Posted in Need 15 Pages worth of workbased on UKRAINE POWERPLANT In ICS/SCADA System
Part 1 : Research about involving SCADA.which is UKRAINE POWERPLANT ATTACK
Need 2 pages Research with Reference APA format
Part 2 : need 3 page Description of Industry
1. What type of industry is this?
2. What is the importance of this industry to society?
Industrial Control System Processes Employed
1. List industrial control system processes specific to industry.
2. List the control systems that control those processes and how they control those processes.
3. Create a network diagram displaying the interconnections of the industrial control system devices listed in item 3.
a. For example: Use ICS CERT CSET Visio Excel Word etc. Part 3 ; Need 3 Page
Thisassignment is a part of your overall final project. Please make sure to incorporate this assignmentto your final project; reference to Week 1 Final Project Template.
Profile ICS Devices
1. For each ICS device document:
a. Logical Ports
For example 80 443 etc.
http://www.digitalbond.com/tools/the-rack/control-system-port-list/
b. Protocols Running
For example SMTP SNMP DNP3 Modbus Fieldbus Ethernet etc.
c. Physical Connection Types
For example serial RJ45 USB parallel etc.
http://www.digitalbond.com/tools/the-rack/control-system-port-list/
d. Default Accounts:
Research the manufacturers information on the device. Look for default account information to login with.
Check Default Password List for an entry: http://www.defaultpassword.com/
e. Services
Research manufacturers information on the device and document services running.
f. Authentication
Research manufacturers website for the device and locate information on how the device authenticates users.
g. Use of Encryption
Research manufacturers website for the device and locate information about encryption. For example does the device use encrypted connections? Is the back-end database encrypted? What type of encryption does it use? Is public/private key encryption like RSA?
h. Logging Capability
Research manufacturers website for the device and locate information about logging. Answer questions like is logging enabled? Are logs stored locally or remotely?
i. Other Security Documentation
Does the manufacturer have any security related documentation not provided above that would be of use?
Part 4 : Need 2 Page
Identify Measure and Manage Risks
1. Identify risks:
Risk is a function of M AV T and V:
R= f (M AV T V)
R risk M mission importance AV asset values T threats V vulnerabilities
2.What: what is the problem/challenge in managing risks and auditing the ICS?Explain how you might measure
Why: why do you need and want to solve the problem?
How: how do you economically solve it?
Identify Security Controls
1. Select security controls based on results from Industrial Control System Processes Employed and Profile ICS Devices:
Reference either ICS CERT CSET or NIST 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-53r4.pdf
Part 5 : Need 3 Page
Apply ICS Security Best Practices
1. NIST 800-82 Industrial Control System Security http://csrc.nist.gov/publications/drafts/800-82r2/sp800_82_r2_draft.pdf
2. Identify unremediated risks and choose risk strategy: Accept risk avoid risk mitigate risk share risk transfer risk combination.
Reference: NIST 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r1.pdf
Identify Vulnerability Continuous Monitoring Strategy
1.Examples:
a. Nessus – Bandolier modules.
b. Metasploit ICS exploits.
c. Snort
d. Nmap Identify ICS friendly scans.
2. Are these IA certified tools? How so?
a. For example:
i. NIAP: https://www.niap-ccevs.org/CCEVS_Products/pcl.cfm
ii. Common Criteria: https://www.commoncriteriaportal.org/products/
b. For example: Are these tools SCAP-compliant?
3. Create script rules for baselining each ICS system.
a. For example scripts rules should audit:
i. Installed programs.
ii. Users groups.
iii. Shares.
iv. Services.
v. Processes.
vi. Etc.
Part 6 need 2 pages
Pleaserevise your rough draft to addressthree attributes: a) What: what is the problem/challenge in managing risks and auditing the ICS b) Why: as an ICS/ SCADA Information Assurance expert why do you need and want to solve the problem and c) How: how do you economically solve it?
