SlideShare une entreprise Scribd logo

Design Like a Pro: SCADA Security Guidelines

Télécharger en tant que PPTX, PDF
Inductive Automation
Inductive Automation

Inductive Automation’s Co-Director of Sales Engineering Kevin McClusky (presenter) and Chief Strategy Officer Don Pearson (moderator) discusses a prevention-focused approach that encompasses physical security as well as cybersecurity. As you’ll learn, an effective SCADA security plan doesn’t just safeguard the platform itself but also each network, device, and database connection. Learn more about: - Phishing and other common attack vectors - Guarding against internal threats - Locking down your operating system - Leveraging encryption effectively - Using Java safely - Applying security guidelines in the Ignition industrial application platform - And much more

Logiciels
1  sur  48
Moderator Don Pearson Chief Strategy Officer Inductive Automation
Today’s Agenda • Introduction to Ignition • SCADA/ICS Security Basics • Approaches to SCADA/ICS Security • Tools for Protecting Your Network • Security Hardening in Ignition • Q&A
About Inductive Automation • Founded in 2003 • HMI, SCADA, MES, and IIoT software • Installed in 100+ countries • Over 1,500 integrators • Used by 48% of Fortune 100 companies Learn more at: inductiveautomation.com/about
Used by Major Companies Worldwide
Ignition: Industrial Application Platform One Universal Platform for SCADA, MES & IIoT: • Unlimited licensing model • Cross-platform compatibility • Based on IT-standard technologies • Scalable server-client architecture • Web-managed • Web-launched on desktop or mobile • Modular configurability • Rapid development and deployment
Presenter Kevin McClusky Co-Director of Sales Engineering, Inductive Automation
Disclaimer Cybersecurity is a deep and complex topic, and this webinar presents a general overview of the subject. It is not intended as comprehensive instruction or training on industrial control system security. It contains general, widely applicable guidelines about ICS security; however, because every organization is different, you should work with a security expert to make sure that your specific security needs are met.
Different Types of Security
SCADA/ICS Security Basics Three laws of SCADA security: • Nothing is 100% secure. • All software can be hacked. • Every piece of information can be an attack. – From SCADA Security – What’s Broken and How to Fix It by Andrew Ginter
SCADA/ICS Security Basics Who’s attacking our systems? • Insiders (corporate insiders & SCADA insiders) • Organized Crime • Hackers • Intelligence Agencies • Military
SCADA/ICS Security Basics How are they attacking us? • Phishing - #1 attack vector for ICS - Spear phishing - In 2016, 30% of phishing messages were opened, up from 23% in 2015 • Malware & ransomware High-profile attacks: - WannaCry & Not Petya (2017) - Stuxnet (2010) • Weak authentication • SQL injection • Network scanning • Abuse of authority • Brute force • Rogue devices • Removable media
Approaches to SCADA/ICS Security What can we do about it? • Keep it simple. Complexity doesn’t improve security. • Know your environment (which machines & software versions you have, your normal traffic level, etc.). • You can’t eliminate risk but you can mitigate risk. • Make it very difficult and expensive to pull off an attack.
Approaches to SCADA/ICS Security IT Security • Software-based • Focus: detecting & responding to intrusion • Stakes: compromised or stolen data, system crashes, interruption, financial losses, etc. ICS Security • Hardware-based • Focus: preventing intrusion • Stakes: loss of life, environmental damage, economic impact Industrial organizations must focus on prevention while also implementing IT-class security measures in order to secure their control systems.
Approaches to SCADA/ICS Security
Approaches to SCADA/ICS Security
Tools for Protecting Your Network Authentication • Username/password (Don’t use default passwords!) • User- and role-based security (Based on Principle of Least Privilege) • Biometrics (fingerprints, retina scans) • Public Key Infrastructure (PKI) • Key cards • USB tokens • Application security: role-based settings/permissions can be used to secure applications (clients, design environment, tags) • Database connection encryption • OPC UA connections
Tools for Protecting Your Network Encryption (TLS/SSL/https) • Encrypts all data sent over HTTP • Protects against snooping & session hijacking • Can be used to protect the SCADA Gateway • Can be used with a VLAN to secure native device communication • Can be used to encrypt OPC UA communication • Can be used to help secure databases that support TLS/SSL
Tools for Protecting Your Network Auditing • Record details about specific events • Track down who did what from where • Helpful in deterring attacks by SCADA insiders • Use audit logs, trails, profiles
