Assistente AI
Trascrizione
00:22:60Alessandro Brighente: No. So, as I mentioned last time today, we are going to start with the
00:29:957Alessandro Brighente: with A with the new topic, industrial system security.
00:33:790Alessandro Brighente: Okay. So you'll see that more or less, we have some humanities with the upon systems that we've seen up to now, because the technology will be different. The devices we were dealing with are different.
00:47:955Alessandro Brighente: Okay? So we start from scratch. Let's see, what is an industrial control system.
00:58:640Alessandro Brighente: So what do we mean by national system.
01:01:600Alessandro Brighente: Here you have the basic definition. We have, basically a broadcast of automation system used to provide control and monitoring functionality, manufacturing and industrial facilities. What does it mean? It means that we have an idea, right of a process that we would like to control some manufacturing environment, right? We want to produce, choose. I don't know
01:22:500Alessandro Brighente: something right. And in order to get to the final product, then we need to divide the production process into many different pieces. And industrial control system is exactly what provides you the control over these these different pieces. Right? We want to monitor the the quality of certain by products of certain small portions of this product. You want to assess the safety and security of the different pieces that are communicating one another
01:49:490Alessandro Brighente: to deliver these final good right? And so, in order to do that, we can have different configurations. But the point is always the same. We need something that monitors what is happening right? It measures some physical quantity, some
02:04:550Alessandro Brighente: It provides us some information on how production process is going and something that actuates the actions that we need. Right? So if we need to I don't know heat a certain component, then there needs to be an actuator that provides the heat to that component.
02:22:684Alessandro Brighente: So here you have some of the different system types that that you can have an industrial control system. Right? So you might have process controller distributed controller supervisory control and data acquisition, safety interim instrumental systems.
02:37:680Alessandro Brighente: Right? So these are different nuances. If you want of an industrial control system that might be bigger or smaller and with different kind of capabilities. And in particular, we will focus on this one supervisory control and data position, because it's 1 of the most
02:52:590Alessandro Brighente: famous. If you want.
02:55:30Alessandro Brighente: Okay, so we'll get to the architecture of that.
02:59:130Alessandro Brighente: Nevertheless, what happens for all these different system types is always the same right? We want to collect data from the real world, from the physical world and provide it to something that can understand where the process is working fine
03:14:820Alessandro Brighente: or not, and can provide us some statistics of values that we want to control.
03:20:160Alessandro Brighente: Right? So the concept of the controller that we've seen for autonomous vehicles, for instance, is something that we have. we have also here. Right? You need this device that gathers information from the real world and adjust the behavior of the system based on a certain network. Yeah, certain network function. Okay.
03:42:193Alessandro Brighente: Here you have a a simplified representation of an industrial control system. Right? And you said that we have different nuances. But more or less. This is what you will. Observe, right? So here you have the the the field devices, right you have, low level devices, such as or indicators or pumps. Right, the the actual devices that you that you need to control the system.
04:10:180Alessandro Brighente: And here, instead, you have some different kinds of devices. You have burner, you have a motor, you have the Plc which is,
04:19:70Alessandro Brighente: the important components of them, the industrial system, because it's what provides the the control logic
04:26:850Alessandro Brighente: to the, to the plan, right to the, to the devices that you have.
04:30:890Alessandro Brighente: And then on top of that, you have some higher level controllers. Right? That needs to to understand what is happening here. Provide comments to these field level devices. And on top of that you have yet again another level of abstraction
04:46:242Alessandro Brighente: which is the one that usually operators deal with. Right? So you have this machine where you have an Hmi human machine interface which provides you a screen over which you can check what is happening. Right? So you can see the temperature levels. You can see the pressure level.
05:00:930Alessandro Brighente: all these variables that you would like to control and that provides you indicator on the state of the of the whole process right? And the both the machines that you have that's involved in the in the production process and the the process.
05:16:300Alessandro Brighente: And then again another layer on top. Right? So here you have engineering station operating stations. Right? So for instance, what provides the schedule to the different operations that you want that you need in order to get to the final product. And then Ics servers, right? So these machines that you might use to collect data or to
05:41:220Alessandro Brighente: to exchange data with the with the outside, if you need that.
05:44:870Alessandro Brighente: And in here you have the safety controller. Okay, which which indeed, is a controller. But you can imagine something like if the temperature is too high and we need to shut down part of the the industrial system. Well, that's the device that needs to
06:03:45Alessandro Brighente: to realize that and to inform the system about this decision of
06:10:950Alessandro Brighente: you don't have that name in the figure but this component here is important. The the historian is the is where we saw information about the the process. Right? So all the tasks that we execute or the the values that we collect right. The historical behavior of the national system is something that we have in the story.
