© Siemens AG 2011. All rights reserved.

openlab III

Board of Sponsors 3-4 May 2011 at CERN Joint Report Siemens - CERN

© Siemens AG 2011. All rights reserved.

Trends: Industrial Security

Status openlab III

Plans for openlab IV

Outline

© Siemens AG 2010. Alle Rechte vorbehalten.Industry SectorSeite 3 I IA AS R&D – 3.5.2011

Example SIEM Sources : Gartner – Magic Quadrant for Security Information and Event Management Wikipedia, the free encyclopedia

Security Information and Event Management (SIEM) technology provides two major functions for security events from networks, systems and applications:

Security Information Management (SIM) log management and compliance reporting

Security Event Management (SEM) real-time monitoring and incident management

SIEM Capabilities

Data Aggregation: SIEM solutions aggregate data from many sources, including network, security, servers, databases, applications, providing the ability to consolidate monitored data.

Correlation: looks for common attributes, and links events together into meaningful bundles.This technology provides the ability to perform a variety of correlation techniques to integrate different sources, in order to turn data into useful information.

Alerting: the automated analysis of correlated events and production of alerts, to notify recipients of immediate issues.

Dashboards: SIEM tools take event data and turn it into informational charts to assist in seeing patterns, or identifying activity that is not forming a standard pattern.

Compliance: SIEM applications can be employed to automate the gathering of compliance data, producing reports that adapt to existing security, governance and auditing processes.

Retention: SIEM solutions employ long-term storage of historical data to facilitate correlation of data over time, and to provide the retention necessary for compliance requirements.

© Siemens AG 2011. All rights reserved.

Outline

Trends: Industrial Security

Status openlab III

Plans for openlab IV

Main activities:SecurityPVSS

Security test bench

Goal: a test bench for reliable and reproducible test of PLCs

Scope: Security as defined in community Result:

A security model defined (based on ISA99) A survey of existing tools has been completed A test bench (TRoIE) is implemented with these

tools (e.g. fuzzing techniques). It has been used to test several Siemens PLC models

It is being ported from Linux to Windows to be deployed in Siemens premises.

CERN openlab Major Review Report January 2010 6

Development Environment SVN plugin

Web Access Web plugin Pocket Client

Deployment PVSS Version Reporting Tool Installation Tool

Runtime environment

PVSS

7CERN openlab Major Review January 2010

PVSS – Development environment

Goal: integration of source code management facilities

Scope: All PVSS projects artifacts Panels, Data Points, Source code

Results A prototype developed and presented to key

CERN users Will be integrated in future PVSS versions

8

PVSS – Web access

Goal: Test and evaluation of the ETM solutions Scope: Web client and pocket client Results

Web client – several versions tested in the CERN environment. The results were reported, the performances of the last version were comparable to native PVSS HMI. The tool has been presented to key users.

Pocket client: The first pre version of the pocket client was presented and tested at CERN. A new product, the Ultra Thin Client, is being introduced and will be evaluated in similar conditions.

9

PVSS deployment and installation

Goal: Ease the deployment of PVSS projects in large installation

Scope: Version report tool, installation tool Results

Version report tool: The tool developed at CERN has been reviewed and is included in PVSS solutions

Installation tool: A solution was initially developed at CERN. This was reviewed with ETM to identify requirements for a common solution.

10

PVSS runtime environment

Goal: Validation of archiving with ORACLE Scope: New PVSS architecture storage

modules Results:

On going work to implement a storage module for ORACLE.

11

Step 7 deployment

Goal: Deployment of the programming environment on large infrastructure.

Scope: New version of Step 7 (from v11) Result:

Several approaches have been identified and ranked.

A solution has been selected • Product installed in a server• Customizable scripts wrapped in MS Installer

packages

Tested on Step7 V11 Official release with Step 7 V12

CERN Openlab Major Review meeting – 2009 12

Project Follow-up

Regular contacts Siemens internal reporting openlab major and minor reviews See annex for full list of reports

13

© Siemens AG 2011. All rights reserved.

Outline

Trends: Industrial Security

Status openlab III

Plans for openlab IV

© Siemens AG 2011. All rights reserved.

openlab IVCollection of potential Objects

Proposals based on the result of the Workshop, May 2011

Industrial Communication- high speed, IP Standards- validation, engineering, comparison with AV Bridges and Siemens-Standards- OPC UA

Industrial Security - security concepts in IP based automation systems

Engineering and process simulation - process modeling- simulation- tools- UNICOS- Integrated Control Application

Use of Multicore Technology for PLC and embedded systems- programming, experiences (Research Topic)

Condition Monitoring- CM at CERN (high complexity, high availability)

HW-Design considering special requirements- reliability, emc, radiation

© Siemens AG 2011. All rights reserved.

Thank you for your attention!