Tools for Protecting Your Network Ways to Protect Your Operating System: • Remove any unnecessary programs. • Keep OS patches & service packs up-to-date. • Disable remote services on Windows. • Set up firewalls to restrict network traffic; close all ports and only reopen ports that are necessary. • Set up firewalls on redundant servers. • If remote access is required, get a VPN device with good multi-factor authentication.
Tools for Protecting Your Network Ways to Secure Your Device/PLC Connections: • Native device communication options: - Keep on a separate, private OT network - Network segmentation - VLAN with encryption - Set up routing rules - Use edge-of-network gateway as bridge between device & network • OPC UA and MQTT communication offers built-in security, and communications can be encrypted over TLS
Tools for Protecting Your Network SCADA Network IT Network Unidirectional Gateway TX RX Interface Interface Unidirectional Gateways (data diodes) are an option for standalone networks with tight controls over what goes in and out.
Tools for Protecting Your Network Physical Security: • Because control devices like PLCs cannot be locked down, it is essential to implement physical security measures, such as the following: - Badges & badge readers - Physical media controls (including laptops, phones, USB keys) - Video monitoring - Policies and training - Guards
Security Hardening in Ignition • The following steps are intended to provide general guidance on how to set up and secure your Ignition installation • General suggestions regarding the hardware and network where Ignition is installed
Security Hardening in Ignition Secure the Gateway • Change the Admin Password • Configure Access for the Gateway • Enable SSL - Acquire and install an SSL Certificate for Ignition, from a certificate authority (highly recommended)
Demo: Securing the Gateway
Security Hardening in Ignition Device, MQTT, and OPC Security • OPC UA Communication • Native Device Communication • MQTT
Demo: Device, MQTT, and OPC Security
Security Hardening in Ignition Use Security Zones • A Security Zone is a list of Gateways, Computers, or IP addresses that are defined and grouped together. • When zones are defined, you can place additional policies & restrictions on them. • Provides read-only and read/write access to specified locations. • Helps keep different areas of the business separate while allowing them to interconnect.
Demo: Security Zones
Security Hardening in Ignition Define Application Security • Client Security • Designer Security • Tag Security • Named Queries
Demo: Defining Application Security
Security Hardening in Ignition Set Up Audit Logging • Audit Profiles are simple to set up, and immediately start recording events. • Only tag writes, SQL UPDATE, SQL INSERT, and SQL DELETE statements are recorded. A time-stamp is also recorded.
Demo: Setting Up Audit Logging
Security Hardening in Ignition Protect the Database • Rather than using a database owner account such as root or sa, we recommend creating a separate user account with limited privileges for the database connection with the Ignition Gateway. • If your database supports TLS encryption, use it for the Ignition-to- database connection. • TLS can be enabled for databases running on different servers (follow the information for its JDBC driver and internal security settings).
Security Hardening in Ignition Securing Java • Change Java security settings • Keep Java up-to-date
Security Hardening in Ignition Securing Java Disable Java Plug-In in Web Browsers
Security Hardening in Ignition Turning on the Firewall • Enable firewall for all traffic • Allow needed ports through
Demo: Configuring Windows Firewall
Security Hardening in Ignition Active Directory and Authentication Services • Group Access and Disabling Auto Login • User Accounts • LDAP Protocol Security
Demo: Active Directory & Authentication Services
Security Hardening in Ignition Keep Ignition Up-to-Date • Software security requires constant effort and maintenance • Security updates are released periodically to ensure continued protection • Keeping up-to-date with updates is strongly recommended
Summary
Questions & Comments Jim Meisler x227 Vannessa Garcia x231 Vivian Mudge x253 Account Executives Myron Hoertling x224 Shane Miller x218 Ramin Rofagha x251 Maria Chinappi x264 Dan Domerofski x273 Lester Ares x214 Melanie Hottman Director of Sales: 800-266-7798 x247 Jeff Osterback x207 Kevin McClusky Co-Director of Sales Engineering: x237 kmcclusky@inductiveautomation.com
Design Like a Pro: SCADA Security Guidelines

Recommandé

Design Like a Pro: How to Pick the Right System Architecture
Design Like a Pro: How to Pick the Right System ArchitectureDesign Like a Pro: How to Pick the Right System Architecture
Design Like a Pro: How to Pick the Right System ArchitectureInductive Automation
 
