2006年十大控制系统安全威胁及其防护策略

需积分: 5 103 浏览量更新于2024-09-16 收藏 3.56MB PDF 举报

标题："十大工业控制系统安全威胁及对应防范措施" 描述：这份国际认可的工业控制系统安全风险分析报告——《2006年控制系统十大漏洞及其相关缓解策略》，由北美电力可靠性委员会（NERC）的基础设施保护委员会（CIPC）下的控制系统安全工作小组（CSSWC）编制，旨在每年更新，以反映漏洞的新变化，并记录更有效的防范策略。最初在2004年，它仅列出了关键漏洞，但现在包括了针对每种漏洞的三个级别防范措施。 1. 缺乏有效政策、程序和安全文化：控制系统的安全性首先源于所有相关人员的安全意识和文化。行业专家Bob Huba指出，人们往往倾向于将安全视为技术解决方案，如防火墙和密码，而忽视了非技术层面的文化建设与管理。 2. 技术依赖性：过度依赖单一技术防护措施可能导致系统薄弱。企业应建立全面的安全框架，而非仅仅依靠硬件防火墙。 3. 用户账户管理：弱密码和权限不当是常见漏洞，定期更换复杂且独特的密码，以及实施多因素认证是必不可少的。 4. 网络架构：网络设计应考虑物理隔离和访问控制，防止恶意攻击者利用网络漏洞侵入控制系统。 5. 更新与补丁管理：系统软件和固件应及时更新以修复已知漏洞，避免被利用为攻击入口。 6. 系统审计与监控：定期进行安全审计和日志监控，以便及时发现异常行为和潜在威胁。 7. 教育与培训：对操作人员进行持续的安全教育，提高他们识别和应对威胁的能力。 8. 外包与第三方风险：与供应商和承包商的合作中，必须确保他们也遵循同等的安全标准。 9. 应急响应计划：制定完善的应急响应计划，以快速应对安全事件并减少损失。 10. 法规遵从性：确保系统符合相关法规，如工业控制系统信息安全标准，以避免法律风险。这份报告强调了工业控制系统安全的多层面防护，不仅关注技术手段，更重视组织文化的塑造和人员素质的提升，以达到整体系统的强健防御。通过实施这些策略，可以显著降低潜在的风险，维护关键基础设施的安全。

Focus:

Security threats

Ten Control System

security threats

"THE Top 10 Vulnerabilities of Control Systems

and their Associated Mitigations - 2006, is the third

revision of the list," says Scott R. Mix, CISSP, man-

ager of situation awareness & infrastructure

security. "The document is maintained by the Con-

trol System Security Working Group (CSSWC) of

NERC's Critical Infrastructure Protection Commit-

tee (CIPC), and is updated each year to reflect

changes in vulnerabilities, as well as to document

improved mitigation strategies," he says. It has

grown from a simple listing of vulnerabilities in

2004,

to include three levels of mitigations for each

of the documented vulnerabilities.

Here are the 10, with advice from industry sup-

pliers and consultants on the importance of each to

overall system strength.

Inadequate policies, procedures, and culture

governing control system security.

Security begins with a culture and mindset of all

those involved. "There is a tendency to think of

security in terms of a technical solution: firewalls,

passwords, etc.," says Bob Huba, Delta V product

manager for Emerson Process Management. "While

those elements may cover 20% of the overall solu-

tion, common sense approaches to security imple-

mented by plant personnel should make up the

remaining 80%. To quote one industry practitioner,

'just stop doing dumb things.' Ask the question,

'Does your facility have a security policy?' It can be

as simple as asking a stranger why he is in a control

room, or making sure your

users know not to bring in

portable media from the out-

side to play music or install

non-approved programs."

Kim Eenrich, project solutions manager, power

generation, ABB Inc., observes, "Without an effec-

tive security policy that addresses procedures, miti-

gation strategies, and periodic training, all other

security programs will be less successful. To be suc-

cessful, security must be viewed as an ongoing

process, not a one-time investment into firewalls,

intrusion prevention or detection, encryption tech-

nologies, etc."

Operators believe, says Bryan Geraldo, lead prin-

cipal, power and energy vertical, Symantec Consult-

ing Services, that "control systems are relatively safe

from opportunistic attacks or inadvertent disruption

because they are 'indirectly' connected to the Inter-

net, or composed of different software and hard-

ware components, some of which have the vendors''

own built-in security features." While most IT pro-

ducts have built-in security measures, such as pass-

words and encryption options, or basic firewall/fil-

ter-type mechanisms, Geraldo says, "many of these

features are deactivated - or worse - left in default

or incorrect configurations, which lends a false sense

of security."

The general migration away from proprietary sys-

tem architectures requires change, suggests Marilyn

Guhr, senior marketing manager for lifecycle ser-

vices,

Honeywell Process Solutions. "As the control

system environment moves to open systems," she

says,

"new policies and procedures are required and

often control systems people are not of aware of

these requirements or they believe someone else is

Security

begins with a culture and

mindset

of all those involved

taking care of it. The IT organisations within their

companies are very aware of these things but that

awareness hasn't necessarily filtered down to the

process control area."

