This document provides an overview of SCADA (Supervisory Control and Data Acquisition) security challenges and strategies. It describes common SCADA system components and functionality. It then discusses increasing cyber threats to SCADA systems from sources like hostile governments and employees. The document outlines various physical and cyber vulnerabilities in SCADA systems and components. It recommends security standards from organizations like NIST, ISA, and NERC to help mitigate risks. The document also provides guidelines on physical asset security and cybersecurity strategies.
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
The document discusses various industrial control system protocols including Modbus, DNP3, PROFINET DCP, IEC 61850-8-1, and IEC 61870-5-101/104. It describes their functions, security issues like lack of authentication and encryption, and available tools for analyzing the protocols. The speaker is a penetration tester who researches SCADA security and protocols.
Presented: September 21, 2017
At: CS2AI, Washington, DC
A decade ago, ISA99 published the first standard in what is now the ISA/IEC 62443 series. Since then, the series has coalesced into the current form consisting of 13 individual documents in various stages of completion, publication, and/or revision. Printing out all of the existing standards and drafts can easily use up more than a ream of paper. It can be a daunting task to try to apply it to an organization. So, what are you supposed to do? How are you supposed to proceed? In this talk, I’ll go over some of the lessons I’ve learned from helping customers develop and evaluate security programs within their organization.
Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).
The document discusses security operation centers (SOCs) and their functions. It describes what a SOC is and its main purpose of monitoring, preventing, detecting, investigating and responding to cyber threats. It outlines the typical roles in a SOC including tier 1, 2 and 3 analysts and security engineers. It also discusses the common tools, skills needed for each role, and types of SOCs such as dedicated, distributed, multifunctional and virtual SOCs.
Operational technology (OT) and information technology (IT) security protect devices, networks, systems, and users. Cybersecurity has long been critical in IT and helps organizations keep sensitive data safe, ensure users connect to the internet securely, and detect and prevent potential cyberattacks.
This document discusses ICS/SCADA cybersecurity. It introduces the speaker as a security enthusiast with 2 years of ICS experience. It then provides commands to list and view ICS files. The document defines ICS components like sensors, actuators, PLCs, HMIs, and data historians. It lists resources for ICS security training and trends.
Industrial control systems (ICS) are used to control industrial processes and manufacturing equipment. They face unique security challenges compared to traditional IT systems due to their real-time operation and custom hardware and software. This document discusses several past ICS cyber attacks and identifies vulnerabilities in ICS security architecture, configuration management, patch management, and change testing. Proper ICS security requires a cross-functional team approach and careful management of the specialized ICS environment.
The document discusses SCADA (Supervisory Control and Data Acquisition) systems which are used to remotely monitor and control critical infrastructure like power plants, oil and gas pipelines, and water treatment facilities. It outlines some security issues with SCADA including that these systems have been of interest to terrorists and nation-states due to their ability to disrupt important systems, and that insiders and simple attacks could also potentially target vulnerable SCADA networks.
SOC and SIEM systems can help organizations detect and respond to security incidents and threats in a timely manner. A SOC acts as a security operations center to monitor, analyze, and respond to cybersecurity incidents. SIEM provides real-time analysis of security alerts and events to help identify potential threats. Implementing SOC and SIEM solutions can improve an organization's security posture through early threat detection, compliance with regulations, and reduced breach impact.
Dragos S4x20: How to Build an OT Security Operations CenterDragos, Inc.
Senior Director of Business Development, Matt Cowell's, S4x20 presentation details how to build an effective OT security operations center and the tools and skills needed.
In today’s connected world, cyber security is a topic that nobody can afford to ignore. In recent years the number and frequency of attacks on industrial devices and other critical infrastructure has risen dramatically. Recent news stories about hackers shutting down critical infrastructure have left many companies wondering if they are vulnerable to similar attacks. In this webinar we will discuss the most common security threats and unique challenges in securing industrial networks. We will introduce the current standards and share some useful resources and best practices for addressing industrial cyber security.
Key Takeaways:
1. Gain perspective regarding common security threats facing industrial networks.
2. Learn about the relevant standards governing industrial cyber security.
3. Increase understanding of some best practices for securing industrial networks.
ICS (Industrial Control System) Cybersecurity TrainingTonex
ICS Cybersecurity training is intended for security professionals and control system designs in order to give them propelled cybersecurity aptitudes and learning in order to ensure the Industrial Control System (ICS) and keep their mechanical task condition secure against digital dangers.
Audience:
Control engineers, integrators and architects
System administrators, engineers
Information Technology (IT) professionals
Security Consultants
Managers who are responsible for ICS
Researchers and analysts working on ICS security
Vendors, Executives and managers
Information technology professionals, security engineers, security analysts, policy analysts
Investors and contractors
Technicians, operators, and maintenance personnel
Price: $3,999.00 Length: 4 Days
Training Objectives:
Understand fundamentals of Industrial Control Systems (ICS)
Recognize the security architecture for ICS
Identify different kinds of vulnerabilities in ICS network, remote devices, software, or control servers
Learn about active defense and incident response for ICS
Learn the essentials for NERC Critical Infrastructure Protection (CIP)
Understand policies and procedures for NERC critical infrastructure protection (CIP)
List strategies for NERC CIP version 5/6
Apply risk management techniques to ICS
Describe ICS Active Defense and Incident Response
Describe techniques for defending against the new ICS threat matrix
Assess and audit risks for ICS
Apply IEC standard to network and system security of ICS
Implement the ICS security program step by step
Protect the ICS network from vulnerabilities
Understand different types of servers in ICS and protect them against attacks
Apply security standards to SCADA systems based on NIST SP 800-82
Detect different types of attacks to SCADA systems
Tackle all the security challenges related to ICS cybersecurity
Training Outline:
ICS Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need:
Fundamentals of Industrial Control Systems (ICS)
ICS Security Architecture
Common ICS Vulnerabilities
ICS Threat Intelligence
NERC Critical Infrastructure Protection (CIP)
Risk Management and Risk Assessment
ICS Auditing and Assessment
IEC 62443: Network and System Security for ICS
Implementation of ICS Security Program Development
ICS Incident Response
Network Protection for ICS
ICS Server Protection
SCADA Security Policies and Standards
Detection of Cyber Attacks on SCADA Systems
Our instructors at Tonex will assist you with mastering every one of the ICS Cybersecurity plan strategies by presenting the hazard administration framework, chance evaluation methods, episode reaction, constant monitoring, SCADA security change, and network security approaches for ICS.