Historic Opportunities: Discover the Power of Ignition's Historian
Historic Opportunities: Discover the Power of Ignition's HistorianHistoric Opportunities: Discover the Power of Ignition's Historian
Historic Opportunities: Discover the Power of Ignition's HistorianInductive Automation
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
How to Quickly Create Effective Plant-Floor Screens
How to Quickly Create Effective Plant-Floor ScreensHow to Quickly Create Effective Plant-Floor Screens
How to Quickly Create Effective Plant-Floor ScreensInductive Automation
 
10 Steps to Architecting a Sustainable SCADA System
10 Steps to Architecting a Sustainable SCADA System10 Steps to Architecting a Sustainable SCADA System
10 Steps to Architecting a Sustainable SCADA SystemInductive Automation
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Design Like a Pro - Best Practices For IIoT
Design Like a Pro - Best Practices For IIoTDesign Like a Pro - Best Practices For IIoT
Design Like a Pro - Best Practices For IIoTInductive Automation
 
Design Like a Pro: How to Best Plan Your Perspective Project
Design Like a Pro: How to Best Plan Your Perspective ProjectDesign Like a Pro: How to Best Plan Your Perspective Project
Design Like a Pro: How to Best Plan Your Perspective ProjectInductive Automation
 

Recommandé

Design Like a Pro: How to Pick the Right System Architecture
Design Like a Pro: How to Pick the Right System ArchitectureDesign Like a Pro: How to Pick the Right System Architecture
Design Like a Pro: How to Pick the Right System ArchitectureInductive Automation
 
Historic Opportunities: Discover the Power of Ignition's Historian
Historic Opportunities: Discover the Power of Ignition's HistorianHistoric Opportunities: Discover the Power of Ignition's Historian
Historic Opportunities: Discover the Power of Ignition's HistorianInductive Automation
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
How to Quickly Create Effective Plant-Floor Screens
How to Quickly Create Effective Plant-Floor ScreensHow to Quickly Create Effective Plant-Floor Screens
How to Quickly Create Effective Plant-Floor ScreensInductive Automation
 
10 Steps to Architecting a Sustainable SCADA System
10 Steps to Architecting a Sustainable SCADA System10 Steps to Architecting a Sustainable SCADA System
10 Steps to Architecting a Sustainable SCADA SystemInductive Automation
 
Design Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesDesign Like a Pro: Scripting Best Practices
Design Like a Pro: Scripting Best PracticesInductive Automation
 
Design Like a Pro - Best Practices For IIoT
Design Like a Pro - Best Practices For IIoTDesign Like a Pro - Best Practices For IIoT
Design Like a Pro - Best Practices For IIoTInductive Automation
 
Design Like a Pro: How to Best Plan Your Perspective Project
Design Like a Pro: How to Best Plan Your Perspective ProjectDesign Like a Pro: How to Best Plan Your Perspective Project
Design Like a Pro: How to Best Plan Your Perspective ProjectInductive Automation
 
Design Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise ArchitecturesDesign Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise ArchitecturesInductive Automation
 
The Art of Displaying Industrial Data
The Art of Displaying Industrial DataThe Art of Displaying Industrial Data
The Art of Displaying Industrial DataInductive Automation
 
Leveraging Operational Data in the Cloud
Leveraging Operational Data in the Cloud Leveraging Operational Data in the Cloud
Leveraging Operational Data in the CloudInductive Automation
 
Design Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIsDesign Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIsInductive Automation
 
Design Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIsDesign Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIsInductive Automation
 
Design Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise SolutionsDesign Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise SolutionsInductive Automation
 
Unlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE ImplementationUnlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE ImplementationInductive Automation
 
Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Inductive Automation
 
Design Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation SchemesDesign Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation SchemesInductive Automation
 
Future-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition PlatformFuture-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition PlatformInductive Automation
 
Leveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real ProjectsLeveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real ProjectsInductive Automation
 
Common Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and SecurityCommon Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and SecurityInductive Automation
 
System Platform
System PlatformSystem Platform
System PlatformAveva_Wonderware
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease Inductive Automation
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...AVEVA
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonDigital Catapult
 
Webinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major HighlightsWebinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major HighlightsAPPSeCONNECT
 
Witekio IoT presentation
Witekio IoT presentation Witekio IoT presentation
Witekio IoT presentation Witekio
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Introduction to Fog
Introduction to FogIntroduction to Fog
Introduction to FogCisco DevNet
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 

Contenu connexe

Tendances

Design Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise ArchitecturesDesign Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise ArchitecturesInductive Automation
 