06:31:410Alessandro Brighente: Right? So imagine something like you want to perform an anomaly detection algorithm of your industrial system. That's where you get the other data from right? So you want to have some historical data and perform some prediction based
06:45:110Alessandro Brighente: based on that princess.
06:49:655Alessandro Brighente: Good. So how do we divide? So the industrial system. You see that as a
06:56:30Alessandro Brighente: in the figure, it seems something like small, right? Everything is confined in these figure. But actually, it might be kind of big, right? Maybe distributed over large surface in terms of geographical area. Right? So over this, we can define different zones. Right? So
07:16:370Alessandro Brighente: we define ourselves as groups of devices that
07:22:100Alessandro Brighente: and safely say, communicate with one another. Right? So the concept of trust places. Right? You can say, Okay, I trust
07:33:990Alessandro Brighente: whatever comes from other zones, I want to verify that. So if I need authentication, for instance, I might want authentication from zone to zone, and not from the devices inside the zone.
07:43:880Alessandro Brighente: Right? But that's, of course, decisions that you might have. But one of the important zones that we have in here is the demilitarized zone. I think I've heard about the militarized zones from basic network security. Right? So you have these this piece of network where? You basically allow for the communication with the with the devices. Right? So if you have web servers
08:11:557Alessandro Brighente: or email service, you may want to have them in the militarized zone. Right? Because, basically, it's like a
08:19:530Alessandro Brighente: separating your internal network with everything that sits outside devices need to communicate with the outside right, for instance, to to give you an example in an industrial control system
08:33:243Alessandro Brighente: the the Psc right, the these low level controller is controlling field devices.
08:40:159Alessandro Brighente: You don't need to have it connected to the Internet, right? There's really no point to have that
08:44:570Alessandro Brighente: the Psc needs to be connected with the field devices and need to be connected with the higher level Controller.
08:50:820Alessandro Brighente: Maybe you want a higher level control to be connected definitely. You don't want the Psc. To be to be there right? So the Psc. Should be included in a zone that talks with the zone where you have the actual connection with the with the outside right, the the Psc
09:05:530Alessandro Brighente: should not be able to through that.
09:07:760Alessandro Brighente: Okay, so the ways we create zones
09:10:987Alessandro Brighente: is very similar to to what we do with the with classical network security. Again, because we are talking about the devices that connected to one another have different functionalities and requirements in terms of the connection they might have with the with the outside.
09:26:440Alessandro Brighente: So taking a look at one of the representations again, another presentation industrial control system. Again, the the concept is very similar to what we've seen before. Like, right here, you have the low level devices input output physical devices, actuators.
09:45:340Alessandro Brighente: You have plcs, right? These low level controllers. And then you have application servers, some data servers and maintenance service. Right, the all the data position that you have on top of this.
09:56:930Alessandro Brighente: Then you have the plant control zone. And then in here, in order to provide the data that you gather from plant a control zone to the higher level in here. You might want to have a firewall right? So to separate these zones, because these, this, with everything that happens in here, and not necessarily need to send all the data to these plant a zone.
10:21:840Alessandro Brighente: and it wants to verify whether the data it receives from plan a zone, because it might to answer how this whole component in here behaves right? So you might have these these different?
10:35:413Alessandro Brighente: yeah, zones, right? This is the control zone. This is a plan zone. And this is the enterprise, zone and enterprise zone is the higher level when you get
10:46:80Alessandro Brighente: basically take decisions for the whole industrial control system.
10:50:540Alessandro Brighente: Alright. So you might want to verify the data exchange that happened between the different zones and you need, and you see that not necessarily. You need the all the zones to communicate one another right? So, for instance. If these controls only here is dealing with a specific production production specific piece. Not necessarily. This needs to communicate with these other control zone here, right? Because maybe they are not correlated. We don't need to exchange data that.
11:19:400Alessandro Brighente: Okay? So you see that you have a more or less like hierarchical structure for these these different zones. And this resembles, more or less what we'll see is a supervisory control and data acquisition architecture. Right? You have these
11:34:790Alessandro Brighente: kind of, you know. I mean, that's structure.
11:40:410Alessandro Brighente: Okay, so this is just something like check. Right? So if we build. If we want to set up an industrial control system, all the connection deciding the devices, deciding how to create zones and stuff, what are they? The common recommendation. Right? So the the idea of this slide is not to provide you the
12:04:130Alessandro Brighente: I mean, of course, it's interesting to see recommendations. But what you might see is that the list of recommendations you have for industrial control systems are again very similar to what you want recommendation that you had in setting up a network. Right? So it's we can see that the whole industry control system
12:24:320Alessandro Brighente: from a network point of view, right? Who is exchanging data. Who which kind of data they're exchanging? Do we really need to exchange a date? Right? So you want to identify the system that needs to be protected right. There are systems in the whole industrial system that are more important than other from a security point of view, right? Those that take critical decision, for instance. Well, you might want to invest some more
12:48:444Alessandro Brighente: in protecting these devices rather than I don't know about, or something like that.
