survivability and recovery of process control systems · 5. 6 hand scan. right elbow 7. left elbow...
TRANSCRIPT
![Page 1: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/1.jpg)
11
NACIONon-obtrusive Authentication of Critical
Infrastructure Operators
Sam Clements, Mark Hadley,
Tom Edgar, and Cliff Glantz
Pacific Northwest National Laboratory (PNNL)
March 2010
This material is based upon work supported by the U.S. Dept. of Homeland Security under Grant Award Number 2006-CS-001-
000001, under the auspices of the Institute for Information Infrastructure Protection (I3P) research program. The I3P is managed
by Dartmouth College. The views and conclusions contained in this document are those of the authors and should not be
interpreted as necessarily representing the official policies, either expressed or implied, of the U.S. Department of Homeland
Security, the I3P, or Dartmouth College.
![Page 2: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/2.jpg)
The NACIO Team
Project Team Members
• Sam Clements
• Mark Hadley
• Thomas Edgar
Working out of PNNL’s main campus in Richland, Washington
2
![Page 3: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/3.jpg)
3
What is Authentication?
“All information systems
must have a security
mechanism installed that
requires authentication prior
to file access.”
- API 1164
“…Responsible Entity shall
have a policy for managing the
use of such accounts [shared,
generic] that limits access to
only those with authorization,
[and] an audit trail of the
account use …”
- NERC CIP 7 R5.2.3
The process of verifying a user’s identity and
authorization to access a network or its resources.
- NIST 800-53
- NRC RG-5.71
![Page 4: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/4.jpg)
What is Required for Authentication?
• For IT systems we often require:
– Something you know (e.g.; password)
– Something you have (e.g.; security
token, mag. card)
– Something you are (e.g., fingerprints)
4
![Page 5: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/5.jpg)
Control System Authentication Issues
• Authentication restrictions cannot be allowed to:
– impede operator control
– negatively impact control system operation
– negatively impact process/facility critical events
• Immediate access and control are required when
needed – delays cannot be tolerated!
• A forgotten or mistyped password cannot be
allowed to lock up a control system’s human
machine interface!
• So how can authentication be done?
• How much is too much?
5
![Page 6: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/6.jpg)
6
Hand Scan
6
![Page 7: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/7.jpg)
Right Elbow
7
![Page 8: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/8.jpg)
Left Elbow
8
![Page 9: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/9.jpg)
Foot
9
![Page 10: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/10.jpg)
Tongue
10
![Page 11: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/11.jpg)
Finishing up with a Butt Scan
11Thanks to Monsters vs. Aliens (DreamWorks®) and Sam Clements for these images!
Now that’s way too much!
![Page 12: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/12.jpg)
Example Authentication Approach:
NRC Regulatory Guidance
RG 5.71:“Cyber Security Programs for Nuclear Facilities” (11/09)
Requires the following:
• uniquely identify each user
• verify the identity of each user
• disable a user identifier after a predetermined time
period of inactivity
• change and refresh authenticators periodically
• only appropriate officials can issue a user identifier
• ensure that a user identifier is issued to the intended party
12
![Page 13: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/13.jpg)
NRC Authentication (cont)
If a control system cannot support all user
authentication requirements, all of the following
must be implemented:
• physically restrict access to the control
system
• ensure only security qualified and
credentialed individuals have access to
control systems
• monitor and record access to the control
system in a timely manner
• use auditing/validation measures to detect
unauthorized access and modifications to the
control system
13
![Page 14: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/14.jpg)
14
The NACIO Approach
Security Camera
Network Sensor
Control System Network
Operator
Console Network Traffic
Authenticator
PictureBadge + RFID
NACIO InterfacePhysical Access
Control Database
Alert: Critical System Command
![Page 15: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/15.jpg)
15
NACIO Advantages and Security Impact
• NACIO’s Advantages
– Triggers only on critical commands and alarms on a defined
subset of these commands
– Avoids an inundation of data
– Records:
• Network traffic
• Badge info
• Image of operator
– Supports post-incident investigation
• NACIO’s Impact: Reduces Insider Threat
– impression that your activities are being monitored and you
can’t get away without your actions being revealed
– establishes a much higher threshold for malicious acts
![Page 16: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/16.jpg)
16
NACIO Uses COTS Technologies
• Components
– “IDS”
– Cameras
– Badge with RFID
• Advantages
– Readily Available Components
– Fast to Market Bridging the Gap
![Page 17: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/17.jpg)
17
NACIO Wrap-Up
• Does not impact operations
• Helps meet or exceed current standards and
guidance for control system authentication
• Provides an innovative integration of COTS
technologies
• Undergoing testing and refinement at PNNL
• We are seeking partners for technology transfer
![Page 18: Survivability and Recovery of Process Control Systems · 5. 6 Hand Scan. Right Elbow 7. Left Elbow 8. Foot 9. Tongue 10. Finishing up with a Butt Scan 11 Thanks to Monsters vs. Aliens](https://reader031.vdocument.in/reader031/viewer/2022022704/5bcc431e09d3f2d30a8de718/html5/thumbnails/18.jpg)
Questions?
• For more information, contact one of the following PNNL
NASIO team members:
– Sam Clements
[email protected]; 509-375-3945
– Mark Hadley
[email protected]; 509-375-2298
Your presenter has been Cliff Glantz; [email protected]; 509-375-2166
18