ICS Cyber security Training
https://www.tonex.com/training-courses/ics-cybersecurity-training/
DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh
This document discusses building a cyber security operations center (CSOC). It covers the need for a CSOC, its core components including security information and event management (SIEM), and integrating components like monitoring, alerting, and reporting. Key aspects that are important for a successful CSOC are people, processes, and technology. The roles and skills required for people in the CSOC and training needs are outlined. Developing standardized processes, procedures and workflows that align with frameworks like ISO are also discussed.
The CIA Triad - Assurance on Information SecurityBharath Rao
Confidentiality, Integrity and Availability of Data are the basis for providing assurance on IS Security. This document gives a small overview of the impact of confidentiality, integrity and availability on the data and the need of securing the CIA.
Information security involves protecting information and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The key aspects of information security are confidentiality, integrity, and availability. Risk management is the process of identifying threats and vulnerabilities, calculating impact, and implementing appropriate controls. Controls can be administrative, logical, or physical. Information security also includes security classification, change management, governance, incident response plans, and compliance with laws and regulations.
Talking about Next-Gen Security Operation Center for IDNIC+APJII as representative from IDSECCONF. People-Centric SOC requires lot of investment on human in terms of quantity and quality, unfortunately, (good) IT security people are getting rare these days. Organisation need to put their investments more on technology, as in Industry 4.0, machines are getting more advanced to support Human on doing continuous and repetitive task.
Moving from “traditional” to next-gen SOC require proper plan, thats what this talk was about.
The document provides information on vulnerability assessment and penetration testing. It defines vulnerability assessment as a systematic approach to finding security issues in a network or system through manual and automated scanning. Penetration testing involves exploring and exploiting any vulnerabilities that are found to confirm their existence and potential damage. The document outlines the types of testing as blackbox, graybox, and whitebox. It also lists some common tools used for testing like Nmap, ZAP, Nikto, WPScan, and HostedScan. Finally, it provides examples of specific vulnerabilities found and their solutions, such as outdated themes/plugins, backup files being accessible, and SQL injection issues.
The Nozomi Networks solution improves ICS cyber resiliency and provides real-time operational visibility. Major customers have improved reliability, cybersecurity and operational efficiency using our technology. Learn more about our solutions and technology here and how they can bring immediate benefit to your industrial control system (ICS)
Secure Systems Security and ISA99- IEC62443Yokogawa1
With the new Industrial Network standards like ISA-IEC62443 companies are evolving their IT and OT networks to face evolving threats. This presentation will cover industrial networking best practices, secure architectures and segregation techniques that can be used by all businesses to prevent a minor business network breach from becoming an industrial catastrophe.
Topics Covered in this Seminar Include:
Overview Of Cyber Threat
Introduction - ISA IEC Industrial Control Security Standards
An Example - Advanced Persistent Threat (APT)
ISA/IEC 62443-3-2 Network Separation - An APT countermeasure
The next step in APT defenses System Certification to ISA/IEC 62443 Cybersecurity Standards
ISA/IEC 62443 Cybersecurity Standards Current Efforts
The Future of ISA/IEC 62443 Cybersecurity Standards
This Edureka PPT on "Application Security" will help you understand what application security is and measures taken to improve the security of an application often by finding, fixing and preventing security vulnerabilities.
Following are the topics covered in this PPT:
Introduction to Cybersecurity
What is Application Security?
What is an SQL Injection attack
Demo on SQL Injection
Follow us to never miss an update in the future.
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Note on T&T Issues in GM and MCGM's Initiatives and Policies_13th Jan 2015_V3Abhinav miryala
The document summarizes traffic and transportation issues in the Greater Mumbai region and initiatives by the Municipal Corporation of Greater Mumbai (MCGM) to address these issues. Some key points:
- Greater Mumbai has a high population density and limited land area, contributing to traffic congestion issues. MCGM has implemented various infrastructure projects like the Area Traffic Control System and is developing plans like the Coastal Road Project and Comprehensive Mobility Plan.
- The Comprehensive Mobility Plan assesses transportation needs up to 2034 and recommends strategies across all modes of transport to improve mobility. This includes improving public transport, expanding road and parking infrastructure, and promoting walking and cycling.
- MCGM has also formulated
O documento descreve a revista CARAS, que completa 20 anos no Brasil em 2013. Ela é a maior revista de entretenimento da América Latina, com mais de 4 milhões de leitores semanais no Brasil. A revista é multiplataforma e tem forte presença digital. Ela realiza eventos exclusivos para um público de alto poder aquisitivo.
Um desses eventos é o Castelo de CARAS, que acontece em um castelo luxuoso nos arredores de Nova York e recebe celebridades. Neste evento de 20 anos da CARAS
Los extravagantes zapatos de tacón de lady gagasilviab01
Lady Gaga es conocida por sus excéntricos atuendos que incluyen zapatos de tacón altos, a pesar de las advertencias de médicos y fans sobre los riesgos de lesiones que esto conlleva. Mientras que ella se siente cómoda con este estilo, expertos advierten que el uso continuado de tacones altos puede causar daños a los tobillos y una mayor probabilidad de problemas de rodillas, caderas y espalda a una edad avanzada.