The Art of Displaying Industrial Data
The Art of Displaying Industrial DataThe Art of Displaying Industrial Data
The Art of Displaying Industrial DataInductive Automation
 
Leveraging Operational Data in the Cloud
Leveraging Operational Data in the Cloud Leveraging Operational Data in the Cloud
Leveraging Operational Data in the CloudInductive Automation
 
Design Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIsDesign Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIsInductive Automation
 
Design Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIsDesign Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIsInductive Automation
 
Design Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise SolutionsDesign Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise SolutionsInductive Automation
 
Unlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE ImplementationUnlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE ImplementationInductive Automation
 
Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Inductive Automation
 
Design Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation SchemesDesign Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation SchemesInductive Automation
 
Future-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition PlatformFuture-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition PlatformInductive Automation
 
Leveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real ProjectsLeveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real ProjectsInductive Automation
 
Common Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and SecurityCommon Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and SecurityInductive Automation
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease Inductive Automation
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...AVEVA
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonDigital Catapult
 
Webinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major HighlightsWebinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major HighlightsAPPSeCONNECT
 
Witekio IoT presentation
Witekio IoT presentation Witekio IoT presentation
Witekio IoT presentation Witekio
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...EnergySec
 
Introduction to Fog
Introduction to FogIntroduction to Fog
Introduction to FogCisco DevNet
 

Tendances (20)

Design Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise ArchitecturesDesign Like a Pro: Essential Steps for Enterprise Architectures
Design Like a Pro: Essential Steps for Enterprise Architectures
 
The Art of Displaying Industrial Data
The Art of Displaying Industrial DataThe Art of Displaying Industrial Data
The Art of Displaying Industrial Data
 
Leveraging Operational Data in the Cloud
Leveraging Operational Data in the Cloud Leveraging Operational Data in the Cloud
Leveraging Operational Data in the Cloud
 
Design Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIsDesign Like a Pro: Basics of Building Mobile-Responsive HMIs
Design Like a Pro: Basics of Building Mobile-Responsive HMIs
 
Design Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIsDesign Like a Pro: Developing & Deploying Perspective Applications as HMIs
Design Like a Pro: Developing & Deploying Perspective Applications as HMIs
 
Design Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise SolutionsDesign Like a Pro: Planning Enterprise Solutions
Design Like a Pro: Planning Enterprise Solutions
 
Unlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE ImplementationUnlocking Greater Efficiency: The Why and How of OEE Implementation
Unlocking Greater Efficiency: The Why and How of OEE Implementation
 
Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era
 
Design Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation SchemesDesign Like a Pro: Building Better HMI Navigation Schemes
Design Like a Pro: Building Better HMI Navigation Schemes
 
Future-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition PlatformFuture-Proofing Your Enterprise with the Ignition Platform
Future-Proofing Your Enterprise with the Ignition Platform
 
Leveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real ProjectsLeveraging Ignition Quick Start to Rapidly Build Real Projects
Leveraging Ignition Quick Start to Rapidly Build Real Projects
 
Common Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and SecurityCommon Project Mistakes: Visualization, Alarms, and Security
Common Project Mistakes: Visualization, Alarms, and Security
 
System Platform
System PlatformSystem Platform
System Platform
 
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
The New Ignition v7.9 - See, Maintain, and Manage Your Enterprise With Ease
 
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
Alarm Notifications with WIN-911 NOW Available for InduSoft Web Studio - WIN-...
 
BT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob RowlingsonBT Cloud Enterprise Service Store - Rob Rowlingson
BT Cloud Enterprise Service Store - Rob Rowlingson
 
Webinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major HighlightsWebinar: APPSeCONNECT Product Updates 2019 - Major Highlights
Webinar: APPSeCONNECT Product Updates 2019 - Major Highlights
 
Witekio IoT presentation
Witekio IoT presentation Witekio IoT presentation
Witekio IoT presentation
 
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
ICS Cybersecurity: How to Protect the Proprietary Cyber Assets That Hackers C...
 
