Automation Cybersecurity
Join cybersecurity experts Tom VanNorman and Marco Ayala as they discuss cyber-attacks on OT networks and how to network vulnerabilities in OT systems, along with best practices on how to secure them.
Products mentioned:
mGuard -- https://www.phoenixcontact.com/mguard
Cybersecurity -- https://www.phoenixcontact.com/online...
Connect with us on social media!
Twitter: / phoenixcontact
Facebook: / phoenixcontactusa
LinkedIn: / phoenix-contact-usa
Subscribe for the latest on smart industry technology in IIoT, Industrie 4.0, power, automation, controlling, manufacturing, connectivity, and protection. We bring information, how to’s, tutorials, and case studies on machine learning, industrial internet, technology, software, STEM, and more!
Subscribe: https://www.youtube.com/user/PhoenixC...
Transcription: - Hi everyone. My name is Tom VanNorman. I'm a principal of a cyber physical practice at GRIMM, I'm here today with Marco.
Hey everybody. I'm Marco of 1898, Burns & McDonnell. Nice to be here with you.
Absolutely, same here. Hey Tom, I hear that it's October Cyber Month.
You know what? I heard that same thing in, you know, we're fortunate to have Phoenix Contact reach out to us. And want us to video a couple of short videos for them.
Yeah. I, I know I was looking forward to getting involved with everybody in person in Harrisburg and in Houston, but that's not going to happen. So, you know, I'm extremely happy to be involved in recording.
I just want to let you know that I did change my password and I did change the post-it. So I actually, I made it a blank.
Okay.
Just letting you know. No, actually I'll get rid of that. I didn't like it. So I'm not putting post-it notes on my screen. That's my.. just kidding folks.
You know, Marco, when, when, when, when we go and do assessments in controlled systems and you walk through, you look up the control panels, you talk to the operators, you talked to the, the, the, IT folks, the engineers, you talk to everybody and you know, sometimes you get some really good information. Sometimes, you know, you have to pry and everything. But when you sit down with people and really talk about data flows, what is really picking data off those controllers, what's talking to what, you know, that's a real big aha moment for a lot of people where I don't think they really understand fully where that data goes throughout their network. So let's take a look at some of some of those data flows today.
Yeah. I, I think you, you, one thing before you go too far is, is to know that one of, and you're right, the big discussion is, you know, walking in and trying to talk to folks, but you know, when they start saying, well, our, our OEM knows what - what's supposed to flow where and what talks to what, and here's our package vendor, you know, build the materials in our, in our, in our architecture. But as you notice, when you're looking at these drawings, whether they're done in AutoCAD or sometimes Vizio, more than likely AutoCAD on the actual package drawings, there's no data flows. You know, everything is assumed that everything's either going to a tag server.. You've got an API here that could be going to historian, but a lot of that is not even shown so that I think the key piece when you're going into a, to a site and you're, you're looking at, at utilizing, like for example, 64 43 with - it's what they call the zones and conduits really breaking those things out. So if you see like the light blue circle and the, like the light orange circle, it's, it's really breaking up your systems into zones and then actually identifying the conduits between those zones of communication. So, if you see, you've got that router that connects up to the process controls zone, then you see some below things that go down to the engineering workstation, then you've got your control LAN, and then you can see that there's also a safety zone. So just trying to segment those out and identify the zones and conduits. So if you go ahead and click build this kind of talks back into what you're saying, Thomas, identifying as who is talking to what and why, and identifying those and getting a baseline of that information. And so as we look at these dark blue arrows down on the lower level, looking from control room down to the field, these are going to be your traditional communication, your comm links in the, in the dark blue, that's going from your actual DCS tech servers. That's looking at your engineering workstation. It could be your application servers that could be hosting up your OPC, or you can also be hosting up interviewer data historians. (continued)