Tão tradicional quanto a festa da Feijoada do Cacau, que ocorre no Sábado de Carnaval, é o Caderno Aconteceu do DC, que faz um resumo de tudo o que aconteceu na festa, mostrando todas as presenças ilustres que prestigiaram o evento.
É uma ótima oportunidade para a exposição de sua marca, com possibilidades de aproveitamento no impresso e digital!
This document provides an overview of Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems (ICS), including fundamentals, evolution over time, vulnerabilities, security frameworks, good practices, and resources. It defines SCADA/ICS, describes how they have become more interconnected, lists vulnerabilities like outdated systems and remote access, outlines security standards like NIST and NERC, recommends practices like segmentation and patching, and provides example frameworks and resources.
The document discusses cybersecurity challenges related to IoT. It outlines several security incidents involving IoT devices over time. It then discusses inherent security challenges for IoT, including threats from advanced persistent threats, cyber terrorism, and compromised supply chains. The document also summarizes statistics on IoT security concerns and vulnerabilities. It identifies top vulnerabilities according to OWASP and discusses how to secure IoT in different domains like smart cities and homes.
Robust Cyber Security for Power UtilitiesNir Cohen
The security of critical networks is at the center of attention of industry and government regulators alike. Check Point and RAD offer a joint end-to-end cyber security solution that protects any utility operational technology (OT) network by eliminating RTU and SCADA equipment vulnerabilities, as well as defends against cyber-attacks on the network’s control and data planes. This solution brief explains how the joint solution enables compliance with NERC-CIP directives, provides deep visibility and control of ICS/SCADA communications, and allows secure remote access into OT networks.
The document discusses cybersecurity issues related to critical infrastructure sectors. It notes that there are 16 critical infrastructure sectors designated by the US Department of Homeland Security that are vital to national security and safety. These sectors include chemical, communications, dams, emergency services, financial services, government facilities, information technology, transportation, and others. The document expresses concern about the lack of security for industrial control systems and SCADA systems that monitor and control critical infrastructure. It provides examples of past cyber attacks on these systems and notes that the majority of attacks in 2014 targeted advanced persistent threats. The document concludes that as industrial systems increasingly connect to the internet and migrate to web-based interfaces, they represent an growing security risk due to vulnerabilities.
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...TI Safe
Shad Harris is a senior subject matter expert at Symantec who has experience securing operational technologies (OT) from cyber threats. The document discusses two examples where OT systems were compromised - the 2007 Aurora Generator Test that caused a generator to explode, and a 2015 event in Ukraine where hackers cut power to over 225,000 customers. It then summarizes Symantec's SCADA protection solution, which provides visibility into OT networks through packet capture and anomaly detection of industrial protocols like Modbus and DNP3. The solution also analyzes malware targeting Windows control systems. The document emphasizes that comprehensive network monitoring and malware analysis work best together to secure both IT and OT systems from internal and external threats.
Securing Critical Iot Infrastructure, IoT Israel 2014iotisrael
This document discusses NextNine's centralized OT security management solution for distributed ICS/SCADA environments. It provides an overview of NextNine's experience in industrial cybersecurity, describes some notable industrial cyber attacks that have occurred, and outlines the challenges of securing multi-site ICS/SCADA environments. The document also presents NextNine's solution for centralized OT security management across distributed systems through a virtual security engine and security center.
The session with highlight Intel’s vision for IoT Security and the fundamental building blocks and capabilities Intel and the ecosystem are providing to organizations to build security in from design through deployment and maintenance.
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
This document discusses security concerns in industrial control systems. It provides an overview of industrial control systems (ICS) and SCADA systems, which are widely used to control infrastructure systems. It outlines several vulnerabilities in ICS, including issues with legacy systems not being designed with modern cybersecurity threats in mind. Specific threats like zero-day vulnerabilities, non-prioritized tasks, and database/communication protocol issues are examined. The conclusion states that additional digital security techniques are needed to protect critical infrastructure control systems.
Wireless data hacking, a form of hacking that can remotely gain control of a server via RF by planting spy chips or unauthorized devices directly to the server.
WDSS is able to detect and defend against all RF attacks in real-time scans the entire frequency every second for anomalies.
This document discusses trends in threats to SCADA (Supervisory Control and Data Acquisition) systems. It notes that as SCADA systems increasingly use commercial off-the-shelf software and connect to the internet, they have become more vulnerable to cyber threats. The document outlines how SCADA systems work and components like RTUs, PLCs, and HMIs. It also discusses issues like the mistaken belief that SCADA systems are secure due to physical security or isolation from the internet. The conclusion suggests that as capabilities and opportunities for threats increase, the future operational environment will be more vulnerable if an actor emerges with the intent to cause harm.
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
SCADA systems control some of the most vital infrastructure in industrial and energy sectors, from oil and gas pipelines to nuclear facilities to water treatment plants.
Critical infrastructure is defined as the physical and IT assets, networks and services that if disrupted or destroyed would have a serious impact on the health, security, or economic wellbeing of citizens and the efficient functioning of a country’s government.
This seminar discusses cyber security for substation automation systems. It provides an overview of SCADA systems, their components and common vulnerabilities. Recent cases of cyber threats to power systems are described. A systematic approach to enhance cyber security is discussed, including standards to follow, types of threats, and key substation requirements. Common technologies for cyber security are covered, such as AAA protocols, SNMPv3, RADIUS, TACACS, SSH, firewalls, gateways and VPNs. The presentation concludes that cyber security tools help protect data and maintain reliability and safety in substation control systems.
