ISASP99: Preventing Electronic Intrusion into Industrial Automation - PowerPoint PPT Presentation

1 / 17
About This Presentation
Title:

ISASP99: Preventing Electronic Intrusion into Industrial Automation

Description:

Defines the characteristics of IACS that differentiate them from other IT ... The Day the Earth Stood Still, 1951. To participate: Charley Robinson. crobinson_at_isa.org ... – PowerPoint PPT presentation

Number of Views:39
Avg rating:3.0/5.0
Slides: 18
Provided by: robert364
Category:

less

Transcript and Presenter's Notes

Title: ISASP99: Preventing Electronic Intrusion into Industrial Automation


1
ISA-SP99 Preventing Electronic Intrusion into
Industrial Automation Control Systems
  • Rahul Bhojani, P.E., CAP Bayer Technology
    Services

2
Why Standards?
  • What is important about standards and what does
    ISA-99 have to offer?

3
Securing the Infrastructure
4
Protecting the Environment
5
Safety
6
Following Good Policies Procedures
7
Efficient and Repeatable Processes
8
Focus Industrial Automation Control Systems
Security
  • Many organizations are working to develop
    security guidelines and standards in vital areas
    of infrastructure protection.
  • ISA-SP99, chartered in late 2002, is leading a
    multi-industry / multi-disciplinary initiative to
    develop standards and guidelines to prevent
    electronic intrusion into Industrial Automation
    Control Systems (IACS).

9
ISA-SP99 Wide Scope
  • Applies to all manufacturing industrial
    processing industries
  • Applies to all control and related technologies
    utilized in these industries, including
  • Supervisory Control Data Acquisition Systems -
    SCADA
  • Energy Management Systems
  • Distributed Control Systems
  • Programmable Logic Controllers
  • Remote Terminal Units / Intelligent Electronic
    Devices
  • Transmitters, meters, control valvesto
    enterprise wide HMIs
  • Enterprise applications to the extent they can
    affect control

10
Wide Participation
  • User and producer companies across industry
  • Consultants and universities
  • Key organizations including NIST, DHS, CIDX
  • U.S. National Laboratories
  • ISA standards development committees including
  • - Wireless Automation (ISA-SP100)
  • - Enterprise-Control System Integration
    (ISA-SP95)
  • - Programmable Electronic Systems for Safety
    Applications
  • (ISA-SP84)
  • - Nuclear Fossil Power Plants (ISA-SP67
    ISA-SP77)
  • IEC TC57, Power Systems Management
  • IEC TC65, Industrial Process Measurement Control

11
2004 Two ANSI Technical Reports Published
  • ANSI/ISA-TR99.00.01, Security Technologies for
    Manufacturing and Control Systems
  • Information/guidance on technologies to reduce
    the risks and impacts of control system
    intrusions.
  • Technology areas include authentication
    authorization filtering/blocking/access control
    encryption data validation audit/monitoring/det
    ection tools operating systems web/internet
    technologies.
  • Vulnerabilities addressed, typical deployment,
    known issues weaknesses, suitability for use
    with IACS
  • Revision expected by late 2006.
  • ANSI/ISA-TR99.00.02, Integrating Electronic
    Security into the Manufacturing and Control
    Systems Environment
  • Guidance on establishing or upgrading programs
    procedures to improve control systems security.
  • Currently being developed into the ISA-99 Part 2
    standard.

12
2006 ANSI Standards Parts 1 2
  • Part 1 Concepts, Terminology and Models
  • Provides a framework for other parts of the
    standard
  • Definitions of automation control system
    security terms
  • Models for specifying security requirements for
    industrial automation control systems programs
  • Committee first ballot deadline May 18, 2006
  • Target publication 3Q 2006
  • Part 2 Establishing an Industrial Automation
    Control System Security Program
  • Extends ANSI/ISA-TR99.00.02-2004
  • Focuses on activities required to develop a cyber
    security management system.
  • Committee first ballot deadline May 30, 2006
  • Target publication 3Q 2006

13
Parts 3 4 Now Getting Underway
  • Part 3 Operating an Industrial Automation
    Control System Security Program
  • Addresses how to operate a security program after
    it is designed and implemented
  • Includes the definition and application of
    metrics to measure program effectiveness
  • Target ANSI/ISA Standard 2Q 2007
  • Part 4 Specific Security Requirements for
    Industrial Automation Control Systems
  • Defines the characteristics of IACS that
    differentiate them from other IT systems from a
    security point of view
  • Establishes security requirements that are unique
    to this class of systems
  • Target ANSI/ISA Standard 2Q 2007

14
For those in related areas
Your choice is simple. Join us and live in peace
or pursue your present course and face
obliteration. We shall be awaiting your answer.
The Day the Earth Stood Still, 1951 To
participate Charley Robinson crobinson_at_isa.org 9
19-990-9213 www.isa.org/standards
15
Backup Slides
16
Part 1 Concepts, Terminology and Models
17
Part 2 Developing a Cyber Security Management
System
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ISASP99: Preventing Electronic Intrusion into Industrial Automation" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!