Introduction to Fog
Introduction to FogIntroduction to Fog
Introduction to Fog
 

Similaire à Design Like a Pro: SCADA Security Guidelines

Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskInductive Automation
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hackingDesmond Devendran
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNicholas Davis
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcingNicholas Davis
 
Cloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hackedCloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hackedTempered
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemInductive Automation
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11Waqas Ahmed Nawaz
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfThangDang53
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskPrecisely
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
Dncybersecurity
DncybersecurityDncybersecurity
DncybersecurityAnne Starr
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...EC-Council
 

Similaire à Design Like a Pro: SCADA Security Guidelines (20)

Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Material best practices in network security using ethical hacking
Material best practices in network security using ethical hackingMaterial best practices in network security using ethical hacking
Material best practices in network security using ethical hacking
 
Network Security, Change Control, Outsourcing
Network Security, Change Control, OutsourcingNetwork Security, Change Control, Outsourcing
Network Security, Change Control, Outsourcing
 
Network security, change control, outsourcing
Network security, change control, outsourcingNetwork security, change control, outsourcing
Network security, change control, outsourcing
 
Chapter08
Chapter08Chapter08
Chapter08
 
C days2015
C days2015C days2015
C days2015
 
Cloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hackedCloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hacked
 
Security Best Practices for Your Ignition System
Security Best Practices for Your Ignition SystemSecurity Best Practices for Your Ignition System
Security Best Practices for Your Ignition System
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Social Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity RiskSocial Distance Your IBM i from Cybersecurity Risk
Social Distance Your IBM i from Cybersecurity Risk
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
Network security
Network securityNetwork security
Network security
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewall
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...Defending Applications In the Cloud: Architecting Layered Security Solutions ...
Defending Applications In the Cloud: Architecting Layered Security Solutions ...
 

Plus de Inductive Automation

De-Risk Your Digital Transformation — And Reduce Time, Cost & Complexity
De-Risk Your Digital Transformation — And Reduce Time, Cost & ComplexityDe-Risk Your Digital Transformation — And Reduce Time, Cost & Complexity
De-Risk Your Digital Transformation — And Reduce Time, Cost & ComplexityInductive Automation
 
Overcoming Digital Transformation Pain Points
Overcoming Digital Transformation Pain PointsOvercoming Digital Transformation Pain Points
Overcoming Digital Transformation Pain PointsInductive Automation
 
How Ignition Eases SCADA Pain Points
How Ignition Eases SCADA Pain PointsHow Ignition Eases SCADA Pain Points
How Ignition Eases SCADA Pain PointsInductive Automation
 
Solving Data Problems to Accelerate Digital Transformation.pptx
Solving Data Problems to Accelerate Digital Transformation.pptxSolving Data Problems to Accelerate Digital Transformation.pptx
Solving Data Problems to Accelerate Digital Transformation.pptxInductive Automation
 
Turn Any Panel PC Into an Ignition HMI
Turn Any Panel PC Into an Ignition HMITurn Any Panel PC Into an Ignition HMI
Turn Any Panel PC Into an Ignition HMIInductive Automation
 
5 Mobile-Responsive Layout Strategies
5 Mobile-Responsive Layout Strategies5 Mobile-Responsive Layout Strategies
5 Mobile-Responsive Layout StrategiesInductive Automation
 
Bringing Digital Transformation Into Focus
Bringing Digital Transformation Into FocusBringing Digital Transformation Into Focus
Bringing Digital Transformation Into FocusInductive Automation
 
Integrators Explore the Road Ahead
Integrators Explore the Road AheadIntegrators Explore the Road Ahead
Integrators Explore the Road AheadInductive Automation
 
Top 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemTop 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemInductive Automation
 
Common Project Mistakes (And How to Avoid Them)
Common Project Mistakes (And How to Avoid Them)Common Project Mistakes (And How to Avoid Them)
Common Project Mistakes (And How to Avoid Them)Inductive Automation
 
The Evolution of Industrial Visualization
The Evolution of Industrial VisualizationThe Evolution of Industrial Visualization
The Evolution of Industrial VisualizationInductive Automation
 
Integrator Discussion: Leading Through Innovation During COVID-19 and Beyond
Integrator Discussion: Leading Through Innovation During COVID-19 and BeyondIntegrator Discussion: Leading Through Innovation During COVID-19 and Beyond
Integrator Discussion: Leading Through Innovation During COVID-19 and BeyondInductive Automation
 
Ignition Community Live with Carl Gould & Colby Clegg
Ignition Community Live with Carl Gould & Colby CleggIgnition Community Live with Carl Gould & Colby Clegg
Ignition Community Live with Carl Gould & Colby CleggInductive Automation
 
Securely Monitor Critical Systems From Anywhere
Securely Monitor Critical Systems From AnywhereSecurely Monitor Critical Systems From Anywhere
Securely Monitor Critical Systems From AnywhereInductive Automation
 