The document discusses cyber security challenges for industrial control systems (ICS) and SCADA networks. As ICS were connected to networks and the internet, it increased opportunities for remote hacking and destruction. The disconnect between traditional IT security practices and operational needs of ICS led to vulnerabilities. Common security strategies like network isolation are no longer effective due to widespread connectivity. Recent attacks have shown that hackers can compromise ICS equipment directly and cause physical damage. The document argues industry must adopt new security technologies and policies tailored for ICS in order to address growing threats.
CLASS 2018 - Palestra de Julio Oliveira (Gerente de Tecnologia, Power Grids G...TI Safe
- The document discusses challenges facing utilities such as aging infrastructure, workforce transitions, reliability pressures, and increasing cyber security threats. It also covers opportunities from digital substation technologies including process bus, cyber security features, teleprotection, phasor measurement units, and wireless communication.
- The presentation discusses definitions of cyber security for utilities and common vulnerabilities in protection and control systems like default passwords, heterogeneous networks, and penetration testing tools. It also summarizes Abb Power Grid's approach to cyber security including secure architectures, product hardening, and lifecycle security services.
- Specific cyber security features for Abb's digital substations are explained including protocol hardening, role-based access control, security event logging, and configuration guidelines for hardening
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Unblocking The Main Thread - Solving ANRs and Frozen FramesSinan KOZAK
In the realm of Android development, the main thread is our stage, but too often, it becomes a battleground where performance issues arise, leading to ANRS, frozen frames, and sluggish Uls. As we strive for excellence in user experience, understanding and optimizing the main thread becomes essential to prevent these common perforrmance bottlenecks. We have strategies and best practices for keeping the main thread uncluttered. We'll examine the root causes of performance issues and techniques for monitoring and improving main thread health as wel as app performance. In this talk, participants will walk away with practical knowledge on enhancing app performance by mastering the main thread. We'll share proven approaches to eliminate real-life ANRS and frozen frames to build apps that deliver butter smooth experience.
Conservation of Taksar through Economic RegenerationPriyankaKarn3
This was our 9th Sem Design Studio Project, introduced as Conservation of Taksar Bazar, Bhojpur, an ancient city famous for Taksar- Making Coins. Taksar Bazaar has a civilization of Newars shifted from Patan, with huge socio-economic and cultural significance having a settlement of about 300 years. But in the present scenario, Taksar Bazar has lost its charm and importance, due to various reasons like, migration, unemployment, shift of economic activities to Bhojpur and many more. The scenario was so pityful that when we went to make inventories, take survey and study the site, the people and the context, we barely found any youth of our age! Many houses were vacant, the earthquake devasted and ruined heritages.
Conservation of those heritages, ancient marvels,a nd history was in dire need, so we proposed the Conservation of Taksar through economic regeneration because the lack of economy was the main reason for the people to leave the settlement and the reason for the overall declination.
Understanding Cybersecurity Breaches: Causes, Consequences, and PreventionBert Blevins
Cybersecurity breaches are a growing threat in today’s interconnected digital landscape, affecting individuals, businesses, and governments alike. These breaches compromise sensitive information and erode trust in online services and systems. Understanding the causes, consequences, and prevention strategies of cybersecurity breaches is crucial to protect against these pervasive risks.
Cybersecurity breaches refer to unauthorized access, manipulation, or destruction of digital information or systems. They can occur through various means such as malware, phishing attacks, insider threats, and vulnerabilities in software or hardware. Once a breach happens, cybercriminals can exploit the compromised data for financial gain, espionage, or sabotage. Causes of breaches include software and hardware vulnerabilities, phishing attacks, insider threats, weak passwords, and a lack of security awareness.
The consequences of cybersecurity breaches are severe. Financial loss is a significant impact, as organizations face theft of funds, legal fees, and repair costs. Breaches also damage reputations, leading to a loss of trust among customers, partners, and stakeholders. Regulatory penalties are another consequence, with hefty fines imposed for non-compliance with data protection regulations. Intellectual property theft undermines innovation and competitiveness, while disruptions of critical services like healthcare and utilities impact public safety and well-being.
Social media management system project report.pdfKamal Acharya
The project "Social Media Platform in Object-Oriented Modeling" aims to design
and model a robust and scalable social media platform using object-oriented
modeling principles. In the age of digital communication, social media platforms
have become indispensable for connecting people, sharing content, and fostering
online communities. However, their complex nature requires meticulous planning
and organization.This project addresses the challenge of creating a feature-rich and
user-friendly social media platform by applying key object-oriented modeling
concepts. It entails the identification and definition of essential objects such as
"User," "Post," "Comment," and "Notification," each encapsulating specific
attributes and behaviors. Relationships between these objects, such as friendships,
content interactions, and notifications, are meticulously established.The project
emphasizes encapsulation to maintain data integrity, inheritance for shared behaviors
among objects, and polymorphism for flexible content handling. Use case diagrams
depict user interactions, while sequence diagrams showcase the flow of interactions
during critical scenarios. Class diagrams provide an overarching view of the system's
architecture, including classes, attributes, and methods .By undertaking this project,
we aim to create a modular, maintainable, and user-centric social media platform that
adheres to best practices in object-oriented modeling. Such a platform will offer users
a seamless and secure online social experience while facilitating future enhancements
and adaptability to changing user needs.
Response & Safe AI at Summer School of AI at IIITHIIIT Hyderabad
Talk covering Guardrails , Jailbreak, What is an alignment problem? RLHF, EU AI Act, Machine & Graph unlearning, Bias, Inconsistency, Probing, Interpretability, Bias
Exploring Deep Learning Models for Image Recognition: A Comparative Reviewsipij
Image recognition, which comes under Artificial Intelligence (AI) is a critical aspect of computer vision,
enabling computers or other computing devices to identify and categorize objects within images. Among
numerous fields of life, food processing is an important area, in which image processing plays a vital role,
both for producers and consumers. This study focuses on the binary classification of strawberries, where
images are sorted into one of two categories. We Utilized a dataset of strawberry images for this study; we
aim to determine the effectiveness of different models in identifying whether an image contains
strawberries. This research has practical applications in fields such as agriculture and quality control. We
compared various popular deep learning models, including MobileNetV2, Convolutional Neural Networks
(CNN), and DenseNet121, for binary classification of strawberry images. The accuracy achieved by
MobileNetV2 is 96.7%, CNN is 99.8%, and DenseNet121 is 93.6%. Through rigorous testing and analysis,
our results demonstrate that CNN outperforms the other models in this task. In the future, the deep
learning models can be evaluated on a richer and larger number of images (datasets) for better/improved
results.
