© 2017 WIND RIVER. ALL RIGHTS RESERVED.

MIGRATING YOUR LEGACY INDUSTRIAL CRITICAL INFRASTRUCTURE SYSTEM TO THE IOT SECURELY WITH VIRTUALIZATION

Alex Wilson

Director, Market Development

2 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

DIGITAL BUSINESS TRANSFORMATION

Business Drivers

New approach for business strategy

Increased efficiency, safety, resource sustainability

Need for smart maintenance approaches

The Use of Technology to Radically Improve the Performance or Reach of Enterprises

3 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

DIGITAL TRANSFORMATION

Business Impact

Data-enabled intelligent systems

Lifecycle costs

Safety while enabling connectivity

Security maintenance

Industrial IoT

Consolidation & Virtualization

Functional safety

Cybersecurity

4 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

THE INDUSTRIAL INTERNET OF THINGS (IIOT)

Driving digital business transformation

Enabling optimization at scale

Services based on machine data enabling:

– Reduced operational expenditure

– Efficiency of resource usage

– Flexibility of manufacturing

CLOUD

FOG

5 © 2017 WIND RIVER. ALL RIGHTS RESERVED. © 2016 Wind River. All Rights Reserved. 5

An Intel Company

EAST - WEST

NO

RT

H - S

OU

TH

CONSOLIDATION & VIRTUALIZATION 2 DIFFERENT COMPETENCIES

6 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

IIOT EXPOSES SYSTEMS TO VULNERABILITIES

Each node in the end-to-end topology represents one or more attack vectors

CLOUD

FOG

https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

http://www.zdnet.com/article/target-confirms-breach-40-million-accounts-affected/

https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01

https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

7 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

KEY IOT DEVICE CYBERSECURITY REQUIREMENTS

How to migrate your critical infrastructure system securely to the IoT

1. Cybersecurity development plan

2. Cybersecurity development process

3. Secure your device in all phases of operation

4. Secure your communications

5. Partition and separate your safe/certified applications and add new IoT applications

6. Cybersecurity remote monitoring and updates

7. Real-time cybersecurity analytics

8 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

Implementation Protect Detect

Respond Recover

Return on Investment (ROI)

Return on Security Investment (ROSI)

Risk and business

discussions

Risk

Likelihood Scale

Impact Scale

Incident

Consequences

Quantify Risk

Business Justification

CYBERSECURITY DEVELOPMENT PLAN Start with a cybersecurity risk assessment plan

9 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

NIST CYBERSECURITY FRAMEWORK

Broad appeal across Industries Specified by

– FDA for Medical

– DoE for Energy

– DoHS Guides

Critical Infrastructure Guides (7 sectors)

– Manufacturing Profile (2017)

– FCC for Telecoms

– United Nations for Maritime Security

Translations and Adaptations

– Italy’s National Framework for Cyber Security

– Philippine National Security Plan

– Japanese Translation

10 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

HELIX SECURITY FRAMEWORK

Develop your cybersecurity plan

Based on the CIA Triad

– Industry standard model to represent security

Each principle is broken into security-related categories

Each category is decomposed into implementations

When the implementations are brought together,

– The Security Policy is defined Trusted Platform

Development Processes

• Privacy

• Separation

• Key Management

Confidentiality

Security Policy

Security Assessment

• Data Integrity

• Boot Process

• AAA

Integrity

• Whitelisting

• Intrusion Protection

• Management

• Counter- measures

Availability

11 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

CYBERSECURITY DEVELOPMENT PLAN

Using the cybersecurity triad

Confidentiality

– Rules to limit access to the device and data

Integrity

– Assure the device and data is trustworthy

Availability

– Assure access is available to the device and data

Device and Data

Security

12 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

CYBERSECURITY DEVELOPMENT PROCESS

Select and

review process

standards

Select and

review process

checklists

Establish

and review

requirements

baseline

Architecture

definition

Architecture

review

Design definition

Design review

Test plan

preparation

Static analysis

Manual

code review

Test execution

Process

compliance

analysis

Security validation

Final release

review

PSIRT

Implement Deploy Assessment Architecture Design

CVE Checker

13 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

SECURING THE DEVICE

Design

Secure Development Processes

Signed binary

delivery

IEC 62443

IEC 27034

Boot

Secure boot/load

Measured boot/load

Signed binary

application

authentication

Runtime

Secure Partitioning

Cryptography

User authentication /management

Auditing/logging

Power Down

Encrypted storage

Sanitization

14 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

SECURING THE COMMUNICATIONS

Design

Secure Development Processes

Signed binary

delivery

IEC 62443

IEC 27034

Boot

Secure boot/load

Measured boot/load

Signed binary

application

authentication

Digital

certificates/PKI

Remote attestation

Runtime

Secure Partitioning

Cryptography

User authentication /management

Auditing/logging

Network security

SSL/SSH

IPSEC/IKE

Firewall

Power Down

Encrypted storage

Sanitization

15 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

PARTITION AND SEPARATE NON-SECURE APPLICATIONS

Migrate legacy critical infrastructure

Use virtualization to separate critical applications

Add new IoT functionality without re-certification cost and effort

Reduce overall project risk

VxWorks

Secure New Applications

Non-Secure IoT

Application

Secure Legacy Application

Core 1 Core 2 Cores 3-4

16 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

CVE-2010-2943 CVE-2011-

1020 CVE-2012-3412 CVE-2013-4312

Releases

Alerts

Fixed

2010 2011 2012 2013 2014

2 4 3 3

645 433 70 341

5186 5288 4150 4639 7937 6488

4 4

2015

1844 2330

2016

5157

6449

4

CVE-2014-0160 aka

Heartbleed

CVE-2015-0235 aka Ghost

CVE - CVE-2016-0800 aka

DROWN

CYBERSECURITY REMOTE MONITORING

17 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

CYBERSECURITY REMOTE MONITORING AND UPDATES

Cybersecurity protection for deployed devices

MITRE CERT

Customers security-alert@ windriver.com

Product Security Response Team

Defect Filed

Consolidated OLS Notification

Proactive OLS Notification

Does Not Affect Product

Applicable to Product

Patch and OLS Notification

18 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

REAL-TIME CYBERSECURITY ANALYTICS

Real-time cybersecurity insight realization and response

Your system itself needs to be self-monitoring

– Autonomous actions

– Monitor for data leaks / insertion

– Potential data taint

– Communications other than what is expected

19 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

WIND RIVER SECURITY SOLUTION PORTFOLIO

Wind River Professional Services Helix Security Framework

VxWorks Portfolio | hard real-time safety & security

Wind River Linux | secure embedded Linux

Pulsar | ready-to-use embedded Linux

Device Agents | connectivity, monitoring, &

management

Titanium Edge | carrier grade NFV/SDN

Titanium Control | embedded xFV/SDx

Pulsar | ready-to-use embedded Linux

Helix Device Cloud | device management

Helix CarSync | secure OTA updates

Titanium Cloud | carrier grade NFV/SDN

Sim

ics

| s

imu

lation –

de

vic

e to

syste

m

CLOUD

FOG

19 © 2017 WIND RIVER. ALL RIGHTS RESERVED.

Cybersecurity must

– Begin with the project design

– Cover all aspects from process, deployment, maintenance

– Last for entire project lifecycle

Legacy systems can be brought into the IIoT using virtualization

Virtualization can also help ensure cybersecurity in your systems by isolating potential vulnerabilities from your critical code and communications

™

21 © 2017 WIND RIVER. ALL RIGHTS RESERVED.