Leveraging Ignition for Smart Manufacturing and Digital Transformation
Leveraging Ignition for Smart Manufacturing and Digital TransformationLeveraging Ignition for Smart Manufacturing and Digital Transformation
Leveraging Ignition for Smart Manufacturing and Digital TransformationInductive Automation
 
6 Simple Steps to Enterprise Digital Transformation
6 Simple Steps to Enterprise Digital Transformation6 Simple Steps to Enterprise Digital Transformation
6 Simple Steps to Enterprise Digital TransformationInductive Automation
 
Demystifying SAP Connectivity to Ignition
Demystifying SAP Connectivity to IgnitionDemystifying SAP Connectivity to Ignition
Demystifying SAP Connectivity to IgnitionInductive Automation
 
Pushing the Boundaries of Data Visualization
Pushing the Boundaries of Data VisualizationPushing the Boundaries of Data Visualization
Pushing the Boundaries of Data VisualizationInductive Automation
 

Plus de Inductive Automation (20)

De-Risk Your Digital Transformation — And Reduce Time, Cost & Complexity
De-Risk Your Digital Transformation — And Reduce Time, Cost & ComplexityDe-Risk Your Digital Transformation — And Reduce Time, Cost & Complexity
De-Risk Your Digital Transformation — And Reduce Time, Cost & Complexity
 
Overcoming Digital Transformation Pain Points
Overcoming Digital Transformation Pain PointsOvercoming Digital Transformation Pain Points
Overcoming Digital Transformation Pain Points
 
How Ignition Eases SCADA Pain Points
How Ignition Eases SCADA Pain PointsHow Ignition Eases SCADA Pain Points
How Ignition Eases SCADA Pain Points
 
New Ignition Features In Action
New Ignition Features In ActionNew Ignition Features In Action
New Ignition Features In Action
 
Solving Data Problems to Accelerate Digital Transformation.pptx
Solving Data Problems to Accelerate Digital Transformation.pptxSolving Data Problems to Accelerate Digital Transformation.pptx
Solving Data Problems to Accelerate Digital Transformation.pptx
 
Turn Any Panel PC Into an Ignition HMI
Turn Any Panel PC Into an Ignition HMITurn Any Panel PC Into an Ignition HMI
Turn Any Panel PC Into an Ignition HMI
 
5 Mobile-Responsive Layout Strategies
5 Mobile-Responsive Layout Strategies5 Mobile-Responsive Layout Strategies
5 Mobile-Responsive Layout Strategies
 
Bringing Digital Transformation Into Focus
Bringing Digital Transformation Into FocusBringing Digital Transformation Into Focus
Bringing Digital Transformation Into Focus
 
Integrators Explore the Road Ahead
Integrators Explore the Road AheadIntegrators Explore the Road Ahead
Integrators Explore the Road Ahead
 
Top 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA SystemTop 10 Design & Security Tips to Elevate Your SCADA System
Top 10 Design & Security Tips to Elevate Your SCADA System
 
Common Project Mistakes (And How to Avoid Them)
Common Project Mistakes (And How to Avoid Them)Common Project Mistakes (And How to Avoid Them)
Common Project Mistakes (And How to Avoid Them)
 
First Steps to DevOps
First Steps to DevOpsFirst Steps to DevOps
First Steps to DevOps
 
The Evolution of Industrial Visualization
The Evolution of Industrial VisualizationThe Evolution of Industrial Visualization
The Evolution of Industrial Visualization
 
Integrator Discussion: Leading Through Innovation During COVID-19 and Beyond
Integrator Discussion: Leading Through Innovation During COVID-19 and BeyondIntegrator Discussion: Leading Through Innovation During COVID-19 and Beyond
Integrator Discussion: Leading Through Innovation During COVID-19 and Beyond
 
Ignition Community Live with Carl Gould & Colby Clegg
Ignition Community Live with Carl Gould & Colby CleggIgnition Community Live with Carl Gould & Colby Clegg
Ignition Community Live with Carl Gould & Colby Clegg
 
Securely Monitor Critical Systems From Anywhere
Securely Monitor Critical Systems From AnywhereSecurely Monitor Critical Systems From Anywhere
Securely Monitor Critical Systems From Anywhere
 
