Hackers of India

SCADA Security: Why is it so hard

 Amol Sarwate 

2012/02/15

Abstract

This talk will present technical security challenges faced by organizations that have SCADA or control systems installations. The presentation will take a packet level dive into SCADA protocols and provide examples of attacks . It will also showcase examples of security controls for attack mitigation and introduce a new open-source tool to help identify and inventory SCADA systems. The presentation will begin by introducing SCADA systems under the hood including RTU. IED PLC. FER PCS. DCS, HMI. sensors. data historians and other SCADA components. The presenter will categorize these components into distinct groups based on the functionality that each component provides. The presenter will review the security implications on each of these groups and identify where most of the threats lie. The presentation will take a packet level dive into SCADA protocols like MODBUS and DNP3 and study their security implications. It will provide examples of attacks that can be carried out against each group and compnent.The presentation will also include the release of an updated version of an open-source tool to identify and inventory SCADA systems using the protocols discussed in this presentation. The session will also focus on real world examples of successful and not-so-successful implementations of security controls with SCADA systems. This will include examples of what some large organizations have done. and a discussion about why SCADA security cannot be deciphered just by tools or technical solution. The presentation will conclude with guidance on how control system owners can start implementing additional measures to get to an acceptable security

Attendees who are in charge of control system infrastructure will get insight on what worked and what did not work for other organizations. Engineers who are in charge of security for control systems will get a Imter technical insight of SCADA protocols and components and can use the open source tool that is intrcvduced.Attendees who are new to control systems will get an excellent overview of security complexities of control systems.