Natural Is The Best: Model-Agnostic Code Simplification for Pre-trained Large...YanKing2
Pre-trained Large Language Models (LLM) have achieved remarkable successes in several domains. However, code-oriented LLMs are often heavy in computational complexity, and quadratically with the length of the input code sequence. Toward simplifying the input program of an LLM, the state-of-the-art approach has the strategies to filter the input code tokens based on the attention scores given by the LLM. The decision to simplify the input program should not rely on the attention patterns of an LLM, as these patterns are influenced by both the model architecture and the pre-training dataset. Since the model and dataset are part of the solution domain, not the problem domain where the input program belongs, the outcome may differ when the model is trained on a different dataset. We propose SlimCode, a model-agnostic code simplification solution for LLMs that depends on the nature of input code tokens. As an empirical study on the LLMs including CodeBERT, CodeT5, and GPT-4 for two main tasks: code search and summarization. We reported that 1) the reduction ratio of code has a linear-like relation with the saving ratio on training time, 2) the impact of categorized tokens on code simplification can vary significantly, 3) the impact of categorized tokens on code simplification is task-specific but model-agnostic, and 4) the above findings hold for the paradigm–prompt engineering and interactive in-context learning and this study can save reduce the cost of invoking GPT-4 by 24%per API query. Importantly, SlimCode simplifies the input code with its greedy strategy and can obtain at most 133 times faster than the state-of-the-art technique with a significant improvement. This paper calls for a new direction on code-based, model-agnostic code simplification solutions to further empower LLMs.
How to Manage Internal Notes in Odoo 17 POSCeline George
In this slide, we'll explore how to leverage internal notes within Odoo 17 POS to enhance communication and streamline operations. Internal notes provide a platform for staff to exchange crucial information regarding orders, customers, or specific tasks, all while remaining invisible to the customer. This fosters improved collaboration and ensures everyone on the team is on the same page.
A brand new catalog for the 2024 edition of IWISS. We have enriched our product range and have more innovations in electrician tools, plumbing tools, wire rope tools and banding tools. Let's explore together!
1. 3/10/2016
1
SCADA Security
Challenges & Strategies
Jeffrey Wang, P. Eng.
2016, Oshawa
Acronym
ICS: Industrial Control System
DCS: Distributed Control System
SCADA: Supervisory Control and Data Acquisition
PLC: Programmable Logic Controller
RTU: Remote Terminal Unit
HMI: Human Machine Interface
TCP/IP: Transmission Control Protocol/Internet Protocol
IDS: Intrusion Detection System
COTS: Commercial off-the-shelf
ACL: Access Control List
DMZ: Demilitarized Zone
WAN: Wide Area Network
LAN: Local Area Network
Page 2 Securing SCADA prepared by Jeffrey Wang
2. 3/10/2016
2
Content
Overview
Cyber Threats and Vulnerabilities
Security Challenges
Mitigation Strategies
References
Page 3 Securing SCADA prepared by Jeffrey Wang
Overview
SCADA system
Overview
SCADA System Components
SCADA System Functionality
Page 4 Securing SCADA prepared by Jeffrey Wang
3. 3/10/2016
3
SCADA System - Overview
SCADA is an acronym for Supervisory Control and Data Acquisition.
SCADA is an Industrial control system (ICS).
Page 5 Securing SCADA prepared by Jeffrey Wang
SCADA System - Components
Typically SCADA system include the following components:
RTU (Remote Terminal Unit)
PLC (Programmable Logic Controller)
HMI (Human Machine Interface)
Field devices (Actuators and Sensors)
WAN(Wide Area Network): Wireless/RF communication devices
LAN (Local Area Network): Router and Switches
Centralized Server
Database Server (Data Historian)
Page 6 Securing SCADA prepared by Jeffrey Wang
4. 3/10/2016
4
SCADA System - Functionality
Major functions of SCADA system including:
Field devices control via local or remote working mode
Collect field data and transmit to central control server via WAN network
Monitor processing and/or control field devices via HMI
Manage database for tracking and management analysis
Page 7 Securing SCADA prepared by Jeffrey Wang
SCADA System - Critical infrastructure
SCADA systems are critical national infrastructures
Canadian Critical infrastructure within the 10 sectors listed below:
• Energy and utilities
• Finance
• Food
• Transportation
• Government
• Information and communication technology
• Health
• Water
• Safety
• Manufacturing
Page 8 Securing SCADA prepared by Jeffrey Wang
5. 3/10/2016
5
SCADA System - Tasks
SCADA system simply performs four tasks:
Data Acquisition
Data Communication
Data Monitor and Control
Data Historian
Page 9 Securing SCADA prepared by Jeffrey Wang
Data
Communication
Data
Acquisition
Data
Monitor & Control
Why securing SCADA system ?
Why?
IP-based technologies
Internet of Thing (IoT)
Cloud computing
Mobile computing
Threats growing (Cyber threats source refers to From Homeland Security ICS-CERT)
Hostile governments
Terrorist groups
Disgruntled employees
Malicious intruders.
GAO Threat Table (Source: GAO-Government Accountability Office)
Vulnerabilities increasing
Alerts (From ICS-CERT for control system/Government /Home & Business)
Alerts provide timely notification to critical infrastructure owners and
operators concerning threats to critical infrastructure networks.
