System Protection Profile Industrial Control Systems V1'0

1
System Protection Profile Industrial Control
Systems V1.0

• Ron Melton
• Decisive Analytics Corporation
• ron.melton_at_dac.us

2
Outline of Presentation

• Background What is a System Protection Profile
• Structure of the SPP-ICS
• What has changed from V0.91 to V1.0
• How to use the SPP-ICS
• What next

3
What is a System Protection Profile?

• A documented risk analysis including
  identification of
• Critical information and related assets
• Threats
• Threat agents
• Vulnerabilities
• Categories of risk
• Level of acceptable risk
• A logical statement of security objectives and
  requirements for a system
• A logical / conceptual design document for the
  system of security
• The basis for system certification and
  accreditation

4
Structure of the SPP-ICS

• Introduction
• STOE Description
• STOE Security Environment
• Risks
• Security Objectives
• Security Requirements
• SPP Application Notes
• Rationale
• Acronyms

5
What has changed from V0.91 to V1.0

• The document now covers the full range of
  material expected in an SPP
• Application notes were added
• Comments on V0.91 were incorporated to the extent
  possible

6
Use of the SPP-ICS (1)

• There are different audiences for different parts
  of the document
• Rationale evaluators of the SPP-ICS
• Introduction and STOE Description managers and
  interested parties
• The entire document developers and integrators,
  security architects
• The document is a starting point not an ending
  point

7
Use of the SPP-ICS (2)

• In use a risk assessment on the ICS must be
  completed.
• The results of the risk assessment are used
• As inputs to refine the table of risks
• To prioritize risks
• To identify and differentiate critical assets and
  associated impacts
• These results in turn
• Guide the refinement of security objectives
• Refine the list of security requirements
• See section 7, Application Notes, for further
  information (in particular section 7.1.1)

8
SPP-ICS Relationships
Component PPs
System PPs
System STs
Component 1 PP
Component 1 PP
9
What next?

• Though complete, the SPP-ICS is still rough
• Further refinement is needed, e.g.,
• The current set of requirements is extensive
• Are management and administrative requirements
  complete?
• The rationale is a first cut
• We hope to find opportunities
• To further refine the SPP-ICS
• To develop focused SPPs such as an SPP-SCADA
• To develop system security targets
• To derive component protection profiles and/or
  security targets
• To apply the SPP-ICS to specific systems in the
  real world

10
Conclusion

• The SPP-ICS is intended to represent industry
  end-user requirements to industrial control
  system vendors and system integrators
• The current version is a starting point further
  work is needed
• Decisive Analytics is planning training courses
  for executives, managers and technical staff

11
Training

• Executive
• One day course
• How to manage cyber security using a systematic,
  Common Criteria oriented approach
• Strategic in nature
• Will include the SPP-ICS as an example
• Practitioner
• Two day course one day of theory, one day of
  application
• System security engineering using the Common
  Criteria, SPP-ICS is used as a case study
• Expressions of Interest
• Please send expressions of interest to
• CCTraining_at_dac.us

12
Contact Information

• Keith Stouffer
• stouffer_at_cme.nist.gov
• 301-975-3877
• Murray Donaldson
• murray.donaldson_at_dac.us
• 410-884-7000 x225
• Ron Melton
• ron.melton_at_dac.us
• 301-591-1635