12:54:120Alessandro Brighente: Then we need to separate the system into functional groups. Right? I don't need the the network to connect all of the devices in industrial control system with a single point. Right? Then maybe that's that's not needed. And I don't want all the devices in my industrial control system to be able to communicate with all other devices. I don't need that. I don't need the the that is controlling the pressure for a certain production process
13:21:320Alessandro Brighente: to be able to communicate with the the heater in another zone of my system. I don't need that right. So I need to create these different zones and allow for the exchange in there.
13:34:890Alessandro Brighente: This is good both for security and also for for performances. Right? Why should you put overhead on top of devices that need mostly to be dealing with real time operations.
13:50:80Alessandro Brighente: Good. And then we have implementing defense in depth strategies, systems and group controlling access between group monitoring activities. Right? This is exactly what you have in a in a classical network. We want to have different layers of defense, right? When we talk about defense in depth. It means that I don't have just a single layer of defense. It's not like, I just have authentication.
14:12:590Alessandro Brighente: because if authentication fades, then we're done right. The system is compromised. No, after authentication, I want to have another level of security, such that the attacker needs to break multiple levels in order to be able to to control the system or to get access to sensitive
14:32:190Alessandro Brighente: data or or resources
14:35:73Alessandro Brighente: controlling access. Of course, you want to have access control, and not for everybody to be able to to access. Your historian, for instance, or some of the the devices that you use for controlling pool zones and plans. You want to monitor activities. Right? Monitor activities in this sense means monitoring communications
14:53:630Alessandro Brighente: intercom between the devices, but also monitor the physical process right? What kind of activities do we have? Is this valve open or closed? Is the pressure inside the tanker too high or too low? Right? You need to to have information about that.
15:09:470Alessandro Brighente: And limiting the the actions that can be executed within and between groups. Right? This is what we mentioned before you. We have actions that you actually need right? And you can allow. But then a lot of actions that you don't really need. Again, for instance, the communication point to point communication report within. Among all of the devices that you have in the control system, you don't need that right makes no sense.
15:35:40Alessandro Brighente: So you don't want to do that.
15:37:300Alessandro Brighente: And yet again, you see, it's kind of common recommendations, but not necessarily to the fact that we are talking about an industrial control system.
15:47:390Alessandro Brighente: Good. So why do we care about supervisory control and data position? And why do we hear this word? Often when we talk about industrial control system. Well, because it's a layered architecture that we can use to have full control over what is happening in the industrial control system. Right? So you have these different layers that.
16:09:194Alessandro Brighente: that. Let's say they start from high level of abstraction and the whole process, and the fact that they want to produce again. Choose. And then you go down and down into finer grains and controlling smaller processes.
16:25:510Alessandro Brighente: smaller scale processes in the in the whole production of these goods. Right? So,
16:35:620Alessandro Brighente: we haven't seen it.
16:37:340Alessandro Brighente: Oh, okay, so we can divide these supervisory controlling net acquisition into different fields. Right? So. And this is the what I was mentioning, right? So the the different levels of abstraction, we have a level 0 where we have the field devices where we have no abstraction at all. Right? We are controlling physically controlling the the production right? So we have something like,
17:03:540Alessandro Brighente: again, the balls that control the the intake of a certain chemical product into a 10 right? Or we have heaters that need to deal with the temperature control process. Right? So all the devices really need to deal with the physical world.
17:20:402Alessandro Brighente: Then, a level one. We have the devices that need to collect data from the level 0 devices and provide actions writing instruction, how to to act level 0 devices.
17:34:870Alessandro Brighente: Right? So here we have. What we've seen before as plcs, right? These these controllers, these low level controllers that
17:44:150Alessandro Brighente: But yet again, you need to to deal with the with the physical world process.
17:51:164Alessandro Brighente: You have also using here, which are remote terminal units. Right? So these are these controllers that you have deployed in the field, and or which maybe you don't have a direct access right? It might be really deployed in a in a field.
18:06:216Alessandro Brighente: And the based on this, we can start building our architecture nice
18:14:818Alessandro Brighente: so we have these low level devices. But so, or I don't know whatever.