Be proactive for potential cyber- attack to SCADA system
Page 10 Securing SCADA prepared by Jeffrey Wang
6. 3/10/2016
6
Vulnerabilities
Physical Vulnerabilities
Cyber Vulnerabilities
Page 11 Securing SCADA prepared by Jeffrey Wang
Vulnerabilities –ICS-CERT Alerts
Industrial Control Systems Cyber Emergency Response Team(ICS-CERT )
Publish cyber security alerts to three categories:
• Control System Users
• Government Users
• Home and Business
Examples:
ICS-ALERT-15-225-02A : Rockwell Automation 1766-L32 Series Vulnerability (Update A)
ICS-ALERT-11-204-01B : Siemens S7-300_S7-400 Hardcoded Credentials (Update B)
ICS-ALERT-12-097-02A : 3S CoDeSys Improper Access Control (Update A)
ICS-ALERT-11-256-06 : Beckhoff TwinCAT Vulnerability
ICS-ALERT-12-020-07A : WAGO IO 750 Vulnerabilities (Update A)
ICS-ALERT-12-136-01 : Wonderware SuiteLink Unallocated Unicode String
ICS-ALERT-12-020-02A : Rockwell Automation ControlLogix PLC Vulnerabilities (Update A)
ICS-ALERT-11-332-02A : Siemens SIMATIC WinCC Flexible (Update A)
ICS-ALERT-11-256-05A : Rockwell Automation RSLogix Overflow Vulnerability (UPDATE A)
Source: ICS-CERT Alerts: https://ics-cert.us-cert.gov/alerts
Page 12 Securing SCADA prepared by Jeffrey Wang
7. 3/10/2016
7
Physical Vulnerabilities
Common Physical Vulnerabilities:
Inadequate policies, procedures, and culture governing control system security
Inadequately designed networks with insufficient defense-in-depth
Remote access without appropriate access control
Separate auditable administration mechanisms
Inadequately secured wireless communication
Use of a non-dedicated communications channel for command and control
Lack of easy tools to detect/report anomalous activity
Installation of inappropriate applications on critical host computers
Inadequately scrutinized control system software
Unauthenticated command and control data.
Page 13 Securing SCADA prepared by Jeffrey Wang
Cyber Vulnerabilities
Common Cyber Vulnerabilities including:
Operating System Vulnerabilities
Interconnections
Open Source / Public Information
Authentication
Remote access
Monitoring and Defenses
Wireless access
SCADA/SQL/PLC Software
Page 14 Securing SCADA prepared by Jeffrey Wang
8. 3/10/2016
8
Cyber Vulnerabilities
Cyber Vulnerabilities in details:
Un-patched published vulnerabilities
Web-based HMI vulnerabilities
Improper authentication
Improper access control (authorization)
Buffer overflow in SCADA services
SCADA data and command message manipulation and injection
SQL injection
insecure protocols
unprotected transport of SCADA application credentials
Standard IT protocols with pain-text authentication
Page 15 Securing SCADA prepared by Jeffrey Wang
Vulnerabilities – Allen-Bradly/Rockwell PLC
Web-based access with default user ID and password
AB SLC505
AB Micrologix PLC
AB CompactLogix
Page 16 Securing SCADA prepared by Jeffrey Wang
9. 3/10/2016
9
Vulnerabilities – Unprotected Authentication
MicroLogix 1400, It is easy to access with administrator and default password
Page 17 Securing SCADA prepared by Jeffrey Wang
Vulnerabilities – Access with Default ID & Password
Intruder can change access permission once granted access control.
Default IDs( administrator, and default passwords
Page 18 Securing SCADA prepared by Jeffrey Wang
10. 3/10/2016
10
Vulnerabilities – Supervisory Control
Supervisory control: Write/Read memory block or disable the device
Page 19 Securing SCADA prepared by Jeffrey Wang
Cyber Attack - STUXNET
STUXNET: the most famous cyber attack by United States and Israel.
STUXNET worm was at first identified by a Belarus company VirusBlokAda in mid-
June 2010.
Physical Impact:
Sabotaging 1000 centrifuges at Iran’s Natanz nuclear plant
Stuxnet worm – now every hacker in the world knows about PLCs, HMIs
and the opportunities to attack them.
The Windows operating system
Siemens SIMATIC Step 7 and WinCC
Siemens S7 – 300/400 PLCs
S7-315-2/S7-417
USB flash memory
Zero-Day via Windows OS
DB memory block in PLC
Page 20 Securing SCADA prepared by Jeffrey Wang
11. 3/10/2016
11
Cyber Attack - Insider
Insider hacks into sewage treatment plant
Queensland, Australia (2000) Disgruntled employee Vitek Boden hacks into
sewage system via WiFi from the company’s Parking lot and releases over a
million liters of raw sewage into the coastal waters.
Physical Impact”
Intruder controlled about 150 pump stations near three months
Released about 1 million litre of raw sewage into nearby rivers and parks.
Tools: Laptop, radio and wireless access
Page 21 Securing SCADA prepared by Jeffrey Wang
Security Challenges
Page 23 Securing SCADA prepared by Jeffrey Wang
12. 3/10/2016
12
SCADA Security Challenges
Vulnerable operating system (OS) and applications in SCADA system are from
commercial off-the –shelf (COTS) including Linux, Mac OS, Windows and
embedded PLC OS (VxWorks);
Most industrial control network connected to corporation network with Internet
access. Especially IP-based technologies. Such as Wireless, IoT (Internet of
Things), Cloud computing, Mobile computing and smart metering;
Unsecure legacy system and devices are still widely used in SCADA system. No
updated firmware available , no patching. They are transparent to control
professional;
Open source communication protocols (Modbus, DNP3, IEC 61850,Ethernet/IP)
were not designed with security in mind and lack basic authorization features;
There are numerous unpatched and unpatchable systems;
Lack of remote access authentication, weak or default password;
Lack of physical security protection
.