Leveraging Ignition for Smart Manufacturing and Digital Transformation
Leveraging Ignition for Smart Manufacturing and Digital TransformationLeveraging Ignition for Smart Manufacturing and Digital Transformation
Leveraging Ignition for Smart Manufacturing and Digital Transformation
 
6 Simple Steps to Enterprise Digital Transformation
6 Simple Steps to Enterprise Digital Transformation6 Simple Steps to Enterprise Digital Transformation
6 Simple Steps to Enterprise Digital Transformation
 
Demystifying SAP Connectivity to Ignition
Demystifying SAP Connectivity to IgnitionDemystifying SAP Connectivity to Ignition
Demystifying SAP Connectivity to Ignition
 
Pushing the Boundaries of Data Visualization
Pushing the Boundaries of Data VisualizationPushing the Boundaries of Data Visualization
Pushing the Boundaries of Data Visualization
 

Dernier

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 

Dernier (20)

The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 

Design Like a Pro: SCADA Security Guidelines

  • 1.
  • 2. Moderator Don Pearson Chief Strategy Officer Inductive Automation
  • 3. Today’s Agenda • Introduction to Ignition • SCADA/ICS Security Basics • Approaches to SCADA/ICS Security • Tools for Protecting Your Network • Security Hardening in Ignition • Q&A
  • 4. About Inductive Automation • Founded in 2003 • HMI, SCADA, MES, and IIoT software • Installed in 100+ countries • Over 1,500 integrators • Used by 48% of Fortune 100 companies Learn more at: inductiveautomation.com/about
  • 5. Used by Major Companies Worldwide
  • 6. Ignition: Industrial Application Platform One Universal Platform for SCADA, MES & IIoT: • Unlimited licensing model • Cross-platform compatibility • Based on IT-standard technologies • Scalable server-client architecture • Web-managed • Web-launched on desktop or mobile • Modular configurability • Rapid development and deployment
  • 7. Presenter Kevin McClusky Co-Director of Sales Engineering, Inductive Automation
  • 8. Disclaimer Cybersecurity is a deep and complex topic, and this webinar presents a general overview of the subject. It is not intended as comprehensive instruction or training on industrial control system security. It contains general, widely applicable guidelines about ICS security; however, because every organization is different, you should work with a security expert to make sure that your specific security needs are met.
  • 10. SCADA/ICS Security Basics Three laws of SCADA security: • Nothing is 100% secure. • All software can be hacked. • Every piece of information can be an attack. – From SCADA Security – What’s Broken and How to Fix It by Andrew Ginter
  • 11. SCADA/ICS Security Basics Who’s attacking our systems? • Insiders (corporate insiders & SCADA insiders) • Organized Crime • Hackers • Intelligence Agencies • Military
  • 12. SCADA/ICS Security Basics How are they attacking us? • Phishing - #1 attack vector for ICS - Spear phishing - In 2016, 30% of phishing messages were opened, up from 23% in 2015 • Malware & ransomware High-profile attacks: - WannaCry & Not Petya (2017) - Stuxnet (2010) • Weak authentication • SQL injection • Network scanning • Abuse of authority • Brute force • Rogue devices • Removable media
  • 13. Approaches to SCADA/ICS Security What can we do about it? • Keep it simple. Complexity doesn’t improve security. • Know your environment (which machines & software versions you have, your normal traffic level, etc.). • You can’t eliminate risk but you can mitigate risk. • Make it very difficult and expensive to pull off an attack.
  • 14. Approaches to SCADA/ICS Security IT Security • Software-based • Focus: detecting & responding to intrusion • Stakes: compromised or stolen data, system crashes, interruption, financial losses, etc. ICS Security • Hardware-based • Focus: preventing intrusion • Stakes: loss of life, environmental damage, economic impact Industrial organizations must focus on prevention while also implementing IT-class security measures in order to secure their control systems.
  • 17. Tools for Protecting Your Network Authentication • Username/password (Don’t use default passwords!) • User- and role-based security (Based on Principle of Least Privilege) • Biometrics (fingerprints, retina scans) • Public Key Infrastructure (PKI) • Key cards • USB tokens • Application security: role-based settings/permissions can be used to secure applications (clients, design environment, tags) • Database connection encryption • OPC UA connections
  • 18. Tools for Protecting Your Network Encryption (TLS/SSL/https) • Encrypts all data sent over HTTP • Protects against snooping & session hijacking • Can be used to protect the SCADA Gateway • Can be used with a VLAN to secure native device communication • Can be used to encrypt OPC UA communication • Can be used to help secure databases that support TLS/SSL