18:20:600Alessandro Brighente: Hi, this is 7 0 0. And then these are connected with the
18:28:150Alessandro Brighente: this plc, right, which is level one device, right? So here you have a actually a controller that. So the Plc. Knows how these devices should behave in order to to control the process right? And provides this information. But the Plc. Again, is the level of
18:47:290Alessandro Brighente: very small obstruction, right? The Plc. Doesn't know the whole production process just knows what these devices should be doing.
18:55:390Alessandro Brighente: and in order for the Plc. To know what the what is should be doing and how everything is behaving. We have these level 2 devices where we have a supervisory computers. Right? So what do they do? They aggregate information from the Plcs, maybe multiple Plcs, right?
19:14:600Alessandro Brighente: And they have some.
19:17:780Alessandro Brighente: Let's call it intelligence. I'm not talking about machine learning or anything similar in here.
19:23:238Alessandro Brighente: They are able to collect data. They are able to derive statistics, and they are able to provide instructions through these. And so if we want to control the the boss right, this needs to be a reason why we do that. And the reason is provided by the Tlc. Again, doesn't know exactly everything that happens. And
19:46:419Alessandro Brighente: so it's these level 2 devices that should instruct the sc on how to do that. And these level 2, we have also human intervention. Right? We have these
19:56:961Alessandro Brighente: human machine interface, right? This monitor that we've seen before. That tells us how the system at this level is behaving. And then on top of that. Again, we have level 3 devices which are production level devices. Right? It knows the product that should come out of this whole process and informs this device on how to instruct the lower level devices to achieve that. And then on top again, we have a level, 4
20:24:740Alessandro Brighente: devices. And these number 4 devices really have a the, the.
20:32:90Alessandro Brighente: the overall view of the whole industrial system. Right? So, for instance, you might schedule the production of different pieces according to the production needs of the environment according to the maybe some of the constraints that you have on the devices that you have in here related to heating or related to avoid damaging some some of them. Right? So this layered approach provides us.
20:58:930Alessandro Brighente: a very good way of controlling the the production process. Thanks to these levels of obstruction that
21:06:840Alessandro Brighente: and that we achieve.
21:11:630Alessandro Brighente: Okay, so
21:16:270Alessandro Brighente: good. No. So now we we know more or less how these is structured. And we start with the these 2 components in here, right when we start looking, how the is be
21:30:470Alessandro Brighente: and what might be problems that we have with them.
21:34:150Alessandro Brighente: So these are the field of components. Right? So you see in the slides, we have these distinction between the field components and the control system components. The field components have no
21:48:450Alessandro Brighente: cannot implement any logic. Right? They're actuators. They are sensors. They are very low, level devices, with no computing capabilities in general. Right? So we might just open and close the vulva, or might just check whether the light is on whatever right sensors that you might have in there. And these are field components instead of controller system components.
22:10:920Alessandro Brighente: And then in this case that we have devices with some some logic. They can implement some logic right? They have some code that they execute right and that implements the, let's say, the idea of the the production process.
22:25:600Alessandro Brighente: Right? So we might have these controllers in here. We might have these controllers in here. Of course, they're implemented in different ways because they need to
22:36:795Alessandro Brighente: implement different logics. So we start with the Plcs is a these programmable logic controllers.
22:48:10Alessandro Brighente: And what are they? So we said that the Splcs are very low level computers, and we can see them as computers. They. They have some code. They're implementing some logic.
22:58:130Alessandro Brighente: and they are controlling what these field devices are actually doing. So usually, Ps is something that is hardened. What what does it mean? It means that it's built in a way to
23:17:510Alessandro Brighente: to be able to withstand the harsh conditions. Right? Might be temperature it might be pressure, it might be. I mean in the end. This. This thing in here is deployed on the field right, and not necessarily able to always control the
23:35:450Alessandro Brighente: the environment in which these computing devices are placed so their case is hardened, and the way they build is hardened to to withstand these kind of situations.
23:49:626Alessandro Brighente: They are
23:51:430Alessandro Brighente: again, they are computer. But they are low level computers, right? So they do not have an operating system. It's not like they are. Usually, it's not like they? They have classical. I don't know. Windows, whatever operating system. No, they have dedicated logics and specific promin programming languages that they are using.
24:13:202Alessandro Brighente: Because again, they need to do very simple operations right to gather data from these devices, and then the field devices whether they should or not do a specific action.
24:26:370Alessandro Brighente: So this is the architecture, general architecture of these psc's
24:31:930Alessandro Brighente: alright. So of course you have the power supply. But then you need the communication modules right? And you need a communication modules with the industrial service or with the some human machine in the faces. If we need that.