Lack of knowledge produces errors. "Over and

over

see mistakes occur on industrial sites that can

completely invalidate the entire security effort," says

Eric Byres, CEO, Byres Security. "For example, dur-

ing one particular site audit I ran, network cables

were discovered that circumvented the SCADA fire-

walls.

The reason later given was that there was no

risk analysis showing that the firewalls were impor-

tant, nor was there a policy stating that bypassing

them was unacceptable."

Inadequately designed networks with insuffi-

cient defence-in-depth.

Defence requires more than just a strong perime-

ter. "To secure a control system successfully requires

taking a systematic and comprehensive approach,"

advises Todd Stauffer, PCS 7 marketing manager,

Siemens Energy & Automation. "One of the most

common (and dangerous) misunderstandings is that

by simply installing a control system firewall, the

system is protected. This is far from correct. Instead,

a layered approach called defence-in-depth is rec-

ommended by security practitioners and agencies,

such as the U.S. Dept. of Homeland Security.

Defence-in-depth advocates the creation of a nested

security architecture whereby the plant is divided

into multiple secure and closed cells (zones). Each

cell must have clearly defined

and monitored access points

to control access and commu-

nication in and out."

Control systems must have

hierarchical levels of protection, says Kevin Staggs,

global security architect, Honeywell Process Solu-

tions.

"The more critical the access, like controls

and HMI, the deeper it needs to be defended. Con-

trol systems at a minimum should be firewalled off

from the business network, and they should never

be allowed to access the Internet. The IT realm

understands how to use defence-in-depth networks,

but that expertise hasn't necessarily been brought

down to the control system level."

Byrnes says, "No IT department in its right mind

would just install a firewall and then say 'we're

secure.' IT departments install antivirus software,

personal firewalls, automatic patches, etc., on every

single server, desktop, and laptop, so that these com-

puters are tough enough to defend themselves with

or without the firewall. Yet in the SCADA and con-

trol systems world, companies install one firewall

between the business network and the control net-

work (if that) and completely ignore the security of

mission critical devices like the PLC, RTU or DCS.

The whole control security paradigm is 'crunchy on

the outside and chewy in the middle' but that

doesn't work. Like good safety design, a good secu-

rity design has to offer layers of defence so that

when one layer fails another will stand in its place.

That means making every device on the control net-

work secure enough that it can defend itself when

the bad guys or bugs eventually get through the fire-

wall. It isn't easy, but it can be done."

(Continued

on page 20)

THE

BEST

CONNECTIONS

to 5-pin

Standard

Cordsets \,

•

eurotasf-, picofasr minifast*. microfast",

multifast'. and Vlasf interconnects

Continuously

Flexible Cable

•

Rated to over 10 million cycles

•

Ideal for robotic appiications

to 16-poft

Junctions

•

With or

without

LEDs

•

One or two signals per port

•

Isolated power supply

M8-Style

Miniature

4.8 and

10-part

Junctions

Snap

Lock or

threaded

connections

Quick

disconnect or

integral

home run cable

Terminal

Chamber Junctions

•

Convert hard wiring

into

multiple port

Quick

Disconnect

•

Waler tight

IP67/NEMA

4-20

Analog

Junctions

•

Compatible with HART

transmitters

Super Rugged

M12

Cordsets

•

Longer, heavier metal

coupling

nut

•

Rugged CPE rubber

cable

•

^^ Junctions for

Sensors

4, 6, or 8-port

Standard/custom wiring

With or without LEDs

Rugged

Molded Junctions

•

PUR overmolded

design

•

Heavy machined

brass

port

couplings

•

Fully encapsulated

•

Water tight IP 67/NEMA 6P

M12

•6,8,

10 & 12-pin models

•

Straight cr right angle

• 2 A -

24 AWG

|||

M16 & MZ3

•

12, 14, 16 or 19-pin

models

•

Straight & right angle

« 4

22 AWG

2,3

4-wav

Splitters

•

Consolidate

multiple

sensors/devices

•

Up to 4 cables into

one

connector

Armored

Corflsets

•

Rugged,

metal-clad

cable

(NEC type MC)

•

Replace conduit,

equipment

ground

Fixcon Snap

Lock Junctions

•

Fast, no thread

installation

•

Dependable

water-tight

seal

•

4 or 8-ports

•

Snap lock or ihread-on connectors

WWW.MICRDMAX.CQM.AU

I 3OO 36 26 26

us for more

information

at:

micromax@fnicromax.com.au

PACE

June 2007 19

下载后可阅读完整内容，剩余5页未读，立即下载

huang5203728

粉丝: 1
资源: 12

2006年十大控制系统安全威胁及其防护策略

Blackjacking Security Threats to BlackBerry Devices PDAs& Cell Phones in the Enterprise

Dragos_2017-Review-Industrial-Control-System-Threats(03-01-2018).pdf

Security threats to automotive CAN networks—Practical examples a

Security Threats in the Data Plane of Software-Defined Networks

[6]Security threats to automotive CAN networks.pdf

Improving Web Application Security: Threats and Countermeasures

System Security Lecture Notes (StonyBrook CSE509)

wireless security: models threats and solutions

Networkers2009：BRKSEC-2003 - IPV6 Security: Threats and Mitigation

「数据安全」Evolution_of_Security_Threats_to_Telecommunications_Inf

最新资源