Professional Documents
Culture Documents
Infrastructure
Security:
The
Emerging
Smart
Grid
Cyber
Security
Lecture
5:
Assurance,
Evalua$on,
and
Compliance
Carl
Hauser
&
Adam
Hahn
Overview
Evalua$on
Common
Criteria
Security
Tes$ng
Approaches
SoFware
Tes$ng
Formal
Methods
Terminology
Why?
Need
to
ensure
system
security
mechanisms
opera$ng
as
designed
Assurance
our
es$mate
of
the
likelihood
that
a
system
will
fail
in
a
par$cular
way
Evalua$on
the
process
of
assembling
evidence
that
a
system
meets,
or
fails
to
meet,
a
prescribed
assurance
target
Security
Tes$ng
Goals
Network
Discovery
Techniques
Port
Scanning
Network
Monitoring
Network
Policy
Analysis
System Vulnerabili$es
Vulnerability
Scanning
Con$nuous
Monitoring
SoFware Security
Sta$c
Analysis
Dynamic
Analysis
Fuzz
Tes$ng
Attacker
1)
Access physical
network (e.g., WiFi)
3)
Target Network/Systems
System/Port
Scanning
System Scanning
1)
on a network
-Ping sweep
...
3)
ICMP Echo R
Attacker
4)
List of systems on
network
Port Scanning
-search system for open
ports (services)
-TCP Syn Scan
Attacker
esp. 1.1.1.2
...
st Unreachab
ICMP Dst. Ho
1)
1.1.1.0/24
Target System
...
Po
TCP Syn/Ack
TCP RST Port
rt 1
1.1.1.2
65535
2)
If TCP port listening:
-send TCP Syn/Ack
Else
-send TCP Reset
...
List of open ports
And system properties
(e.g., operating system)
le. 1.1.1.254
2)
If system exists:
-send ICMP
Echo Response
Else
-send ICMP Dst.
Host Unreachable
1.1.1.254
esp. 1.1.1.1
ICMP Echo R
3)
4)
Target Network
Vulnerability
Scanning
2)
1) Op
enssl
2) TC
1)
conne
P Con
3) Inje
Vulnerability Scanner
2 Port
ort 44
llshoc
3)
ucce
1) Co
on S
necti
2)Ap
3
k vuln
.
ac
2 Ba
he 2.
Target System
ss
nner
e?
pons
4)
List of vulnerabilities,
Example:
-SSL v2
-Apache 2.2
-Shellshock
443
...
-database of vulnerability
indictors, including:
- Configurations (e.g., TLS)
- Software versions
- Vulnerabilities
n e ct P
ct She
Attacker
ct -sslv
3) Sh
k res
llshoc
Examples:
Con$nuous Monitoring
Analysis
Tool
Assessment
Protocol
Core Technologies
System 1
Switch
SCAP
Agent
hVp://csrc.nist.gov/publica$ons/nistpubs/800-126-rev1/SP800-126r1.pdf
System n
Analysis techniques
Security
Policy
FW
Rules
Analysis
Tool
Packets
Network
SoFware Tes$ng
Dynamic
Analysis
Analyzes
code
by
monitoring
its
execu$on
Can
iden$fy
errors
at
run$me
More
sound
than
complete
Actually
executes
each
path
Low
false
posi$ve
rates
Fuzz
Tes$ng
Randomized
fault
injec$on
Weaknesses:
Some
commercial
tools
for
smart
grid
protocols
(e.g.,
DNP3,
IEC
61850)
Common
Criteria
Protec$on
proles
hVp://www.commoncriteriaportal.org/les/eples/st_vid10390-st.pdf
Compliance
Versions
v3
Current
v5
-
Eec$ve
4/1/16
v5
-
Bright
Line
Criteria
to
classify
cyber
assets
based
on
viola$on
risk
factor
(VRF)
High
Most control centers for reliability coordinators, balancing authori$es, generator operator
Medium
Transmissions
facili$es
over
500kV,
or
200-499kV
with
interconnec$on
with
>2
lines
Special
protec$on
systems
From
v3
CIP-003-3
Security
Management
Controls
R5.2
at
least
annually
the
access
privileges
to
protected
informa$on
to
conrm
that
access
privileges
are
correct
R2.1
use
an
access
control
model
that
denies
access
by
default
R2.2
enable
only
ports
and
services
required
for
opera$ons
and
for
monitoring
Cyber
Assets
within
the
Electronic
R2.3
maintain
a
procedure
for
securing
dial-up
access
to
the
Electronic
Security
Perimeter(s)