24:46:250Alessandro Brighente: you have another control module in here which instead talks with other plcs or with some package equipments. Right? Some other low level controllers. Then you have the processor in here to actually controls the the logic of the the production process
25:03:150Alessandro Brighente: controlling these, deciding what the actuator should be doing.
25:09:880Alessandro Brighente: You have the input modules, because you need to to be able to collect data from from the sensors that are connected to the Plc, and then again, you have the output module right? So once that actually control the actuators. And what do we have as
25:27:230Alessandro Brighente: model is controlling? I don't know. And electric motors, somehow. So the module is doing nothing than outputting a squared wave with a certain duty cycle that controls how fast the motor is spin. Right? So that simple information is out low. Again, they need to control these low level devices whose logic is
25:52:510Alessandro Brighente: early 0. Right? So they need to provide something? Very, very simply.
25:58:250Alessandro Brighente: okay. So more or less, this is a general structure that you that you can serve from these plcs, right? These are the the main building blocks.
26:08:150Alessandro Brighente: And this is what they look like. Right? So these are some examples of Plcs where you have the different connections so they can
26:18:380Alessandro Brighente: and actuators. You have some other connection here that help you controlling the Plc, right? So, for instance, how do you program a Psc, well, you need to be able to connect to the Plc. Itself and to provide it
26:36:650Alessandro Brighente: with the code that it needs to implement. But then this is not something you can do with the with the building blocks that we've seen before.
26:44:685Alessandro Brighente: Yeah, some other examples. We, of course, you have many different implementation of
26:50:130Alessandro Brighente: of Psc's and ways to to connect with them. But the thing that implement is more or less always the same right? They need to to implement these these low level logic to control the actuators.
27:05:520Alessandro Brighente: Good. So what is
27:10:177Alessandro Brighente: the our indication for the quality of service of a Plc, for instance, right? So we care about the efficiency. It needs to be efficient. It needs to take almost real time decisions on whether
27:23:780Alessandro Brighente: the state of these sensors in here. So we don't want to have a programming language with a lot of processing overhead. Right? We want to have something very simple, and we have a standard for that. These Iec standard is is the one that tells you which kind of programming languages we can use in
27:48:390Alessandro Brighente: and among them, we find different implementation. But the most common, let's say, are ladder logic or ladder diagrams. Right? So we have these very simple logical sequence of actions. Right? It's not like a structured C programming language, right? It needs to be very low level because we don't want to have a overhead there
28:12:950Alessandro Brighente: and get a command.
28:15:895Alessandro Brighente: Super, weird, though, or, let's say, complicated intelligence and appeals.
28:24:400Alessandro Brighente: How do these plcs work irrespectively of the programming language that they are implementing
28:30:890Alessandro Brighente: alright. So the these are the different tasks that the Psc. Is performing, and performs that in a continuous loop.
28:38:180Alessandro Brighente: Right? So we have the time monitoring that we need to read the data from the module. Then we had to provide specific data to the, to the user, execute that and based on the output of the user program. We write data into the output module right and provide these to the, to the actuators. And this is something that continuously repeat, right? So, this is something needs to be repeated very fast in time.
29:04:690Alessandro Brighente: Right? It needs to give us the the impression of being real time. And of course we cannot read and and write in real time. That's not the the proposal of the Pscn. Cannot do that. With the, it's current technology, right? So. But if this whole sequence of action is implemented in a very efficient way.
29:26:840Alessandro Brighente: then we can see things happening in real time.
29:31:170Alessandro Brighente: So how do we write the the code for plcs. So if we take a look at the standard
29:39:840Alessandro Brighente: 2 kind of programming languages say, we have the graphical and the texture programming languages.
29:45:430Alessandro Brighente: When we talk about the graphical programming language, you have a visual pl or block coding right? Which is something like you have the main building blocks, and you need to connect them with my one another through graphical elements. Right. So, for instance, you have the input module and you have the output model, and then you have the end function or function right? And you need to connect them in a certain way in order to implement the logic of the controller
30:13:260Alessandro Brighente: and textual programming languages instead, are very similar to to the classical scripts that you've been writing
30:22:800Alessandro Brighente: up to now.
30:24:811Alessandro Brighente: But let's take a look at the at the logic, right? So how does this program look like. So we said that we need something very simple.
30:36:440Alessandro Brighente: right? And we need to deal with something that happens with the specific logic. And it's always the same, right.
30:43:380Alessandro Brighente: always the same. What does it mean if I need to control a certain production process, I always want to check whether the 1st file is open, whether the temperature is sufficiently high, whether blah blah right? I have a say fixed set of that they want to to check whether they're true or not, and based on that, decide how to operate on the the devices.
