Control System Security in a Post-Stuxnet World
Control System Security in a Post-Stuxnet World
April 2012 (28:22)
In this presentation for the GlobalSpec virtual conference, Eric discusses how merely isolating your plant's control network is not enough as there are multiple paths into an industrial site. Eric goes on to discuss the measures needed, and technologies available, to prevent network attacks, and highlights why security improves plant floor reliability and safety.
 |
0:50 What is Stuxnet? - How Stuxnet has changed the world for Industrial Control Systems |
 |
2:41 How Stuxnet Spread - Could the next worm do the same to a different victim? |
 |
4:19 Gap Analysis - Eric discusses Gap Analysis |
 |
7:06 Stuxnet Phases - The 7 Stages of a stuxnet infection |
 |
8:31 Penetration Stage - How did Stuxnet get in? |
 |
10:19 Propagation Methods |
 |
10:51 Detection Avoidance |
 |
13:34 Stuxnet's Legacy - Exploiting automation device design issues |
 |
14:33 Lessons learned from Stuxnet |
 |
16:00 Protecting against the Son of Stuxnet |
 |
17:35 ANSI / ISA 99 - Using Defense in Depth |
 |
19:14 Using Zones - Defining zones and conduits |
 |
21:35 SCADA / ICS - Eric discusses approiprate technologies |
 |
23:53 Make Security Simple |
 |
24:55 Closing thoughts |
Related Links
- Blog: Using ANSI/ISA-99 Standards for SCADA Security
- Blog: #1 ICS and SCADA Security Myth: Protection by Air Gap
- Blog: Air Gaps won’t Stop Stuxnet’s Children
- White Paper: Using ANSI/ISA-99 Standards to Improve Control System Security
- 60 Minutes, Video: Stuxnet: Computer worm opens new era of warfare