Securing the Manufacturing Digital Thread
-
Upload
frank-backes -
Category
Documents
-
view
17 -
download
2
Transcript of Securing the Manufacturing Digital Thread
Securing the Manufacturing Digital Thread
Frank Backes President - CTRAC
Center for Technology, Research and Commercialization
Why Security
Business Stability & Profitability Improving Safety, Reliability and Availability Customer/Market Imposed Requirements Regulatory Requirements Corporate Image and Reputation Legal Liabilities
Potential Consequences Physical – Economic – Social
National Security
Loss of Production
Injury
Damage to Equipment
Environmental Damage
Product Contamination
Loss of Intellectual Property
Impacted Reputation
WHO
Information Technology
Operations Technology
Build and Train a Cross-Functional Team
CSO Control Engineers
Control Systems Operators Subject Mater Experts
CIO Network Engineers IT Administrators
IT Support
TRADITION
Step 1 – Assess Existing Systems Step 2 – Document Policies & Procedures Step 3 – Train Personnel & Contractors Step 4 – Segment the Control System Network Step 5 – Control Access to the System Step 6 – Harden the Components of the System Step 7 – Monitor & Maintain System Security
EFFECTIVE • PREDICTABLE • COMPLEX • SLOW • EXPENSIVE • HARD TO GET STARTED
AGILE SECURITY
ASSESS PRIORITIZE EXECUTE ITTERATE
START NOW – ONE PROJECT – INCREMENTAL IMPROVEMENT
FIRST PROJECT NETWORK SEGREGATION
CONTROL NETWORK
COPORATE NETWORK
Users
Control Server
DMZ
HMI
Data Historian
Data Server
Cross Domain Guard Protocol B
Protocol A
NIST Recommendation
QUESTIONS?