31:11:118Alessandro Brighente: Good. So we have a set of connections. Right? We have connections between these inputs and the outputs.
31:24:980Alessandro Brighente: Good software.
31:27:370Alessandro Brighente: Yeah, let's say that this is the the input, and this is the output right? And want to define a path that brings me from the input to the output and to the decision on what should be implemented. So in here I should have some blocks that define logical conditions that I want to to check.
31:46:230Alessandro Brighente: Actually, I want to check whether this condition is true or false. So, for instance, you can see this as a as a circuit, right in certain. Let's say that this is open in a certain condition I'm checking for a specific value. If that value is true, then we close the circuit, and it can move on to the next step.
33:03:710Alessandro Brighente: Right.
33:04:460Alessandro Brighente: so I may want to close the circuit, or I might want to open the circuit right. I may want to open this one. If another condition is not met ideally, I should have a series of conditions that I need to satisfy. And that tells me, okay, you can move on with the production process, you might apply some actions to the the actuators that you are
33:32:520Alessandro Brighente: controlling right. So, for instance, if this output is connected to a motor drive, whatever right? I want to check a series of condition, and if all of them are met, that means that I can operate on the the motor drive right? If not, it's not saying to operate on the motor drive, or it's not the proper time to operate on that right. That's how I'm controlling the the low level devices and what they do
34:05:330Alessandro Brighente: good. So this is what I
34:08:770Alessandro Brighente: in my programming language, right? And we see that the logic of the the Psc. Now is
34:14:460Alessandro Brighente: to run kind of
34:17:610Alessandro Brighente: if you look, or at least look, that we run up to the point where I decided to stop it.
34:26:150Alessandro Brighente: But basically, when we get to the block of
34:30:760Alessandro Brighente: executed before also, this part will be executed as a loop, right? So I will try to execute these as fast as possible and as many times as possible. So I have a continuous loop over these programming language or over there, the program documented as well.
34:53:800Alessandro Brighente: So we have different logical functions that we can implement right? So we have the the inputs and the outputs of the these runs trunks, as you can see that the logic program as a series of these lines, right? We call them run, and they can be connected to one another and depends on the the complexity of the the program that I implementing. But you know, on each of these runs I have inputs and outputs. Right?
35:21:280Alessandro Brighente: So the inputs is the the values that they get from the from the sensors. And then the outputs are the the actuators. So for instance, always motor drives, or what I actually want to control.
35:33:220Alessandro Brighente: Alright. So
35:37:620Alessandro Brighente: based on the values of the input and output, I can decide to build the logic of my of my program based on these different
35:53:810Alessandro Brighente: building blocks. Let's call them name functions. Okay? So it's like their their contact. Right? It's something like if I'm using the the 1st one.
36:03:340Alessandro Brighente: the circuit is always open, unless a certain condition is met, and this is by default, right. So by default, this is open, and then, if I read the the value from a sensor, and these values over certain threshold, then it closes one. So it's the example that we've seen before. Or we might have
36:22:190Alessandro Brighente: the normally close the version of this right? So this
36:29:10Alessandro Brighente: is always you can always go through this path unless the condition is is not met, and then you will need to to open this one. Right? So for instance, you can imagine this as a safety related controller. Right? So something similar. What to what you have at home, if you're connecting too many device. And there's something that that opens up and cuts out the electricity from from your home, and exactly the same thing.
36:58:630Alessandro Brighente: And that's when we hear it's normally closed, but at a certain point it might open.
37:03:750Alessandro Brighente: and this is instead related to to the outputs. Right? So the same logic is something that we can apply to to the output.
37:10:830Alessandro Brighente: So we might have normally inactive coins. Right? So it means that I am connected to to a motor drive right? And usually don't provide any
37:24:216Alessandro Brighente: output these motor drive. So it's not operating. And if a certain condition is met, I can close this part of the surface and provide energy to the motor drive.
37:35:780Alessandro Brighente: or I may have the the opposite right. I usually provide this output, that controlling. But if a condition is not met, I will be
37:48:440Alessandro Brighente: the the output signal to these to this device.
37:55:580Alessandro Brighente: and this is what they look like, right? So on the 1st one we have the the logical end function between 2 switches. Right? So what this idea in there you have 2 key switches. And so I think you've seen movies something like you need 2 case to rotate in order to
38:15:752Alessandro Brighente: to launch the nuclear bomb, whatever. Right? So it's the same thing in here. You need the 1st switch to be closed, the second one to be closed as well, and then the door motor can can open right? So both of them.
