Presentation is loading. Please wait.

Presentation is loading. Please wait.

Akshay Awasthi James J. Fox IV

Published byBryce Lang Modified over 6 years ago

Similar presentations

Presentation on theme: "Akshay Awasthi James J. Fox IV"— Presentation transcript:

1 Akshay Awasthi James J. Fox IV
IoT & SCADA/ICS Akshay Awasthi James J. Fox IV 

2 Outline SCADA/ICS Example of SCADA SCADA Security Vulnerabilities
Stuxnet IoT IoT again? Yep, IoT again Resources

3 SCADA/ICS Supervisory Control and Data Acquisition/Industrial Control Systems Factories, power plants, rail yards, other key infrastructure Uses computers, terminals, network communications and GUI for process management Uses Programmable logic controllers (PLCs) and Proportional–integral–derivative (PID) controllers to control plant processes or machinery Control the entire operation from a single or multiple points

4

5 SCADA Security (LOL) Originally deployed in factories with:
One control computer No outside network connections No physical access to intruders Miles of Ethernet cables Now deployed in factories with: Multiple control stations (Even their phones!) Everything connected to the internet PLCs out in the field in unlocked sheds Mostly unsecured wireless networks

6 Vulnerabilities ICS-CERT (Industrial Control Systems Cyber Emergency Response Team), a branch of the DHS, monitors vulnerabilities Inductive Automation Ignition “information-disclosure vulnerability” ip address]/main/system/backup/full. Wonderware InBatch Client ActiveX control buffer overflow vulnerability “Security through obscurity” Apparent lack of concern for basic security and authentication

7 Stuxnet Symantec Chief Architect Carey Nachenberg
Presentation to Faculty/Staff/Students and Stanford University

8

9

10

11

12

13

14

15

16

17 Sources d4ae52e95e57/thumbnail/770x578/1c952b9dd6dbea139b94ec3415b09896/internet-of-things-poised-to-be-a-security-headache.png Infographic.png?token=TbzL3Sc4T%2BCzrZHcupfemI%2BbPOo%3D devices-to-creating-value-large.jpg ICS-CERT. About the Industrial Control Systems Cyber Emergency Response Team. n.d. Web Page. 27 June < cert.gov/About-Industrial-Control-Systems-Cyber-Emergency-Response-Team>. Industrial Control Systems Cyber Emergency Response Team. "Inductive Automation Ignition Information Disclosure Vulnerability." Advisory Online. 23 June < cert.gov/advisories/ICSA >. —. "Wonderware InBatch Client ActiveX Buffer Overflow." Advisory Fox, James J. SCADA SYSTEMS: SECURITY IN NUCLEAR POWER PLANTS. Final Paper. Norwich University. Northfield, VT, 2017.

Download ppt "Akshay Awasthi James J. Fox IV"

Similar presentations

CONTROL SYSTEMS AND CYBER SECURITY 2600 MEETING JUNE 6,2014 MICHAEL TOECKER Mikhail Turcher, big fanci pantsie.

CONTROL SYSTEMS AND CYBER SECURITY 2600 MEETING JUNE 6,2014 MICHAEL TOECKER Mikhail Turcher, big fanci pantsie.
Ethernet as a field-network Renaud Barillère - CERN IT-CO.

Ethernet as a field-network Renaud Barillère - CERN IT-CO.
Embedded Network Controller with Web Interface Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.

Embedded Network Controller with Web Interface Bradley University Department of Electrical & Computer Engineering By: Ed Siok Advisor: Dr. Malinowski.
SCADA SYSTEM CLASSIFICATION

SCADA SYSTEM CLASSIFICATION
SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.

SCADA – Are we self- sufficient? Presented by Jack McIntyre 15/05/2015Jack McIntyre2.
Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.

Secure Systems Research Group - FAU 1 SCADA Software Architecture Meha Garg Dept. of Computer Science and Engineering Florida Atlantic University Boca.
Core 3: Communication Systems. On any network there are two types of computers present – servers and clients. By definition Client-Server architecture.

Core 3: Communication Systems. On any network there are two types of computers present – servers and clients. By definition Client-Server architecture.
DATA FORMATS FOR AUTOMATION APPLICATIONS AND PROGRAMMABLE LOGIC CONTROLLER (PLC) 1.

DATA FORMATS FOR AUTOMATION APPLICATIONS AND PROGRAMMABLE LOGIC CONTROLLER (PLC) 1.
STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.

STUXNET. Summary What is Stuxnet? Industial Control Systems The target/s of Stuxnet. How Stuxnet spreads. The impact of Stuxnet on PLC’s.
Presented By: Andy Balderson – Product Manager Ethernet, Internet, Wireless or Fiber - Distribute your HMI Application Over IP Networks Farther ! The Web.

Presented By: Andy Balderson – Product Manager Ethernet, Internet, Wireless or Fiber - Distribute your HMI Application Over IP Networks Farther ! The Web.
Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.

Critical Information Infrastructure Protection: Urgent vs. Important Miguel Correia 2012 Workshop on Cyber Security and Global Affairs and Global Security.
SCADA and Telemetry Presented By:.

SCADA and Telemetry Presented By:.
Linksys LNKWET11 Setup 802.11b Ethernet Converter Step 1. Annotate your Computer’s ethernet IP address. Step 2. Change the Ethernet IP Address/subnet/router.

Linksys LNKWET11 Setup b Ethernet Converter Step 1. Annotate your Computer’s ethernet IP address. Step 2. Change the Ethernet IP Address/subnet/router.
Project Proposal Secure Web Access for Tests.  Professors, instructors, and teachers use websites to teach and post data for students to study. If these.

Project Proposal Secure Web Access for Tests.  Professors, instructors, and teachers use websites to teach and post data for students to study. If these.
Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.

Jonathan Baulch  A worm that spreads via USB drives  Exploits a previously unknown vulnerability in Windows  Trojan backdoor that looks for a specific.
הקריה למחקר גרעיני - נגב Nuclear Research Center – Negev (NRCN) Society of Electrical and Electronics Engineers in Israel (SEEEI) 2012 Eran Salfati, Amir.

הקריה למחקר גרעיני - נגב Nuclear Research Center – Negev (NRCN) Society of Electrical and Electronics Engineers in Israel (SEEEI) 2012 Eran Salfati, Amir.
 AUTOMATION  PLC  SCADA  INSTRUMENTATION  DRIVES & MOTORS.

 AUTOMATION  PLC  SCADA  INSTRUMENTATION  DRIVES & MOTORS.
Matt Bancroft Tutis Industrial Monday, 19 October 2015 © Tutis Fructis Ltd 2012.

Matt Bancroft Tutis Industrial Monday, 19 October 2015 © Tutis Fructis Ltd 2012.
Unit 5 CONTROL CENTERS AND POWER SYSTEM SECURITY.

Unit 5 CONTROL CENTERS AND POWER SYSTEM SECURITY.
IntelliSense.io Beyond the hype - Real World Applications / Solutions of Internet of Things.

IntelliSense.io Beyond the hype - Real World Applications / Solutions of Internet of Things.

Similar presentations

Ads by Google