Quizlet #13 - Chapter 10
Vulnerabilities
Potential vulnerabilities in control systems are exacerbated by insecure connections, either within the corporate enterprise network or external to the enterprise or controlling station. —Organizations often leave access links (such as dial-up modems to equipment and control information) open for remote diagnostics, maintenance, and examination of system status. —Such links may not be protected with authentication or encryption, which increases the risk that an attempted external penetration could use these insecure connections to break into remotely controlled systems.
Types of Control Systems
1. Distributed control systems (DCS): these are typically used within a single process or generating plant or used over a smaller geographic area or even a single site location. 2. SCADA systems: these are typically used for larger-scale environments that may be geographically dispersed in an enterprise-wide distribution operation.
Control Loops
Control loops in a SCADA system are usually open, whereas control loops in DCS systems are usually closed.
SCADA vs. DCS
SCADA system communications infrastructure —tends to be slower —less reliable, and so the remote terminal unit (RTU) in a SCADA system has local control schemes to handle that eventuality. DCS —networks tend to be highly reliable, —high-bandwidth campus local area networks (LANs). —The remote sites in a DCS can afford to send more data and centralize the processing of that data.
Wardialing/phreaking
phreaker is an individual who specializes in unauthorized penetration and access of telephone systems. main goal of wardialing is simple: access. This includes access to a specific company's system; access to free long-distance service;access to an anonymous connection to anonymously access another computer system or entire network; access to a place to hide illegal or contraband software, data, or information; or access with intent to steal data, information, or software. Threats of Wardialing: Carrier detection: Determining (through several methods) whether the carrier is a modem or a facsimile; may be capable of determining the manufacturer of the device that is answering. Banner logging and identification: Many systems identify not only the name of the organization that is using or sponsoring the carrier answering device, but also the basic functionalities of the device that answered based on its name or a brief description. System identification: Once connected, individuals may determine the type of system through a series of scanning attempts that would identify the computer manufacturer type, model, and operating system running on the computer system. Network identification: It may be possible to scan other computing devices if the device has been compromised and may be capable of traversing within and throughout the enterprise network.
Implementation of Security Technologies
uses of existing security technologies, as well as use of strong user authentication and patch management practices, are typically not implemented in control systems because: — as control systems operate in real time —control systems are typically not designed with security in mind and usually have limited processing capabilities to accommodate or handle security measures or countermeasures. —authorization —authentication — encryption — intrusion detection —filtering of network traffic and communications —require significantly increased bandwidth, processing power, and memory— much more than control system components typically have or are capable of sustaining.
Risks for control systems
—The adoption of standardized technologies with known vulnerabilities —The connectivity of many control systems via, through, within, or exposed to unsecured networks, networked portals, or mechanisms connected to unsecured networks —Implementation constraints of existing security technologies and practices within the existing control systems infrastructure (and its architectures) —The connectivity of insecure remote devices in their connections to control systems —The widespread availability of technical information about control systems, most notably via publicly available or shared networked resources such as the Internet
Components of Control Systems
—consists of a master control system or central supervisory control and monitoring station, consisting of one or more human-machine interfaces in which an operator may view displayed information about the remote sites or issue commands directly to the system. —Typically, this is a device or station that is located at a site in which application servers and production control workstations are used to configure and troubleshoot other control system components. —The central supervisory control and monitoring station is generally connected to local controller stations through a hardwired network or to remote controller stations through a communications network that may be communicated through the Internet, a public switched telephone network (PSTN), or a cable or wireless (such as radio, microwave, or WiFi) network. —Each controller station has an RTU, a programmable logic controller (PLC), a DCS controller, and other controllers that communicate with the supervisory control and monitoring station. —The controller stations include sensors and control equipment that connect directly with the working components of the infrastructure (e.g., pipelines, water towers, and power lines). —Sensors take readings from infrastructure equipment such as water or pressure levels, electrical voltage, etc., sending messages to the controller. —The controller may be programmed to determine a course of action, sending a message to the control equipment instructing it what to do (e.g., to turn off a valve or dispense a chemical). If the controller is not programmed to determine a course of action, the controller communicates with the supervisory control and monitoring station before sending a command back to the control equipment. —The control system may also be programmed to issue alarms back to the control operator when certain conditions are detected. Handheld devices such as personal digital assistants (PDAs) may be used to locally monitor controller stations. —Controller station technologies are becoming more intelligent and automated and can communicate with the supervisory central monitoring and control station less frequently, requiring less human intervention.
Control Systems
—usually computer-based —used by many infrastructures and industries to monitor and control sensitive processes and physical functions. —collect sensor measurements and operational data from the field, process and display this information, and relay control commands to local or remote equipment.
Attack of Control Systems and Consequences
• Disrupt the operations of control systems by delaying or blocking the flow of information through the networks supporting the control systems, thereby denying availability of the networks to control systems operators and production control managers. • Attempt, or succeed at making unauthorized changes to programmed instructions within PLC, RTU, or DCS controllers, change alarm thresholds, or issue unauthorized commands to control station equipment, which could potentially result in damage to equipment (if tolerances have been exceeded), premature shutdown of processes (shutting down transmission lines or causing cascading termination of service to the electrical grid), or rendering disablement of control station equipment. • Send falsified information to control system operators either to disguise unauthorized changes or to initiate inappropriate actions to be taken by systems operators— that is, falsified information is sent or displayed back to systems operators who may think that an alarmed condition has been triggered, resulting in system operators acting on this falsified information, thus potentially causing the actual event. • Modify or alter control system software or firmware such that the net effect produces unpredictable results (such as introducing a computer "time bomb" to go off at midnight every night, thus partially shutting down some of the control systems, causing a temporary brownout condition; a time bomb is a forcibly introduced piece of computer logic or source code that causes certain courses of action to be taken when either an event or triggered state has been activated). • Interfere with the operation and processing of safety systems (e.g., tampering with or denial of service of control systems that regulate processing control rods within a nuclear power generation facility). • Many remote locations containing control systems (as part of an enterprise DCS environment) are often unstaffed and may not be physically monitored through surveillance; the risk of threat remains and may be higher if the remote facility is physically penetrated at its perimeter and intrusion attempts are then made to the control systems networks from within. • Many control systems are vulnerable to attacks of varying degrees. These attack attempts range from telephone line sweeps (wardialing), to wireless network sniffing (wardriving), to physical network port scanning, to physical monitoring and intrusion. Consequences: • Although computer network security is undeniably important, unlike enterprise network security, a compromised control system can have significant impacts within real-world life. These impacts can have far-reaching consequences not previously thought, or in areas that could affect other industrial sectors and their infrastructures. • Enterprise network security breaches can have financial consequences: Customer privacy becomes compromised, computer systems need to be rebuilt, etc. • A breach of security of a control system can have a cascade effect on other systems, either directly or indirectly connected to those control systems that have been compromised; however, not only can property be destroyed, but
