#RSAC
SESSION ID:
#RSAC
SESSION ID:
Aleksander Gorkowienko
SCADA/ICS Inherited Insecurity:
From Nuclear Power Plants to
Oil Rigs
SBX1-W3
Managing Consultant
Spirent Communications
Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
ICS/SCADA 1-0-1
2
Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
Where Are Industrial Control Systems (ICS) Used?
3
Industrial processes
Manufacturing processes
Power generation
Critical national infrastructure
Electricity transmission
Water treatment and distribution
Oil and gas pipelines
Transportation
Vehicles and infrastructure (trains,
metro, tankers, airplanes, etc.)
Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
What Is So Special About ICS?
4
Proprietary systems
Long service life span (sometimes beyond 20
years)
Not easily upgradable (sometimes not
upgradable at all)
Specialized communication, including many
legacy ICS protocols wrapped in TCP or UDP
Most often not designed with security in mind
VERY HACKABLE…
Presenter’s Company
Logo – replace or
delete on master slide
#RSAC
Typical ICS Architecture
5
Field device
Industrial process
Control Centre
Sensor
Sensor
HMI
Enterprise network
Gateway
Control
network
Data diode
Corporate
network
Supervision
PLC
PLC
PLC
