Wednesday, July 20, 2016
Hangzhou Zhong’an Holiday Hotel
The water glimmers when the sun shines, and the mountains appear mysterious in the rain.
On July 20, NSFOCUS was invited to the site of the 5th Industrial Control System Information Security Summit 2016, engaging in discussions and learning about the current state of industrial control system information security in China with experts and scholars from various fields.
Conference Scene
The conference was hosted by the Industrial Control System Information Security Industry Alliance (ICSISIA), organized by the alliance’s secretariat and the Automation Exhibition of the Power Automation Professional Committee of the China Automation Society, with support from the State Grid Zhejiang Electric Power Company and the Zhejiang Automation Society. At the conference, Mr. Zhou Ruikang, a standard engineer from the Information Security Research Center of the China Electronics Standardization Institute, provided a detailed interpretation and introduction of the pilot application of the Industrial Control Security Alliance standards. The construction of the standard system, the establishment of the evaluation system, and the pilot of industrial control standards became hot topics for discussion after the conference.
Thinking Comprehensively About Industrial Control System Security
NSFOCUS Expert Presentation
As one of the dedicated security vendors in the field of industrial control information security, NSFOCUS analyzed potential threats in industrial control systems from three dimensions: security threats faced by industrial control systems, the security vulnerabilities throughout the industrial control lifecycle, and comprehensive security considerations for industrial control systems, sharing comprehensive insights based on NSFOCUS’s research capabilities in industrial control security.
With the introduction of the integration of informatization and industrialization policies, Chinese manufacturing is transitioning to intelligent manufacturing, aiming for “Made in China 2025” as the benchmark for the transformation of the intelligent manufacturing industry. The Chinese intelligent energy system, i.e., the Internet + industrial system, is developing towards a trend that combines multiple fields and elements, including people, objects, data, technology, analysis, operation, management, implementation, and monitoring.
In the context of the integration of information technology and industrialization, from the hacker intrusion incident in Arizona, USA in 1994 to the attack on the generator of the power system by the Department of Homeland Security in the USA in 2008, it is evident that both one-time targeted attack incidents and premeditated hacker serial attack incidents pose significant threats and damages to industrial production environments.
NSFOCUS Expert
Establishing a Comprehensive Protection System to Ensure Industrial Control System Security
Analyzing the attack incident on the Iranian nuclear power plant in 2010, we deduce that the infection of external hosts leads to “ferrying” attacks on isolated networks via removable storage devices, ultimately damaging the control systems in the production environment. NSFOCUS analyzed and simulated the distribution of attack behaviors in industrial environments and proposed unique perspectives on industrial control security. We particularly emphasized the security management philosophy of the entire lifecycle of industrial control systems, ensuring security throughout the design, selection, testing, construction, operation, maintenance, and decommissioning stages of industrial control systems, focusing on internal network penetration that integrates with business operations to the final possible attack points. We proposed the “Comprehensive Security Considerations for Industrial Control Systems”.
Building a comprehensive protection system from the perspectives of security technology, security management, and secure operation, integrating regulations, visual operation, attack visualization, and combining on-site and remote monitoring with measurable anomaly perception.
The industrial control security solutions proposed by NSFOCUS will integrate the single-point protection and comprehensive protection security systems with the continuously operable industrial control security philosophy, introducing external threat intelligence from the NSFOCUS Threat Intelligence Center and situational awareness platform. By monitoring external security threats to industrial control systems through threat intelligence and situational awareness; establishing behavior baselines through the calculation and analysis of logs, event information, and basic data information of internal components of the industrial control system, we will create a comprehensive monitoring and early warning platform for industrial control system security that spans data, applications, hosts, networks, PLC/DCS/RTU, and other control devices. By organically integrating IT security with OT security, we will build a continuously operable security assurance system covering the entire lifecycle of industrial control systems.
Security warnings, traceability, and situational awareness
 |
Please click the “…” in the upper right corner of the screen Follow the NSFOCUS WeChat accountNSFOCUS-weixin |
↑↑↑ Long press the QR code to download the NSFOCUS Cloud APP