10_工业基础设施信息安全

Copyright©SiemensLtd.China,CooperateTechnology2010.Allrightsreserved.CorporateTechnologyDr.Page2IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang@TrafficCaptureEngineTrafficCaptureEngineMalwareMonitorAttackLoggingMonitor/AdminUIMonitor/AdminUIWAP/MMSIndustryAnti-MalwarePlatformSecurityPolicyHTTP/FTP/GTPProfiNet/OPC/DNP3/…IndustryProtocolAnalysisModuleIndustryProtocolAnalysisModuleSyncModuleAttackSourcingTrackingIntelligentCaptureModuleTrafficCaptureEngineTrafficCaptureEngineMalwareMonitorAttackLoggingMonitor/AdminUIMonitor/AdminUIWAP/MMSIndustryAnti-MalwarePlatformSecurityPolicyHTTP/FTP/GTPProfiNet/OPC/DNP3/…IndustryProtocolAnalysisModuleIndustryProtocolAnalysisModuleSyncModuleAttackSourcingTrackingIntelligentCaptureModuleR&DExpertToolbox&SolutionsConsultantIndustrySecurityLabInnovatedResearchAppPatterns(regex)AppIPTCPPassBlockPacketFilterAppPatterns(regex)AppIPTCPPassBlockPacketFilterPage3IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangPage4IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangITICSICSPage5IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangPage6IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang1-1994SaltRiverProject(SRP)2000GAzprom20012003,Davis-BesseSQLServer520032007“Aurora”video2010“Stuxnet”Page7IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang2-200010002006Internet2007SCADASacrmentoPage8IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang3-1997NYNESWorcester62003CSX200319AaronCaffreyHouston2008Lodz4Page9IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang4-1992222005ZotobInternet1350,0001,400,0002005InfraGardBCITEricByresPLCPage10IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangPage11IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangIT//TCP/IPICSITITTCP/IPControlProtocolApplicationLayerTransportLayerInternetLayerNetworkAccessLayerNetworkAccessLayerPage12IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangITITITPage13IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangIndustrialControlSystemICSOPC,Modbus,ProfiNet/ProfiBus,MMS,DNP3,PLC,RTU,IEDSCADADCS(IndustrialControlSystem)???Page14IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangvs.ITOfficeSecurityIntegrityAvailabilityConfidentiality24/7/365OSITIndustrialSecurityConfidentialityIntegrityAvailabilityPage15IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangICSICSPage16IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangITPage17IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangOEM/Page18IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangICSICSPCPage19IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangPage20IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangSIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServerMaintainStationSupervisoryStationsOPCServerMobileEng.StationSCALANCEX-400S7-300ET200MotionControlSCALANCEX-200HMIWEBServerAppServerS7-300InternetS7-400WEBClientVideoClientSAPPrinterOPCClientOAOfficePCLaptopSCALANCEW780MESDHCPDNSPage21IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTangSIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServerMaintainStationSupervisoryStationsOPCServerMobileEng.StationSCALANCEX-400S7-300ET200MotionControlSCALANCEX-200HMIWEBServerAppServerS7-300InternetS7-400WEBClientVideoClientSAPPrinterOPCClientOAOfficePCLaptopSCALANCEW780ISO27001/ISA99(IEC62443)MESDHCPDNSPage22IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang(1)SIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServerMaintainStationSupervisoryStationsOPCServerMobileEng.StationSCALANCEX-400S7-300ET200MotionControlSCALANCEX-200HMIWEBServerAppServerS7-300InternetS7-400WEBClientVideoClientSAPPrinterOPCClientOAOfficePCLaptopSCALANCEW780MESDHCPDNSPage23IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang(2)SIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServerMaintainStationSupervisoryStationsOPCServerMobileEng.StationSCALANCEX-400S7-300ET200MotionControlSCALANCEX-200HMIWEBServerAppServerS7-300InternetS7-400WEBClientVideoClientSAPPrinterOPCClientOAOfficePCLaptopSCALANCEW780MESDHCPDNSPage24IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang(3)SIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServerMaintainStationSupervisoryStationsOPCServerMobileEng.StationSCALANCEX-400S7-300ET200MotionControlSCALANCEX-200HMIWEBServerAppServerS7-300InternetS7-400WEBClientVideoClientSAPPrinterOPCClientOAOfficePCLaptopSCALANCEW780MESDHCPDNSPage25IT-Security,CorporateTechnology,SiemensLtd.ChinaDr.WenTang(4)SIEMWinCCStationEngineerStationPROFINET1000MIndustrialEthernetDataHistorianSCALANCEX-400PrimaryControlServerRedundantControlServ