Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN...
-
Upload
victoria-ward -
Category
Documents
-
view
222 -
download
0
Transcript of Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN...
![Page 1: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/1.jpg)
Control SystemCyber-Security Workshop
A Summary of Yesterday’s Meeting
Dr. Stefan Lüders (CERN IT/CO)with slides from P. Chochula (ALICE), S. Gysin (FNAL), T. Lahey (SLAC),
M. Leech (Diamond), T. Ohata (JASRI/SPring-8), D. Quock (ANL),A. Yamashita (SPring-8), Z. Yin (BNL), and T. Zingelman (FNAL)
ICALEPCS, Knoxville (U.S.), October 15th 2007
![Page 2: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/2.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Changing Times
![Page 3: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/3.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Cyber-Risks
![Page 4: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/4.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
(CS)2 in HEP ― The Agenda
http://indico.cern.ch/conferenceDisplay.py?confId=13367
![Page 5: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/5.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Variety & Diversity in Products
![Page 6: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/6.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Balance Risk, Safety & Usability
![Page 7: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/7.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Defense-In-Depth
![Page 8: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/8.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Network Segregation
![Page 9: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/9.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Rules for Remote Access
![Page 10: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/10.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Remote Access Tools
![Page 11: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/11.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Central PC Management
![Page 12: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/12.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Web-based Technologies
![Page 13: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/13.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Authentication & Authorization
![Page 14: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/14.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
What about Industry ?
![Page 15: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/15.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Summary
An overdue technology change:► Modern control systems take advantage of “office”-IT standards…► …but also inherit the inherent cyber-risks !
For mitigation,major labs follow a “Defense-in-Depth” approach:► Network segregation & remote access procedures► Central installation schemes► Generalized Authentication & Authorization schemes
![Page 16: Control System Cyber-Security Workshop A Summary of Yesterday’s Meeting Dr. Stefan Lüders (CERN IT/CO) with slides from P. Chochula (ALICE), S. Gysin (FNAL),](https://reader036.fdocuments.us/reader036/viewer/2022062309/56649e7b5503460f94b7bc01/html5/thumbnails/16.jpg)
Dr. Stefan Lüders (CERN IT/CO) ― DESY ― 20. Februar 2007 “Summary on the (CS)2/HEP Workshop” — Dr. Stefan Lüders et al. — ICALEPCS ― October 15th 2007
Thank you very much !
I would like to thank all presenters and participants,making this workshop such a success.► Special thanks go to Karen, Lori, David & colleagues for the organization !!!