Upload File

cyber-physicalproductionsystems & security edgar … weippl, sba... · 09.05.17 9 examples...

  • Home
  • Documents
  • CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,
18
09.05.17 1 CYBER-PHYSICAL PRODUCTION SYSTEMS & SECURITY Edgar Weippl, SBA Research

Upload: others

Post on 16-Jun-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

1

CYBER-PHYSICAL PRODUCTION SYSTEMS&SECURITYEdgarWeippl,SBAResearch

Page 2: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

2

WeakSoftware?

• FlipFengShui• Drammer (Android)

https://www.vusec.net/projects/flip-feng-shui/

2016- SBAResearchgGmbH

Cyber-PhysicalSystems

“...areintegrationsofcomputationwithphysical

processes.Embeddedcomputersandnetworks

monitorandcontrolthephysicalprocesses,usually

withfeedbackloopswherephysicalprocessesaffect

computationsandvice versa.”

(Lee, 2008)

Page 3: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

3

Internet-of-Things“umbrellakeywordforcoveringvariousaspectsrelatedtothe

extensionoftheInternetandtheWebintothephysical realm,

bymeansofthewidespreaddeploymentofspatially

distributeddeviceswithembeddedidentification,sensing

and/oractuation capabilities."

(Miorandi, 2012)

Examples

Page 4: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

4

Reality

Problem:Security

Page 5: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

5

SecurityIssuesbeyondtheObvious

• EffectsonPhysicalPartsandHuman Integrity• DevicesAsPartofAnAttack (DDoS)• GovernmentalInvestigations(“Fearofgoing black”)• BringYourOwnDevice(BYOD) Policies

SecurityGoals:theCIATriad

Confidentiality Integrity

Availability

Page 6: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

6

SecurityGoals

Confidentiality Integrity

Availability

IndustrialEngineering

InformationTechnology

Management

ApproachesfromInformationTechnology

Page 7: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

7

DistinctCPS Characteristics

• ResourceConstraints(Computing,Memory,etc.)

• KnowledgeonSystem Dynamics

• PowerSavingBehaviorandSleepModes

• ImpossibilityofRegular Patching

• Life Cycles

• Safety Evaluation

AttacksontheControlLoop

Page 8: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

8

Approachesfrom Engineering

• Fault Tolerance• RedundantSensorsand Encryption• Robust Control• NetworkedControl Systems

Page 9: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

9

Examples– BMW

“Furthermore,afterdumpingandinspectingthefirmwareofthemodeminthedevice,theresearcherfoundthatBMWusedthesamesymmetriccryptographykeys tocommunicatewiththeback-endserverforallcarsandthattheprivatekeyswereeasilyextractedfromthefirmware.”

RemySpaan,Secureupdatesinautomotivesystems,Masterthesis,Radboud University,2016http://www.ru.nl/publish/pages/769526/z_remy_spaan.pdf

2016- SBAResearchgGmbH

Examples– VWAudi:A1,Q3,R8,S3,TT,othertypesofAudicars(e.g.remotecontrol4D0837231)VW:Amarok,(New)Beetle,Bora,Caddy,Craver,e-Up,Eos,Fox,Golf4,Golf5,Golf6,GolfPlus,Jetta,Lupo,Passat,Polo,T4,T5,Scirocco,Sharan,Tiguan,Touran,UpSeat:Alhambra,Altea,Arosa,Cordoba,Ibiza,Leon,MII,ToledoSkoda:CityGo,Roomster,Fabia1,Fabia2,Octavia,Superb,YeG

Insummary:probablymostVWgroupvehiclesbetween2000andtodaynotusingGolf7(MQB)plattform

FlavioD.Garciaetal.,LockItandStillLoseIt-Onthe(In)SecurityofAutomotiveRemoteKeylessEntrySystems.UsenixSecurity2016.https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/garcia

2016- SBAResearchgGmbH

Page 10: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

10

Stakeholder Goals

AccessControlPerimeterProtectionIntrusionDetection

EconomicOptimizationIPProtection

RiskAssessment

ProcessControlProcessOptimizationProcessStability

InformationTechnology Management IndustrialEngineering

Security Goals

Confidentiality Integrity

IndustrialEngineering

InformationTechnology

Management

Availability

Page 11: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

11

Stakeholder Goals

Confidentiality Integrity

IndustrialEngineering

InformationTechnology

Management

Availability

IntegratingSecurityintoCPPS Engineering

Interoperability SystemDesign Self-Protection

Page 12: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

12

Interoperability

• Cyber-physicalproduction systemscompriseofheterogeneouscomponentsmiddlewareasintermediary

• hardtoimplement correctly• consideredtobe isolated• Integrationofsecurity tests• Gainrobustnessagainstmalicious inputs

Self-Protection

• Cyber-physicalproductionsystemsarecomplex

• robustcontrolagainstaccidental/random events

• failingsafe:adenial-of-service?• Simulation environmentandtest

bedsheavilyconstrained• higherdegreeofrealism needed

extendmodelsforcontrolalgorithms Cyber-Physical System

Internet

Cyber-LaunchedAttacks

Cyber-PhysicalAttacks

Physical System

Network

Software

Control

Hardware

Page 13: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

13

MovingTarget Defense

Source: desfinafionsuddefrance.com

JointResearch

• Industrialandcomputerengineersareworkingtowardsthesameaims,butfromdifferentperspectives.