38:30:600Alessandro Brighente: Both of these conditions need to be met right? If the 1st key switch is not closed. Then there's no way we can get to the second one at the same time. If the 1st key switch is closed, but the second one is open. Then we cannot get to the door. Monitor, right? So both of them
38:48:652Alessandro Brighente: needs to be met
38:52:394Alessandro Brighente: here instead. In the second example. You see something different. Right? So we need to close the door. So again, we have the logical end. But we are not condition here. We have to close the door, and there needs to be no obstruction before getting to the motor. Okay? So again, both of these conditions should be met. But we are implementing that as a a default
39:17:830Alessandro Brighente: right?
39:19:320Alessandro Brighente: So based on this, you can implement a different kind of of logics and make them as complicated as you want.
39:26:510Alessandro Brighente: And now we have a break.
39:41:150Alessandro Brighente: No
39:49:953Alessandro Brighente: nice. So
39:56:700Alessandro Brighente: Of course we have the end logical construction. And then, of course, we have also the logical or right. So if you take a look at it from a circuit point of view you don't have the sequence of action. But you have. But you have them inside of them, right? So you can implement also the or logic in this way through a lot of diagrams and other logics.
40:25:175Alessandro Brighente: And then here you have an example of an industrial stop. Start configuration. Right? So
40:33:550Alessandro Brighente: here is the the logical function that the run is implementing right? And that's the thing that you have. But
40:43:240Alessandro Brighente: in there so in a real world, of course, you might have something definitely more complicated than this, with many more rocks. And what you have in here in the slides. So this is not a course on programming
40:57:950Alessandro Brighente: plcs, right? But
41:00:750Alessandro Brighente: if you're interested in this, so you have these Pscp, which basically we have so many lessons where you can understand how this is actually implemented. And you can try in here to to import all these different
41:18:480Alessandro Brighente: elements to create the logical functions base
41:22:290Alessandro Brighente: on that. So if you want to take a look, take a look, that's where it is.
41:28:570Alessandro Brighente: And then.
41:30:286Alessandro Brighente: what you might have to add, another level of complexity is going from the ladder logic to functional blocks. Right? So this is what you would implement with the letter logic that you see, it's a bit more involved. Then you have. If you have a functional blocks and programming based on blocks, then you see, it's kind of easier to implement, or at least a bit more compressive from that you can.
41:54:110Alessandro Brighente: And let's.
41:56:540Alessandro Brighente: let's say, derive the code that you will actually put in the in the plcs. Okay? So
42:06:750Alessandro Brighente: yeah.
42:09:400Alessandro Brighente: for the time being with it with this, and then we'll see how we can derive a tax against these these kind of codes. So they wanted to give you a quick introduction to the whole industrial control system set up on the different devices and what they do right? So here we have another kind of device which we already seen before they are remote terminate units, right? So what they do. It's very similar to to plcs
42:39:517Alessandro Brighente: the main difference being that they usually reside in the field. Right? So you have a long pipeline or something like that. Some remote locations that you want to control, and then you place in their remote terminal units right? So their job is to collect the information from from field devices
42:56:360Alessandro Brighente: and send it to some controllers, right? So they might be connected to when they are close to the sensor or the actuators, and then bring data back to the where the logic resides. In order to do that, they need to have communication capabilities. So inside these modules you have communication modules might be cellular connection might be IoT networks, it might be Wi-fi days actually might have different
43:26:350Alessandro Brighente: communication capabilities in here, and this is what they look like. Right? So you have these our queues with their antennas.
43:40:800Alessandro Brighente: Okay? So yeah, they're collecting this information and
43:50:470Alessandro Brighente: the way in which they collect information on the side to report information might be based on some publish subscribe mechanism. Right? So you have some some information that you want to collect. So whenever a certain condition, of course, you know that you need to collect data and report it back to the controller. Right? So they again, implement kind of simple logics.
44:16:490Alessandro Brighente: Okay? So the again, they're kind of similar to ts, indeed, they're defined in the same
44:23:316Alessandro Brighente: standard in terms of programming languages. And they can monitor different kinds of outputs. Sorry different kinds of inputs. So it might be digital inputs. Or it might be analog inputs. Right? It depends on which kind of device they
44:39:80Alessandro Brighente: they are connected to.
44:41:510Alessandro Brighente: And of course, they can produce different kinds of output in the same way, right? It might be
44:46:490Alessandro Brighente: digital outputs or analog outputs.
44:52:550Alessandro Brighente: The other device that we've seen for is the human machine in the face. Right? It's just some information that we give to the operator. Right? So we have some graphical representation of industrial control system. And we see, for instance, the the temperature values in fraction
45:09:480Alessandro Brighente: values right?
