DATA MANAGEMENT FOR AUTOMATED PRODUCTION

IEC 62443 Security in Industrial Automation

Dirk Thielker

PRIORITIES OF DIFFERENT TYPES OF IT SYSTEM

Industrial IT – AVAILABILITY

▪ Antivirus not possible (slows down the system)

▪ Systems designed to be isolated

▪ Rebooting results in downtime

▪ Low availability of security systems

▪ Physical danger for people or the environment

Office IT – CONFIDENTIALITY

▪ High availability of security systems

▪ Slowing down the system not a major problem

▪ Systems regularly shut down and restarted

▪ Problems rarely result in physical danger

for people or the environment

*Source: AdobeStock_48975872, Fotolia_159173304_sorapolujjin and Siemens AG

IT & OT RISK MANAGMENT - COMMON GROUND

IT – BASIC PROTECTIONBSI 200-3 / ISO 2700x

OT – MACHINE SAFETYMRL 2006/42/EG / ISO 12100ISO 13849

• Overview of dangers• Risk assessment• Evaluation of risks• Handling risks• Integration into the safety concept

DangerSafety

Necessary risk reduction measures

Implemented risk reduction measures

Acceptable risk limit

Remaining riskRisk

IT & OT RISK MANAGMENT - DIFFERENCES

IT – SECURITY47 Sources of risk

OT – SAFETY11 Sources of risk (each with many facets)

CONVERGENCE OF IT AND OT

IT – SECURITY47 Sources of risk

OT – SAFETY11 Sources of risk (each with many facets)

OTIT

+ IT – SECURITY47 Sources of risk

ICS VULNERABILITIES

ICS VULNERABILITIES – NEW IN JUNE 2020

ICS VULNERABILITIES – NEW IN JUNE 2020

ICS VULNERABILITIES – STANDARDS WILL HELP

IEC 62443 DEFENSE IN DEPTH

Organisational measurestaken by the operator

Security functions built-in to componentsby the manufacturers

Protect the facility• Restricted physical access• Rules and processes• Security checks

Protect the network• Segmented network• Firewall• VPN and end-to-end encryption

Protect the system• Detect and defend against attacks• Protect against manipulation• Robust systems / password protection • Patch managment

Measures built-in to systemby the integrator

IEC 62443 DOCUMENTS

Organisational measurestaken by the operator

Measures built-in to systemby the integrator

Security functions built-in to componentsby the manufacturers

EVALUATION OF THE PROTECTION LEVEL

Mat

uri

tyLe

vel

4

3

2

1

1 2 3 4

Security Level

PL 1

PL 2

PL 3

PL 4

2-1 2-4

Policies & Procedures

3-3

System & Components

Pro

tect

ion

Leve

l

Requirement

IEC 62443-2-1A12 Operational policies and procedures

A 12.1 Operational procedures and responsibilites- Documented operating procedures- Change managementGoal: Ensure proper and secure operation

A 12.2 Protection against malware- Anti-malware measuresGoal: Facility is protected against malware

A 12.3 Backup of data

- Valuable intellectual property stored in more than one place

Goal: Data is protected against loss

A 12.4 Logging and monitoring

- Event logging

- Logged information protected

- Administrator and user logs

Goal: Events are logged and traceability is ensured

EXAMPLE 1

REQUIREMENT[…] Technical and organizational protective measures

MUST be defined. […]

IMPLEMENTATION✓ Data backed up in the form of versions of

programming projects✓ Data backup in the form of device uploads✓ Changes DETECTED by comparing consecutive

uploads✓ All the necessary tools and data for fast disaster

recovery

EXAMPLE 2

▪ AUVESY and IRMA® – network scanner

▪ Introduce versiondog: "zero touch"

▪ Passive network scan (no risk)

▪ Active network scan

▪ Detect anomalies

▪ Desired vs. actual project version / program running on device

▪ Desired vs. actual device operation

▪ Desired vs. actual anomaly detection

STUXNET

▪ Malicious manipulation that would have

been detected by versiondog

SECURITY AND SAFETY

Security Safety

BEI FRAGEN STEHE ICH IHNENGERNE ZUR VERFÜGUNG!

IHR ANSPRECHPARTNER:

Dirk Thielker

DIRK.THIELKER@AUVESY.DE

Thank you for yourattention!