Page 23 Securing SCADA prepared by Jeffrey Wang
Security Standards
• Security Standards
• Cyber Security Objective
Page 25 Securing SCADA prepared by Jeffrey Wang
13. 3/10/2016
13
Industrial Control System Security Standards
Good News! There are many security standards….
NIST SP-800-82 : Guide to Industrial Control Systems Security
National Institute of Standards and Technology(NIST)
ISA/IEC-62443 (formal ANSI/ISA99) : Security for Industrial Automation and
Control Systems Security
The International Society of Automation (ISA)
The International Electrotechnical Commission(IEC)
NERC CIP- 006 : Physical Security of Critical Cyber Assets
North American Reliability Corporation(NERC)
Critical Infrastructure Protection(CIP)
TR12-002 : Industrial Control System (ICS) Cyber Security: Recommended Best
Practices (combined with NIST and ISA99 standards)
• Canadian Cyber Incident Response Centre (CCIRC)
Page 25 Securing SCADA prepared by Jeffrey Wang
Cyber Security Objective- I.T. Security Perspective
Three fundamental goals per NIST SP800-82 standard
Confidentiality
Any important information you have — such as employee, client
or financial records — should be kept confidential. This
information should only be accessed by people (or systems)
that you have given permission to do so.
Integrity
You need to make sure to maintain the integrity of this
information and other assets (such as software) in order to keep
everything complete, intact and uncorrupted.
Availability
You should maintain the availability of systems (such as
networks), services and information when required by the
business or its clients.
Page 26 Securing SCADA prepared by Jeffrey Wang
15. 3/10/2016
15
Mitigation Strategies - Recommendations
My recommendation:
Physical Assets Security
NERC CIP-006 standard is intended to ensure the implementation of a
physical security program for the protection of Critical Cyber Assets
Cyber Security
NIST SP800-82 standard is cybersecurity guidance for Industrial Control
Systems (ICS) Security
ISA/IEC-62443 (ISA99) standard
Canadian Cyber Incident Response Centre(CCIRC)
TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended
Best Practices
Page 29 Securing SCADA prepared by Jeffrey Wang
Mitigation Strategies - Risk Assessment
Sources of threats
External
Internal
Accidental
Vulnerabilities
Risks = Threats x Vulnerabilities x Impact
Page 30 Securing SCADA prepared by Jeffrey Wang
16. 3/10/2016
16
Physical Assets Security
Page 32 Securing SCADA prepared by Jeffrey Wang
Mitigation Strategies - NERC CIP Standards
NERC CIP standards Include 9 standards and 45 requirements:
CIP-002-1: Critical Cyber Asset Identification
CIP-003-1: Security Management Controls
CIP-004-1: Personnel and Training
CIP-005-1: Electronic Security Perimeters
CIP-006-1: Physical Security of Critical Cyber Assets
CIP-007-1: Systems Security Management
CIP-008-1: Incident Reporting and Response Planning
CIP-009-1: Recovery Plans for Critical Cyber Assets
NERC: North American Electric Reliability Corporation
CIP: Critical Infrastructure Protection
Page 32 Securing SCADA prepared by Jeffrey Wang
17. 3/10/2016
17
Mitigation Strategies - Physical Protection Guideline
Physical Access Controls
The Responsible Entity shall document and implement the operational and
procedural controls to manage physical access at all access points to the
Physical Security Perimeter(s) twenty-four hours a day, seven days a week.
Monitoring Physical Access
The Responsible Entity shall document and implement the technical and
procedural controls for monitoring physical access at all access points to the
Physical Security Perimeter(s) twenty-four hours a day, seven days a week.
Unauthorized access attempts shall be reviewed immediately and handled in
accordance with the procedures specified in Requirement CIP-008.
Logging Physical Access
• Logging shall record sufficient information to uniquely identify individuals and the
time of access twenty-four hours a day, seven days a week. The Responsible
Entity shall implement and document the technical and procedural mechanisms
for logging physical entry at all access points to the Physical Security
Perimeter(s).
Page 33 Securing SCADA prepared by Jeffrey Wang
Mitigation Strategies - Physical Security
Physical Security Purpose:
To assist you detect and identify threats and restrict access to sensitive area (server
room and important field equipment)
Detect
Be alerted to unauthorized entries or attempts
Be alerted to mechanical/electrical failures
Be alerted to remote site entry requests
Identify
Remotely view facility, people, equipment
View recorded information and events
Restrict and allow entry to facility
Create physical facility access logs
Prosecute offenders
Restrict
Keep the bad guys out
Page 34 Securing SCADA prepared by Jeffrey Wang
18. 3/10/2016
18
Cyber Security
Mitigation Strategies - NIST SP 800-82 Standards
NIST SP 800-82 : Guide to Industrial Control Systems Security
Provide guidance for establishing secure ICS, including implementation
guidance for SP 800-53 controls
Content
Overview of ICS
ICS Characteristics, Threats and Vulnerabilities
ICS Security Program Development and Deployment
Network Architecture
ICS Security Controls
Appendixes
Current Activities in Industrial Control Systems Security
Emerging Security Capabilities
NIST: National Institute of Standards and Technology
SP: Special Publication
Page 36 Securing SCADA prepared by Jeffrey Wang
19. 3/10/2016
19
Mitigation Strategies - Cyber Security Objective
Restricting logical access to the SCADA network and network activity
This includes using a demilitarized zone (DMZ) network architecture with
firewalls to prevent network traffic from passing directly between the corporate
and SCADA networks, and having separate authentication mechanisms and
credentials for users of the corporate and SCADA networks. The ICS should also
use a network topology that has multiple layers, with the most critical
communications occurring in the most secure and reliable layer.
