Professional Documents
Culture Documents
com
Agenda
Cyber Security
Multiple aspects / considerations, Standards & certificates
Remote Services
Service Node
Private Remote Service Center
Virtual Patching (if time allows)
We cant work safe without security controls to protect people and organizations against
hazards and e.g. intellectual property theft. (access control, authentication, etc.)
Despite security systems, people create (unintended) unsafe conditions (like sharing
information, later used in some form of physical / cyber attack)
Page: 2
Honeywell Proprietary
Year: 2011
Honeywell.com
Electronic
Physical
Security is built by a Defense in Depth Strategy
Multiple layers, each containing multiple security
solutions
Total defense to be in line with acceptable risk profile
Detect security incidents timely and handle before
harmed >>> Be Prepared
Page: 3
Honeywell Proprietary
Year: 2011
Honeywell.com
Just before Christmas 1988, Pan Am Flight 103 was blown up over Scotland, killing the
259 passengers and crew members on their way from London to New York and 11
people on the ground
From the evidence it has been proved that the primary suitcase containing the
explosive device was dispatched from Malta, passed through Frankfurt and was loaded
at Heathrow.
The absence of an explanation as to how the suitcase was taken into the system is a
major difficulty
Page: 4
Honeywell Proprietary
Year: 2011
Honeywell.com
Safety
Control Systems
Systems
Page: 6
Honeywell Proprietary
Year: 2011
>300 open (unknown to
Honeywell.com
public) vulnerabilities
requiring patches
Cyber security in the news daily Security Institutes paying
NIGHT DRAGON >1500 people to find new
vulnerabilities
Steal information (financial
documents related to field
exploration and bidding and
even data from SCADA
systems)
Target: Global oil, energy,
and petrochemical
companies
STUXNET
Sophisticated
virus
Specifically
targets industrial
control systems Students will walk out of this class knowing how to find
and exploit bugs in software. This is useful to both
4 zero-day developers and hackers.
attacks The exploit component will teach each common bug type
including: stack overflows, function pointer overwrites,
Spreads by USB heap overflows, off-by-ones, FSEs, integer errors,
uninitialized variable attacks, heap spraying, and more.
keys
Page: 7
Honeywell Proprietary
Year: 2011
Honeywell.com
ISA Standards helps automation professionals streamline processes and improve industry
safety, efficiency, and profitability. Honeywell is strong proponent of standards and as such
actively participates in standards groups such as providing leadership to ISA99 / IEC62443
through co-chairmanship of WG4.
Honeywell is a founding member of the ISA Security Compliance Institute (ISCI). The ISA
Security Compliance Institute developed the ISASecure certification within the framework of
the ISA99 security standards ;
ISASecure certification is an international standard
ISASecure certification provides asset owners security assurances INDEPENDANT
ISASecure certification intended as requirement in procurement documents
Companies like Exida can execute audits based on this, like audits for ISO 9000 are done by
Veritas, Lloyds
Page: 12
Honeywell Proprietary
Year: 2011
Honeywell.com
ISASecure certificate SM
Page: 13
Honeywell Proprietary
Year: 2011
Honeywell.com
Achilles certificate
Security Audit
Check policies, procedures against requirements ISA99
Perform GAP analyses between desired and actual Security Assurance Level (SAL 1-4)
levels by comparing 7 essential security principals for each security layer / zone
Security Assessments
Verify actual situation conform company policies / procedures
Site interviews & verification,
Testing and ethical hacking (under strict regulations can be part )
Report and Recommendations
Page: 15
Year: 2011 Start: Understand the gaps to fix the problems Honeywell Proprietary
Honeywell.com
Remote Services
Page: 16
Honeywell Proprietary
Year: 2011
Honeywell.com
Connection is secured by
Firewalls, proxy / relay servers, VPN tunnels, encryption
two factor authentication (what you know + what you have)
Recordable & auditable
in full control of the site (kind of built-in permit system)
Page: 18
Honeywell Proprietary
Year: 2011
Honeywell.com
Service Node
Enterprise Switch
Proxy
Pair of DELL Server Class devices
Level 4
Server residing within the PCN
Firewall Full PCN view of all connected
Terminal Patch Anti
eServer
Relay devices
Srvr Mgmt Virus Server
Level 3.5 DMZ
Domain ESF PHD Service
Srvr Srvr
Experion EAS 3RD Party App Subsystem
Facilitates secure connectivity
Srvr Node
Srvr
Control Interface
Access completely controlled by
Customer
Level 3
Router Optional HSRP Router Receives and manages patches, AV
ESC ESF ACE Experion EST ESVT Safety Terminal Domain
files and updated scripts
Srvr Manager Srvr Controller
Transfers data, files and alerts
Facilitates all Honeywell remote
Level 2
offerings
Qualified Cisco Switches
Level 1
Captures predictive system
health/performance parameters
Analyzes and alerts, requests more
data or performs actions
Captures standard IT parameters
from 3rd party PCN devices
Page: 19
Honeywell Proprietary
Year: 2011
Honeywell.com
Request Access !
Terminal
Server
Allow?
Page: 20
STOP
Honeywell Proprietary
Year: 2011
Honeywell.com
Honeywell
qualified AV
signature files
(daily updates) Automated
Multi-stage
Deployment
Page: 21
STOP
Honeywell Proprietary
Year: 2011
Honeywell.com
Page: 22
Honeywell Proprietary
Year: 2011
Honeywell.com
Automated
Delivery
Honeywell
Qualified patches
(per system & Manual
per release) Deployment
Honeywell
Service
Engineer
Page: 23
STOP
Honeywell Proprietary
Year: 2011
Honeywell.com
Page: 24
Honeywell Proprietary
Year: 2011
Honeywell.com
Analyze, check
trends, create
reports &
recommendations
Supervisory system
collects performance
info from Controllers
Page: 25
STOP
Honeywell Proprietary
Year: 2011
Honeywell.com
Page: 27
Honeywell Proprietary
Year: 2011
Honeywell.com
Page: 28
Honeywell Proprietary
Year: 2011
Honeywell.com
Training / OTS
Monitoring ; Support
Test Lab & * for Illustration only
Remote Operations
Private
Remote
Service
Center * for Illustration only
Central Infrastructure
Private clouds
Off--site Back
Off Back--up / BCC
Page: 29
Honeywell Proprietary
Year: 2011
Honeywell.com
Thank you
Q&A
Page: 30
Honeywell Proprietary
Year: 2011
Honeywell.com
Malware contamination
No Malware contamination
Malware communication
is stopped while other
communication continues
Page: 31 STOP
Honeywell Proprietary
Year: 2011