Minimizing Cyber Security Threats to the Simulator

17 January 2017 Bernard Gagnon

Sales Manager

2017  Power  Plant  Simulation  Conference  (PowerPlantSim’17)

© 2017 L3 MAPPS. All rights reserved.

Topics

• Introduction  

• Simulator  Architecture  and  Technologies  

• Simulator  Network  Security  

• Conclusions

2

This  presentation  is  not  meant  to  be  all-­‐inclusive  on  cyber  security. L3  MAPPS  is  sharing  some  of  its  thoughts  and  approaches  for  your  consideration.

Introduction

© 2017 L3 MAPPS. All rights reserved.

Introduction

• Follow  up  on  the  PowerPlantSim  2016  presentation  

– Protecting  IT  Assets:  Simulator  Security  in  a  Changing  World  

▪Focused  on  L3  MAPPS’      

–Mechanisms  for  customer  data  protection    

–Network  security    

–Internal  processes  

• This  presentation  focuses  specifically  on  simulator  security  

• Goal  is  to  share  some  thoughts  and  provide  you  with  something  to  think  about…

4

© 2017 L3 MAPPS. All rights reserved.

Introduction

• Data  breaches  across  all  industries  are  frequently  occurring    • Small  and  large  companies  are  at  risk    • Personally  identifiable  information  as  well  as  company  proprietary  data  is  being  targeted  • Power  plant  sites  are  not  immune  to  these  attacks  • Nuclear  industry  is  mandating  stricter,  more  comprehensive  cybersecurity  controls  on  plant  systems    • Cybersecurity  protection  enhancements  should  also  be  considered  for  training  simulator  systems    • With  global  workforces  and  remote  collaboration,  remotely  accessible  simulator  development  systems  and  documentation,  Internet  access  is  inevitable  

• Information  security  and  information  sharing  are  opposing  forces    – The  goal  is  to  allow  cyber  defenses  to  allow  secure  sharing

5

© 2017 L3 MAPPS. All rights reserved.

Natanz  Nuclear  Facility  Stuxnet  Attack o Customized  malware  for  control  systems o Infected  USB  flash  drives  used  to  

perform  updates  on  control  systems o Took  one  year  to  discover  the  malware

Cyber Attacks (Examples)

6

KHNP  Cyber  Attack o Details  of  the  security  breach  not  public o Hackers  publishing  blueprints  on  nuclear  

reactors  on  the  Internet o Leak  did  not  impact  the  reactors    

Ukraine  Power  Grid  Attack o Destructive  “BlackEnergy”  malware o Shut  down  power  grid  for  6  hours,  80K  

customers  affected o Spear  phishing  via  corrupted  WORD  

document

Yahoo!  Emails  Data  Breach  o 500M  accounts  compromised  o Yahoo!  has  not  yet  identified  the  

intrusion  associated  with  the  theft

JPMorgan  Chase  Co.  –  Stock  Trading  Service o Hackers  entry  through  a  “neglected”  server  

(not  updated  with  latest  IT  security  updates)  o Hackers  stole  the  login  credentials  of  an  

employee  to  gain  access o Personally  identifiable  information  of  more  

than  83M  customers  accessed

Inform

ation  on

 this  slide  is  simplified  and

 is  for  illustrative  pu

rposes  only.  

US  Office  of  Personnel  Management  Hack o OPM  announces  data  breach  in  June  2015 o Personally  identifiable  information  of  18M  

breached o One  of  the  largest  breaches  of  government  

data  in  US  history

© 2017 L3 MAPPS. All rights reserved.

Quick Facts

• Tripwire  survey  (November  2015)  of  150  information  technology  workers    

– More  than  75%  reported  that  their  companies  in  the  oil,  natural  gas  and  electricity  sectors  had  experienced  at  least  one  "successful"  cyberattack  in  the  past  12  months  

▪Meaning  intruders  were  able  to  breach  one  or  more  firewalls,  antivirus  programs  or  other  protections  

– More  than  80%  believe  a  cyber  attack  will  cause  physical  damage  to  critical  infrastructure  

– 50%  said  the  number  of  attacks  have  increased  in  the  past  year

7

© 2017 L3 MAPPS. All rights reserved.

Quick Facts

• Source:  www.hackmageddon.com

8

Simulator Architecture and Technologies

© 2017 L3 MAPPS. All rights reserved.

