event Monitoring
Control System aware IDS at the Device, Control LAN, and Host Event Correlation integrates new detection data sources into ArcSight Result: Breakthrough Detection and Security Information Event Monitoring (SIEM) in infrastructure systems. High fidelity situational awareness DATES will develop correlation models for scenarios of interest. ArcSight SIEM has the additional capability to discover novel patterns in heterogeneous event streams.

4 Sector Level Threat Detection and Analysis
Develop a sector-wide, distributed, global, privacy-preserving repository of security events Enable participants to automatically Contribute event data without attribution Query databases for emerging threats Conduct analyses to assess their security posture relative to that of other participants. Privacy preservng is achieved through anonymiztion and maskin of critical fields in event records, as well as responding to queries via aggregate totals.

5 Test and Evaluation Implement a development environment in cooperation with a control systems vendor Sandia will provide a red team assessment of this defense-enabled control system architecture. As solutions mature, Sandia will conduct an extensive red team test and evaluation on the actual system.

6 The Team SRI (Overall Lead): Intrusion Detection, Protocol Analysis, Event Aggregation, Privacy Preserving Sector-wide Repository Sandia National Laboratories: Architectural Vulnerability Analysis, Red Team ArcSight: Security Information Event Monitoring

Download ppt "Detection and Analysis of Threats to the Energy Sector (DATES)"

Similar presentations

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.
Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.

Security Administration Tools and Practices Amit Bhan Usable Privacy and Security.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
GAMMA Overview. Key Data Grant Agreement n° 312382 Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget: 14.837.981.

GAMMA Overview. Key Data Grant Agreement n° Starting date: 1 st September 2013 Duration: 48 months (end date 31 st August 2017) Total Budget:
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Copyright © 2012, SAS Institute Inc. All rights reserved. Cyber Security threats to Open Government Data Vishal Marria April 2014.

Copyright © 2012, SAS Institute Inc. All rights reserved. Cyber Security threats to Open Government Data Vishal Marria April 2014.
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.

ISecurity Complete Product Series For System i. About Raz-Lee Internationally renowned System i solutions provider Founded in 1983; 100% focused on System.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works

Security Controls – What Works
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.

Security Offering. Cyber Security Solutions 2 Assessment Analysis & Planning Design & Architecture Development & Implementation O&M Critical Infrastructure.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Securing Legacy Software SoBeNet User group meeting 25/06/2004.

Securing Legacy Software SoBeNet User group meeting 25/06/2004.
The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.

The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.
SEPRI University of Massachusetts Amherst Security, Emergency Preparedness, and Response Institute SEPRI “Integrating Solutions Providing Real Time Connectivity”

SEPRI University of Massachusetts Amherst Security, Emergency Preparedness, and Response Institute SEPRI “Integrating Solutions Providing Real Time Connectivity”
1 Autonomic Computing An Introduction Guenter Kickinger.

1 Autonomic Computing An Introduction Guenter Kickinger.
Thursday, January 23, 2014 10:00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Thursday, January 23, :00 am – 11:30 am. Agenda  Cyber Security Center of Excellence  Project Phase  Implementation  Next Steps 2.

Similar presentations

Ads by Google