Ronald L. Krutz - Industrial Automation and Control Systems Security Principles

Notice

The information presented in this publication is for the general education of the reader. Because neither the author(s) nor the publisher has any control over the use of the information by the reader, both the author(s) and the publisher disclaim any and all liability of any kind arising out of such use. The reader is expected to exercise sound professional judgment in using any of the information presented in a particular application.

Additionally, neither the author(s) nor the publisher has investigated or considered the effect of any patents on the ability of the reader to use any of the information in a particular application. The reader is responsible for reviewing any possible patents that may affect any particular use of the information presented.

Any references to commercial products in the work are cited as examples only. Neither the author(s) nor the publisher endorses any referenced commercial product. Any trademarks or tradenames referenced belong to the respective owner of the mark or name. Neither the author(s) nor the publisher makes any representation regarding the availability of any referenced commercial product at any time. The manufacturers instructions on use of any commercial product must be followed at all times, even if in conflict with the information in this publication.

Copyright 2013 International Society of Automation (ISA)

All rights reserved.

Printed in the United States of America.

10 9 8 7 6 5 4 3 2

ISBN: 978-1-937560-63-8

No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of the publisher.

ISA

67 Alexander Drive

P.O. Box 12277

Research Triangle Park, NC 27709

Library of Congress Cataloging-in-Publication Data in process

Dedication

To the Pirate Munchkins who have captured my heart:
Patrick, Ryan, Aaron, and Emma

Acknowledgment

I want to thank my wife, Hilda, for her encouragement and support during the writing of this book.

RLK

Contents

About the Author

RONALD L. KRUTZ, Ph.D., P.E., CISSP, ISSEP

Dr. Krutz is Chief Scientist for Security Risk Solutions, Inc. He has more than thirty years of experience in industrial automation and control systems, distributed computing systems, computer architectures, information assurance methodologies, and information security training. He has been a Senior Information Security Consultant at Lockheed Martin, BAE Systems, and REALTECH Systems Corporation, an Associate Director of the Carnegie Mellon Research Institute (CMRI), and a professor in the Carnegie Mellon University Department of Electrical and Computer Engineering. He was also a lead instructor for (ISC)2 Inc. in its Certified Information Systems Security Professionals (CISSP) training seminars. Dr. Krutz founded the CMRI Cybersecurity Center and was founder and Director of the CMRI Computer, Automation and Robotics Group.

He coauthored the CISSP Prep Guide for John Wiley and Sons and is coauthor of the Wiley Advanced CISSP Prep Guide; the CISSP Prep Guide, Gold Edition; the Security + Certification Guide; the CISM Prep Guide; the CISSP Prep Guide, 2nd Edition: Mastering CISSP and ISSEP (Information Systems Security Engineering Professional); the Network Security Bible; the CISSP and CAP (Certification and Accreditation Professional) Prep Guide, Platinum Edition: Mastering CISSP and CAP; the Certified Ethical Hacker (CEH) Prep Guide; Cloud Computing Security; and Web Commerce Security. He is also the author of Securing SCADA Systems and of three textbooks in the areas of microcomputer system design, computer interfacing and computer architecture. Dr. Krutz has seven patents in the area of digital systems and has published more than 30 technical papers.

Dr. Krutz also serves as consulting editor for the John Wiley and Sons Information Security Certification Series and is a Senior Fellow of the International Cyber Center of George Mason University.

Dr. Krutz holds B.S., M.S., and Ph.D. degrees in Electrical and Computer Engineering and is a Registered Professional Engineer in Pennsylvania.

Foreword

Why should we care about the security of industrial automation and control systems? Surely these systems are isolated, segmented, and already well protected. After all, they control manufacturing plants, oil refineries, power plants, and other elements of our critical infrastructure. We know that we cant just casually saunter through the main entrance of a pipeline control center or power plant without the proper credentials but without adequate automation system security controls, the virtual back door may be wide open to uninvited visitors.

Its easy to recognize the potential for harm if industrial automation and control systems were to be manipulated by adversaries, and there are real-world scenarios that both demonstrate such capability and make it clear that there are individuals or organizations with the motive. An obvious example is the Stuxnet family of worms, which have targeted control systems including those purportedly used by Iranian organizations for uranium enrichment.

Industrial automation and control systems are a hidden but integral part of our daily lives. Their components include programmable logic controllers (PLCs), programmable automation controllers (PACs), intelligent electronic devices (IEDs), SCADA servers, and remote terminal units (RTUs), which respond with specific output signals based on the commands they receive. A simple example is a PLC that receives an input signal or command from a sensor, such as a temperature sensor on a machine in an industrial production line. When an alarm condition is detected, the output signal might shut down the machine to avoid overheating and potential damage or fire. With the widespread proliferation of computing and network technologies (e.g., high bandwidth wireless technology and broad availability of the public Internet), a natural evolution has been the development of software systems to monitor, control, and manage critical infrastructure and manufacturing systems.

So how do we figure out what the next Stuxnet, Duqu, Flame or other malicious code that targets industrial control systems might be capable of? What other threats to industrial automation and control systems exist (or may exist in the future) that our critical infrastructure might be vulnerable to, and what can we do about them?

To help answer these questions, Dr. Krutz describes the conditions that expose our critical infrastructure to network-based threats, and presents a method for identifying, prioritizing and mitigating the associated risk. Dr. Krutz seamlessly fuses his deep knowledge of information security risk management techniques with his impressive engineering experience to articulate a readily actionable approach to improving the confidentiality, integrity and availability of industrial automation and control systems through effective risk management.

This book is a compelling eye-opener for organizational leaders and a must read for anyone involved in the management, engineering, or operation of any aspect of our critical infrastructure.