• Thereispotentialforcollaborationofmutualbenefit• securitytestingininteroperabilitytesting

Improvementoftestbeds• Layeredandmovingtargetdefense

2016- SBAResearchgGmbH

Page 14: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

14

Ransomware

2016- SBAResearchgGmbH

SpamE-Mail

2016- SBAResearchgGmbH

Page 15: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

15

SpamE-Mail

2016- SBAResearchgGmbH

Quelle:Watchlist-Internet.at

SpamE-Mail

• ClickonLinkinEmail

• Website:

2016- SBAResearchgGmbH

Quelle:Watchlist-Internet.at

Page 16: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

16

SpamE-Mail

• Clickonbutton leads to download of aZIPfile

• File„VERBUNG-rechnung.js”is Ransomware

2016- SBAResearchgGmbH

:Watchlist-Internet.at

Infection viaDriveBy-Download

Visit Website

• Normalnon-malicious website (butmalicious ad„Malvertising“)• Hacked website

Scanning• Vulnerabilities inthe browser?

Exploit isexecuted

• Browser• Browser-Plugins suchas Java,Flash,AdobeReader

Drive-ByDownload

• Unknown DownloadundInstallationof malware• Infection (e.g.encryption)commences

2016- SBAResearchgGmbH

Page 17: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

17

Hackingis Business

• In2014Germansteelmill attacked

• Attackers gain access tocontrol network for theblastfurnance

• Physical damage

2017- SBAResearchgGmbH

Hackingis Business

2017- SBAResearchgGmbH

…einfacherDDoS Angrifffür60$proTag

…Mirai Botnet:3000bis4000DollarfüreinezweiwöchigeDDoS-Kampagnemit50.000Bots

Quelle:[18] ZDNet

Page 18: CYBER-PHYSICALPRODUCTIONSYSTEMS & SECURITY Edgar … Weippl, SBA... · 09.05.17 9 Examples –BMW “Furthermore, after dumping and inspecting the firmware of the modem in the device,

09.05.17

18

SBAResearch

EdgarWeipplSBAResearchFavoritenstraße16,[email protected]


Inspecting the Masonry Exterior Wall Covering Inspecting ... · Inspecting the Masonry Exterior Wall Covering Page 3 of 19 Advantages of Masonry Siding • Masonry is provides good

Inspecting Fueling Facilities

Inspecting a Barges Towing Rig - Tugmasterstugmasters.org/wp-content/uploads/2014/07/Inspecting-a...Inspecting a Barges Towing Rig Just about every tug boatman sooner or later gets

Inspecting Electrical

Inspecting Works

Inspecting & Repairing Major Components

[Pipeline] Inspecting Pipeline Installation

Inspecting OSH in Construction

1.1 Framework for inspecting independent schools for inspecting... · 2012-09-12 · The framework for inspecting education in non-association independent schools 6 September 2012,

A strategy and guidance for inspecting literacy for …learning.gov.wales/...strategy-and-guidance-for-inspecting-literacy... · A strategy and guidance for inspecting literacy for

UST Systems: Inspecting And Maintaining Sumps And Spill ... Systems: Inspecting And Maintaining Sumps And Spill ... Sample Underground Storage Tank Sump And ... UST Systems: Inspecting

Inspecting Reproductive Laboratory Accreditation Program

Inspecting Personal Fall Protection Equipment - UK 2nd ... · Inspection frequency 21 Inspection records 26 Inspections: What to look for 41 Inspecting metal components 44 Inspecting

Methods of Inspecting Materials (Autosaved)

INSPECTING AND TESTING WASTEWATER COLLECTION …

Inspecting your harness

Inspecting Heat Treated Parts(Roann2)

Inspecting the Subpanel

Inspecting Structure

The framework for inspecting non-association independent ...dera.ioe.ac.uk/16337/1/Framework for inspecting independent schools... · The framework for inspecting non-association

Tt Inspecting Goods

Consolidated Daily Arrest Dated 09 - 05 - 17...Khulna, Bangladesh Nirman Samshan Bottala more Khulna, Bangladesh Swarupnagar PS Case No. 369 dt. 09.05.17 u/s- 14 F Act 09.05.17 38

Inspecting the Boat

Guide to Inspecting the Workplace

Sewer pipe—inspecting and cleaning

UST Systems: Inspecting And Maintaining Sumps … Systems: Inspecting And Maintaining Sumps And Spill ... Sample Underground Storage Tank Sump And ... UST Systems: Inspecting And Maintaining

Inspecting a Used Car

[Mesh] Inspecting for Hazardous

CHECKLIST Inspecting a Garage - Ben Gromickobengromicko.weebly.com/uploads/2/6/9/7/26972815/inspecting-a... · Checklist for Inspecting a Garage Page 1 of 7 CHECKLIST Inspecting a

Kathrin Strasser-Weippl 1 st Medical Department Wilhelminen Hospital, Vienna Cancer Care in Europe

Inspecting garments

Inspecting Your Post-War House

Inspecting equalities briefing - dera.ioe.ac.ukdera.ioe.ac.uk/18231/1/Inspecting equalities briefing.docx  · Web viewAdd3. 17. Inspecting equalities: briefing for section 5 inspection

Code of Practice Inspecting and Certifying Building Works · Code of Practice Inspecting and Certifying Building Works ... - Inspection Plan ... to inspecting and certifying building

Inspecting Under the Hood of Autodesk Vault Inspecting Under the Hood of Autodesk Vault