Restricting physical access to the SCADA network and devices
Unauthorized physical access to components could cause serious disruption of
the SCADA’s functionality. A combination of physical access controls should be
used, such as locks, card readers, and/or guards.
Page 37 Securing SCADA prepared by Jeffrey Wang
Mitigation Strategies - Cyber Security Objective
Protecting individual SCADA components from exploitation
This includes deploying security patches in as expeditious a manner as possible,
after testing them under field conditions; disabling all unused ports and services;
restricting SCADA user privileges to only those that are required for each
person’s role; tracking and monitoring audit trails; and using security controls
such as antivirus software and file integrity checking software where technically
feasible to prevent, deter, detect, and mitigate malware.
Maintaining functionality during adverse conditions
This involves designing the SCADA so that each critical component has a
redundant counterpart. Additionally, if a component fails, it should fail in a manner
that does not generate unnecessary traffic on the SCADA or other networks, or
does not cause another problem elsewhere, such as a cascading event.
Page 38 Securing SCADA prepared by Jeffrey Wang
20. 3/10/2016
20
Mitigation Strategies – ANSI/ISA99 Standard
Module 1: Defining Industrial Cybersecurity
Covers the concepts of physical, operational, and electronic security; and defines
Cybersecurity as it relates to industrial automation and control systems
Module 2: Risk Assessment
Covers the concept of risk and how safety plays a part in assessing possible
consequences from a cyberattack
Module 3: Threats and Vulnerabilities
Covers "social engineering" and how outsiders gather information to enable attacks
and to physically enter your secured areas
Module 4: Security Policies, Programs, and Procedures
Covers the creation and deployment of policies, standards, and procedures and how
they are a critical aspect of a security program
Page 39 Securing SCADA prepared by Jeffrey Wang
Mitigation Strategies – ANSI/ISA99 Standard
Module 5: Understanding TCP/IP, Hackers, and Malware
Covers the basics of the IP networking architecture and how computers are
addressed and how IP delivers information to computers and TCP/UDP to
complete the delivery to specified applications using port numbers
Module 6: Technical Countermeasures
Covers the technical countermeasures and technology that can be employed to
protect your systems, detect and remove malware, and block hacking attempts;
and explains the technologies such as firewalls, proxy servers, VPN, and
VLAN and how they relate to industrial automation systems
Module 7: Architectural & Operational Strategies
Covers ways to segment and isolate your process automation systems in order to
increase their reliability and Cyber security
Page 40 Securing SCADA prepared by Jeffrey Wang
21. 3/10/2016
21
Mitigation Strategies -TR12-002 Recommendation
TR12-002 :Industrial Control System (ICS) Cyber Security: Recommended Best
Practices, by Canadian Cyber Incident Response Centre
1. Network Segmentation
2. Remote Access
3. Wireless Communications
4. Patch Management
5. Access Policies and Controls
6. Secure the Host (System Hardening)
7. Intrusion Detection
8. Physical and Environmental Security
9. Malware Protection and Detection
10. Awareness
11. Periodic Assessments and Audits
12. Change Control and Configuration Management
13. Incident Planning and Response
Page 41 Securing SCADA prepared by Jeffrey Wang
Useful software
Solarwinds Inc. URL: http://www.solarwinds.com/
Develops enterprise information technology (IT) infrastructure management
software for IT professionals.
Kaspersky - URL: http://www.kaspersky.com
Kaspersky Lab is an international software security group operating in almost
200 countries and territories worldwide.
Bitdefender- URL: http://www.bitdefender.com
Bitdefender products feature anti-virus and anti-spyware capabilities against
internet security threats such as viruses, Trojans, rootkits, rogues, aggressive
adware, spam and others.
McAFee - URL: http://www.mcafee.com
Intel Security Group (previously McAfee, Inc.) is an American global
computer security software
Symantec - URL: Http://www.symantec.com
Security, Antivirus and Backup Solutions provider
Page 42 Securing SCADA prepared by Jeffrey Wang
22. 3/10/2016
22
References
NIST SP-800-82 Guide to Industrial Control Systems Security
http://csrc.nist.gov/publications/nistpubs/800-82/SP800-82-final.pdf
ICS-CERT, ICS-TIP-12-146-01A—Targeted Cyber Intrusion Detection and Mitigation Strategies
http://www.us-cert.gov/control_systems/pdf/ICS-TIP-12-146-01A.pdf
CCIRC, TR11-002 Mitigation Guidelines for Advanced Persistent Threats
http://www.publicsafety.gc.ca/cnt/rsrcs/cybr-ctr/2011/tr11-002-eng.aspx
ICS-CERT, Incident Response Summary Report 2009 – 2011
http://www.us-cert.gov/control_systems/pdf/ICS-
CERT_Incident_Response_Summary_Report_09_11.pdf
US-CERT, Control Systems Security Program (CSSP)
http://www.us-cert.gov/control_systems/
US-CERT, Recommended Practice: Improving Industrial Control Systems Cybersecurity with
Defense-In-Depth Strategies
http://www.us-cert.gov/control_systems/practices/documents/Defense_in_Depth_Oct09.pdf
CPNI, CPNI Viewpoint: Securing the move to IP-based SCADA/PLC networks
http://www.cpni.gov.uk/Documents/Publications/2011/2011034-scada-
securing_the_move_to_ipbased_scada_plc_networks_gpg.pdf
International Society of Automation (ISA), ISA99, Industrial Automation and Control Systems
Security
http://www.isa.org/MSTemplate.cfm?MicrositeID=988&CommitteeID=6821
Page 43 Securing SCADA prepared by Jeffrey Wang
THANK YOU
Page 44 Securing SCADA prepared by Jeffrey Wang