Presentation is loading. Please wait.

Presentation is loading. Please wait.

Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security.

Published byHoratio Harmon Modified over 8 years ago

Similar presentations

Presentation on theme: "Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security."— Presentation transcript:

1

2

3

4

5

6

7

8

9 Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security Module$0 Software Spectrum Power TG SCADA/EMS (HMI)$0 SICAM PAS v6.00 (RTU)$0 DIGSI (Relay Configuration)$0 DIgSILENT PowerFactory (Power Flow)$0 VmWare ESXi$0 NMap$0 Wireshark$0 BackTrack Linux$0 Total$13,100-$22,200

10

11 SCADA System with Poor Security Improvement Cycle SCADA System with Improved Security System Configuration and Improvement Vulnerability Assessment Attack Scenario

12

13 DIgSilent PowerFactory (OPC Client) Virtal and Real SICAM PAS (OPC DA Server) Virtualized and Real Relays Siemens Spectrum Power TG (HMI)

14 Will use vulnerability scanners to scan for potential vulnerabilities Document and assess this vulnerabilities for potential attack Implement an attack to exploit vulnerability, documenting outcomes Write a report with detail about vulnerabilities, attacks and potential fixes.

15 Our SCADA network test bed consists of a few key pieces of hardware and software: Hardware Siemens SCALANCE S612 Security Module Siemens SIPROTEC 4 7SJ61 Relay (Sensor) Software Siemens Spectrum Power TG SCADA/EMS (HMI) Siemens SICAM PAS v6.00 (RTU) Siemens DIGSI (Software for SIPROTEC Protection Relays) VmWare ESXi 4.1 Nessus Other Vulnerability Assessment Software

16 1.Validate the System – Eliminate any incorrect assumptions 2.Document Running Services – Evaluate possible network entry point into each device – Check for glaring security holes (Open webserver, mail server, etc.) 3.Document Well-Known Vulnerabilities – Check for popular exploit opportunities (Windows, Adobe Reader, Flash)

17 4.Document Implementation Specific Vulnerabilities – Vulnerabilities specific lab equipment and software 5.Attack Implementation – Implement Attack – Document Attack Procedure 6.Produce Report – Existing Vulnerabilities – Possible Impact – Possible Countermeasures

18 Delphin-Informatika IEC 61850 Simulator Delphin-Informatika IEC 61850 Simulator – Software Solution for use a virtual relay – Design for use with SICAM PAS and SIPROTEC Relays – Trial license; limited functionality; expensive – End result: chose to use another software solution Siemens Spectrum Power TG DTS Siemens Spectrum Power TG DTS – Dispatcher Training Simulator – Desired to have DTS read real time data points and update power flow solution in real time – Siemens support period expired, bad/no documentation – End Result: Chose to use DIgSILENT PowerFactory instead

19

20 Virtualization Need to finish implementing the virtual relay simulator and connect it to system. Work on implementing multiple virtual substations into system Create easy deployments for substations Power Flow Simulation Configure DigSilent to integrate with testbed Test out real world scenarios Cyber Attacks Implement attacks against vulnerabilities Document findings

21

Download ppt "Personnel 500-600 hours$10,000-$12,000 Hardware Virtualization Server(?)$3000-$10,000 SIPROTEC 4 7SJ61 Relay s$0 SCALANCE S612 Security."

Similar presentations

© Crown Copyright (2000) Module 2.6 Vulnerability Analysis.

© Crown Copyright (2000) Module 2.6 Vulnerability Analysis.
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.

The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
1 Computational Asset Description for Cyber Experiment Support using OWL Telcordia Contact: Marian Nodine Telcordia Technologies Applied Research

1 Computational Asset Description for Cyber Experiment Support using OWL Telcordia Contact: Marian Nodine Telcordia Technologies Applied Research
Department of Energy PI for Security and Securing PI Dale Peterson Digital Bond, Inc. © 2008 Digital Bond, Inc.

Department of Energy PI for Security and Securing PI Dale Peterson Digital Bond, Inc. © 2008 Digital Bond, Inc.
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.

Team Dec13_11: Cole Hoven Jared Pixley Derek Reiser Rick Sutton Adviser/Client: Prof. Manimaran Govindarasu Graduate Assistant: Aditya Ashok PowerCyber.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Vulnerability Analysis Borrowed from the CLICS group.

Vulnerability Analysis Borrowed from the CLICS group.
CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.

CSCI 530L Vulnerability Assessment. Process of identifying vulnerabilities that exist in a computer system Has many similarities to risk assessment Four.
Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.

Assessing Vulnerabilities ISA 4220 Server Systems Security James A. Edge Jr., CISSP, CISM, CISA, CPTE, MCSE Sr. Security Analyst Cincinnati Bell Technology.
OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.

OpenVAS Vulnerability Assessment Group 5 Igibek Koishybayev; Yingchao Zhu ChenQian; XingyuWu; XuZhuo Zhang.
SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.

SELECTING AND IMPLEMENTING VULNERABILITY SCANNER FOR FUN AND PROFIT by Tim Jett and Mike Townes.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Trends in SCADA Technology for Public Power

Trends in SCADA Technology for Public Power
Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.

Annarita Giani, UC Berkeley Bruno Sinopoli & Aakash Shah, Carnegie Mellon University Gabor Karsai & Jon Wiley, Vanderbilt University TRUST 2008 Autumn.
Patch Management Module 13. Module 2-421 You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.

Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
VMware vCenter Server Module 4.

VMware vCenter Server Module 4.
DataHub ® OPC Tunneller Overview and Demo.  Cogent Real-Time Systems  Established in 1994  Wholly owned subsidiary of Skkynet Cloud Systems  Key stats.

DataHub ® OPC Tunneller Overview and Demo.  Cogent Real-Time Systems  Established in 1994  Wholly owned subsidiary of Skkynet Cloud Systems  Key stats.
Introduction to Network Defense

Introduction to Network Defense
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Similar presentations

Ads by Google