Example Simulator Network

10

© 2017 L3 MAPPS. All rights reserved.

• Simulation  servers  

• Computers  

– Engineering  workstations,  instructor  stations,  HMIs  

– Classroom  simulators  

• Main  (and  auxiliary)  control  room  hardware  panels  

– I/O  system  with  Programmable  Logic  Controllers  (PLC)  and/or  controller  boards  

– Smart  devices  with  embedded  logic,  including  firmware  

• Peripherals  

– Printers,  projectors,  smart  TVs,  etc.

• DCS  /  PPC  /  HMI  

– Stimulated  or  simulated  

– Using  commercial-­‐off-­‐the-­‐shelf  computers  or  OEM  vendor  specific  hardware  

• Audiovisual  system  equipment  

– Cameras  (Analog  and/or  IP)  

– Microphones  (ceiling,  lapel,  etc.)  

• Wireless  Access  Point(s)  (WAP)

Typical Simulator Hardware

11

© 2017 L3 MAPPS. All rights reserved.

Simulator Technologies

• Simulators  are  composed  of  various  hardware  components  and  technologies    

– Commercial-­‐off-­‐the-­‐shelf  

– Custom  and  proprietary  hardware  components  

• Technologies  from  different  generations  

– Communication  and  interfaces  

▪Ethernet,  Wi-­‐Fi,  etc.  

▪Bluetooth,  USB,  etc.  ▪Serial  (RS-­‐232,  RS-­‐485,  etc.)  ▪etc.  

– Operating  systems  types  and  versions  

▪Windows  (Windows  XP,  Windows  CE,  Windows  Server  2012,  Windows  Server  2016,  etc.),  UNIX,  Linux,  etc.  

▪Other  operating  systems  for  DCS  computers,  I/O  system,  etc.

12

© 2017 L3 MAPPS. All rights reserved.

Simulator Data and Software

• Plant  Data  – Piping  &  Instrumentation  Diagrams  – Electrical  Diagrams  – Operating  Procedures  – Safety  Analysis  Reports  – etc.  

• Training  Data  – Lesson  Plans    – Test  results  – Exams  

• Software  – Simulator  configuration  (models,  databases,  source  code,  tools,  etc.)  – DCS,  PPC  and  HMI  – PLC  logic  – Third-­‐party-­‐software  (including  freeware)

13

Simulator Network Security

© 2017 L3 MAPPS. All rights reserved.

Simulator Network Security Objectives

• Ensure  training  continuity  

– Simulator  needs  to  be  available  for  training  with  all  components  running  as  needed  

▪Hardware  and  Software  • Prompt  recovery  from  various  undesired  events  (avoid  or  reduce  simulator  downtime)  

– Hardware  

▪Examples:  computer/server  disk  failure,  power  supply  failure,  bad  network  connection,  etc.  

– Software  

▪Examples:  simulator  crash,  configuration  management  issues,  etc.  

• Intellectual  Property  (IP)  protection  

– Owner/operator  information,  OEM  data,  simulator  vendor  proprietary  software  and  other  third-­‐party  software  and  sensitive  information

15

© 2017 L3 MAPPS. All rights reserved.

Previous Way of Protecting the Simulator Network

• Standalone  or  islanded  system  (considered  safer)  

• Static  installation  (inefficient  patching  and  antivirus  updates)  

• Single  administrator  account  with  weak  password  

• Open  SQL  database  

• No  simulator  network  monitoring  

• Poor  IT  system  management/maintenance  

• Basic  recovery  mechanisms  

– Assuming  that  restoring  a  backup  image  of  the  infected  computer  solves  the  situation  

– Does  not  consider  IP  protection  

– Does  not  consider  exam  security  protection

16

© 2017 L3 MAPPS. All rights reserved.

New Reality: Internet Of Things

• What  is  it?  

– Internet  of  Things  is  the  network  of  physical  objects  or  "things"  embedded  with  electronics,  software,  sensors,  and  network  connectivity,  which  enables  these  objects  to  collect  and  exchange  data    

• Examples  

– Smart  phone  watches,  wireless  key  locators,  speakers,  conference  room  automation  systems,  Smart  TVs  

• What  are  the  concerns?  