  • 19. Tools for Protecting Your Network Auditing • Record details about specific events • Track down who did what from where • Helpful in deterring attacks by SCADA insiders • Use audit logs, trails, profiles
  • 20. Tools for Protecting Your Network Ways to Protect Your Operating System: • Remove any unnecessary programs. • Keep OS patches & service packs up-to-date. • Disable remote services on Windows. • Set up firewalls to restrict network traffic; close all ports and only reopen ports that are necessary. • Set up firewalls on redundant servers. • If remote access is required, get a VPN device with good multi-factor authentication.
  • 21. Tools for Protecting Your Network Ways to Secure Your Device/PLC Connections: • Native device communication options: - Keep on a separate, private OT network - Network segmentation - VLAN with encryption - Set up routing rules - Use edge-of-network gateway as bridge between device & network • OPC UA and MQTT communication offers built-in security, and communications can be encrypted over TLS
  • 22. Tools for Protecting Your Network SCADA Network IT Network Unidirectional Gateway TX RX Interface Interface Unidirectional Gateways (data diodes) are an option for standalone networks with tight controls over what goes in and out.
  • 23. Tools for Protecting Your Network Physical Security: • Because control devices like PLCs cannot be locked down, it is essential to implement physical security measures, such as the following: - Badges & badge readers - Physical media controls (including laptops, phones, USB keys) - Video monitoring - Policies and training - Guards
  • 24. Security Hardening in Ignition • The following steps are intended to provide general guidance on how to set up and secure your Ignition installation • General suggestions regarding the hardware and network where Ignition is installed
  • 25. Security Hardening in Ignition Secure the Gateway • Change the Admin Password • Configure Access for the Gateway • Enable SSL - Acquire and install an SSL Certificate for Ignition, from a certificate authority (highly recommended)
  • 27. Security Hardening in Ignition Device, MQTT, and OPC Security • OPC UA Communication • Native Device Communication • MQTT
  • 28. Demo: Device, MQTT, and OPC Security
  • 29. Security Hardening in Ignition Use Security Zones • A Security Zone is a list of Gateways, Computers, or IP addresses that are defined and grouped together. • When zones are defined, you can place additional policies & restrictions on them. • Provides read-only and read/write access to specified locations. • Helps keep different areas of the business separate while allowing them to interconnect.
  • 31. Security Hardening in Ignition Define Application Security • Client Security • Designer Security • Tag Security • Named Queries
  • 33. Security Hardening in Ignition Set Up Audit Logging • Audit Profiles are simple to set up, and immediately start recording events. • Only tag writes, SQL UPDATE, SQL INSERT, and SQL DELETE statements are recorded. A time-stamp is also recorded.
  • 34. Demo: Setting Up Audit Logging
  • 35. Security Hardening in Ignition Protect the Database • Rather than using a database owner account such as root or sa, we recommend creating a separate user account with limited privileges for the database connection with the Ignition Gateway. • If your database supports TLS encryption, use it for the Ignition-to- database connection. • TLS can be enabled for databases running on different servers (follow the information for its JDBC driver and internal security settings).
  • 36. Security Hardening in Ignition Securing Java • Change Java security settings • Keep Java up-to-date
  • 37. Security Hardening in Ignition Securing Java Disable Java Plug-In in Web Browsers
  • 38. Security Hardening in Ignition Turning on the Firewall • Enable firewall for all traffic • Allow needed ports through
  • 40. Security Hardening in Ignition Active Directory and Authentication Services • Group Access and Disabling Auto Login • User Accounts • LDAP Protocol Security
  • 41. Demo: Active Directory & Authentication Services
  • 42. Security Hardening in Ignition Keep Ignition Up-to-Date • Software security requires constant effort and maintenance • Security updates are released periodically to ensure continued protection • Keeping up-to-date with updates is strongly recommended
  • 43.
  • 45.
  • 46.
  • 47. Questions & Comments Jim Meisler x227 Vannessa Garcia x231 Vivian Mudge x253 Account Executives Myron Hoertling x224 Shane Miller x218 Ramin Rofagha x251 Maria Chinappi x264 Dan Domerofski x273 Lester Ares x214 Melanie Hottman Director of Sales: 800-266-7798 x247 Jeff Osterback x207 Kevin McClusky Co-Director of Sales Engineering: x237 kmcclusky@inductiveautomation.com