3. Cyber Attacks & Cyber Threats:
Underlying Premises
Global automation
Mass implementation of typical ICS
Internet used as communication channel
Integration of ICS with ERP and MES
Development of remote monitoring systems
Service business model come to industrial
Industry 4.0
IoT
Politics
3
4. 4
Industry 4.0
“85% of responding
companies will have
implemented industry
4.0 technologies in
their key areas by
2020” (Source: PwC)
The capacity is used up
till Monday
I must be at the
output in 2 hours
I am filling the
pallet
Fill the pallet
Few on stock
Drill hole
overrange
New product order:
500 pcs till Dec
Deliver 100 pcs in
2 days
Traffic jam ETA is
2 pm
New CNC program
installed on machine „X“
I perform the main-
tenance of machine „X“
Machine „X“ needs
maintenance
Quality Control Management
Storage Location
Technical SupportSupplier
Engineering department
5. -
5
Industry and Cyber Security
“By 2020, the number of connected industrial devices will
triple”
“The underlying concept of Industry 4.0 is to connect
embedded systems and smart production facilities to generate
a digital convergence between industry, smart production
facilities to generate a digital convergence between industry,
business and internal functions and processes”
7. 7
Cyber Attack Examples
“The target for Dragonfly is the
intellectual property of
pharmaceutical organizations”,
September 2014
Target pharmaceutical
facilities
Remote access Trojan
Phishing software attachment
8. 8
Cyber Attack Examples
Ukrainian power blackout
that affected 700k homes,
production plants in January
2016
Target Ukrainian electric
utilities MS Office
documents/Marcos SCADA
System Manipulation
Shutdown of power plant,
complex restart procedure
Source: The Telegraph
15. -
IoT Attacks
15
“In the future, intelligence services might use the
internet of things for identification, surveillance,
monitoring, location tracking, […] ”
James Clapper, director of US national intelligence
Source: https://www.theguardian.com/technology/2016/feb/09/internet-of-things-smart-home-devices-government-surveillance-james-clapper
16. 16
ERP, MES Enterprise resource planning systems
Manufacturing execution systems
Top level
of ICS
SCADA/HMI
Operator’s workstation
Control and monitoring centers
Controller
level
PLC
Smart device
Remote Terminal Unit (RTU)
Field
level
Sensor
Actuator
Industrial Control Systems
Structure
17. 17
Particularity of ICS
Operating conditions:
Temperatures
Vibration
Dust and damp-proof
equipment
Computational environment:
Limited computational resources
Proprietary software
Low-maintenance systems
High mean time between failures
Connections:
Industrial interfaces other than
Ethernet
Industrial protocols
Real-time
Equipment specifications:
Power supply other than 220V
Limited capacity
Limited space
Limited accessibility
INDUSTRIAL CONTROL SYSTEM
18. Complete, Multi-Layer Security for
Industrial Systems and the Extended Enterprise
Quality Management
Administration Logistics
Maintenance & Service
19. ViPNet Coordinator IG:
Typical Scenarios
19
Security integration to ICS with ERP and MES
OPC-Server
SCADA Server
ViPNet HW
ERP Server
Workstation
Workstation
HMI Station
PLC
PLC
PLC
ViPNet IG
ViPNet IG
ViPNet IG
Administrator
ViPNet HW
20. ViPNet Coordinator IG Application (with security)
20
ViPNet VPN
HMI computers
Administrator
Engineering
Workstation
Telemetry Server
ViPNet HW1000
Communication
Service Provider
ViPNet VPN
RS-485-IEC 60870-5-101
RS-485-IEC 60870-5-101
Multifunctional Power Meter
Protective relaying and automation
Digital relay Digital relay
Electricity metering
Electricity meter
RS-485
ViPNet
Coordinator IG
Industrial Telemetry System
Transmission Substation
Distribution Substation
Media Converter
Ethernet / RS-485