– Lack  of  wireless  connectivity  security  standards  

▪Vector  for  hackers  to  infiltrate  networks  and  personal  information  

– In  the  business  world  

▪Without  proper  controls,  unsecured  devices  could  be  connected  to  business  networks  by  employees  without  realizing  it  (e.g.  USB  power  charging)  

17

© 2017 L3 MAPPS. All rights reserved.

Simulator is at Risk

• Potential  entry  points  

– Smart  devices  

– USB  ports  and  devices  (mass  storage,  peripherals,  etc.)  

– Bluetooth  devices  

– Wireless  network  

– Audiovisual  equipment  

▪IP  Cameras  

▪Smart  TVs  

– etc.

18

© 2017 L3 MAPPS. All rights reserved.

Other Simulator Risks

• Old  operating  systems  

– No  up-­‐to-­‐date  security  fixes  

• Use  of  unapproved  freeware  

– Examples:  Screen  capturing,  editing  utilities,  steam  tables,  etc.  

• Software  and/or  hardware  components  supplied  by  entities  that  are  not  well  known    

– Firmware,  embedded  software  

– Unknown  software/version

19

© 2017 L3 MAPPS. All rights reserved.

Most Common Cyber Attacks

• Socially  engineered  Trojans  

– Downloading  fake  legitimate  software  such  as  antivirus  or  other  freeware  

• Unpatched  software  

– Old  versions  of  software  without  the  latest  security  patches  

– Examples:  Old  versions  of  Adobe  Reader,  Java,  etc.  

• Phishing  attacks  

– Through  spam  emails  or  websites  

• Network-­‐travelling  worms  

– Programs  moving  through  network  exploiting  shared  network  resources    

• Advanced  Persistent  Threats  (APT)  

– Stealing  of  Intellectual  Property  using  Trojan  files

20

© 2017 L3 MAPPS. All rights reserved.

Consequences of Cyber Attacks on the Simulator

• Simulator  software  not  functioning  as  needed  

– Simulator  down  

– Some  software  components  not  loading  or  not  functioning  correctly  

– Communications  problems  between  computers  and/or  servers  

– Random  simulator  behavior  

– Simulator  hardware  could  be  damaged  if  infected  software  communicates  with  hardware  

• Loss  of  valuable  IP  

– Owner/operator  information  

– Third-­‐party  IP  

• What  about  exam  security  if  a  port  of  entry  is  opened?

21

© 2017 L3 MAPPS. All rights reserved.

Suggested Network Security Strategy

• Deployment  of  firewall  to  control  inbound/outbound  communications  between  simulator  network,  corporate  network  and  others  (if  any)  

– Remote  access  to  the  simulator  requires  two-­‐factor  authentication,  SSL  connection  

• Integration  with  corporate  IT  

– Centralized,  managed  antivirus  system  with  real-­‐time  alerting  to  corporate  IT  

– IT  process  to  test  and  deploy  critical  security  patches  to  simulator  network  

– System  monitoring  tools  

– System  hardening  procedures  

• Controlled  Internet  access/USB  mass  storage  device  blocking  

• Individual  user  accounts  with  different  access  privileges  for  simulator  activities

22

© 2017 L3 MAPPS. All rights reserved.

Suggested Network Security Strategy

• Wireless  devices  and  other  smart  devices  

– Change  all  default  usernames/passwords  on  OEM  components  

• Formal  procedures  to  roll  out  system  updates  

• Mandatory  reporting  of  cybersecurity  incidents

23

Conclusions

© 2017 L3 MAPPS. All rights reserved.

Conclusions

• Cybersecurity  threats  are  real  and  constantly  evolving  

• All  industries,  including  nuclear,  are  being  targeted  

• Training  simulators  hold  sensitive  information  that  needs  to  be  protected  

• Simulator  systems  need  to  be  managed  with  the  same  care  as  other  IT  systems  

• Need  to  leverage  corporate  IT  security  expertise  and  infrastructure  

• Employees  need  to  understand  need  for  enhanced  IT  security

25

Thank you

L3 MAPPS 8565 Côte-de-Liesse

Montréal, Québec, CanadaH4T 1G5

Tel: +1 (514) 787-4999 Fax: +1 (514) 788-1442

Web: www.L3T.com/MAPPS LinkedIn: L3 MAPPS

2017  Power  Plant  Simulation  Conference  (PowerPlantSim’17)