45:12:557Alessandro Brighente: And this is something that we need as operators again to monitor what is happening
45:19:790Alessandro Brighente: right? So, despite the fact that we have controllers, we have Dlcs and we have devices that are dedicated to to controlling. And there might be the need for for human interaction. Right? And this is how we give this information to the to the operator.
45:34:668Alessandro Brighente: In the figure, you have a graphical representation on how these human machine interface is connected to the Controller which on its side, is connected to to sensor and actuators. Right? So
45:51:155Alessandro Brighente: the human machine interface can provide some instructions to to the controller, such as the start and stop or to set some set points, and the Controller can provide some information to the human machine interface. Besides the the Monitor, right? So it's the the values that are needed to represent the the status of the
46:13:340Alessandro Brighente: Yes, yes, it can provide also information related to alarms.
46:21:590Alessandro Brighente: Good. So
46:26:320Alessandro Brighente: we need the to secure these devices. Right human machine interface. Okay, you have this screen, thanks to which you can provide the exchange information with the Controller. And you see that we need to protect this kind of stuff right? Not everybody should be allowed to have access to the human machine interface.
46:43:140Alessandro Brighente: The human machine interface when it provides information to the controller. Maybe we want to to authenticate these these inputs. Right? So usually, what we do is to deploy these human machine interfaces. And physically.
46:57:420Alessandro Brighente: okay.
47:00:170Alessandro Brighente: physical security areas. Right? They are locked inside a a dedicated room or something like that, such that only authorized person has the access to them.
47:09:960Alessandro Brighente: But that's 1 of the the problems that we need to to take care of.
47:15:692Alessandro Brighente: They run their own operating system right? We have machines with the with the software components. I need to talk with the with the Pcs, right? So
47:27:740Alessandro Brighente: we have 2 forms of softwares, right. The 1st one is
47:34:14Alessandro Brighente: something like windows. 11 operating system. Right? So we have a she's again
47:41:70Alessandro Brighente: a lot of functions but let's say
47:46:420Alessandro Brighente: they're not necessarily specialized to a certain environment. And instead, we might have a hardened version for that, right? So something like integrating embedded operating system. We have Linux embedded. For instance, it's something that you have on on these machines.
48:08:70Alessandro Brighente: yeah. And usually in these second case, what happens is that you build your software on a different machine by you, you develop your program and then you bring it to the human machine. The face when when you need it. Right? So we need a different kind of connections with the with the developer.
48:28:40Alessandro Brighente: Okay, so this is what the the human machine interface stream will look like. So you see that you have a presentation of the industrial control systems with these different notes and logical indicators or indications on what is happening
48:49:390Alessandro Brighente: at the physical level? Right? So here you might have a it's related to office and values
48:58:620Alessandro Brighente: in certain components in here. But you see, we have the logical representation of bugs. Some of the Rqs. Some of these motors in here lower an actuator, and then here you have their presentation of the whole plant. So this is the kind of information that we expect from the Icif, from the Hmr from the machine interface
49:22:160Alessandro Brighente: right?
49:25:960Alessandro Brighente: And then
49:27:950Alessandro Brighente: again, another component that we've seen before. Which is the data story, right? This is where we store data related to the industrial system. Right? All the historical data is trusted in there. And of course, we can represent that in different ways. But usually we we use tags right to represent different
49:55:490Alessandro Brighente: events or data related to different components of the the Acs
50:03:890Alessandro Brighente: and then why do we need this data? Well, these data might be used for business.
50:11:100Alessandro Brighente: related decisions, right for for the scheduling of the different operations on which side of the Ics, which component says should be active at a certain time.
50:21:181Alessandro Brighente: So these are data that usually is needed by both the devices that operate the system and the interpreters themselves. So these data needs to be secure. Right? So it's not like, okay, we're collecting data. And who cares about this data? No, this data is something that we actually use to take decisions. And so it's really important to
50:42:550Alessandro Brighente: to secure these historians.
50:45:880Alessandro Brighente: And so what is happening then? At the higher level. So we have these this control process, right? The control process is something very similar to what we've seen again for the the economy. But the it's way more complicated than here, right? It's something that needs to deal with a lot of sensors and actuators and needs to take some more complicated the decision
51:13:320Alessandro Brighente: right? So here you have an example of one of these control process for manufacturing. Right? So again, you see, some of the terms that we've seen before. So we have a control loop. Right? We have these controllers that periodically receive some inputs from the from the Sensus and provide some
51:33:860Alessandro Brighente: some outputs right? And these outputs are related to in providing some component inside the mixture or opening above or increasing the temperature inside the tank.
51:48:590Alessandro Brighente: And this is what they they look like right? So here you have your boiler. Here you have this tank with with the liquid and a certain amount of steam, right? So you know that, based on the temperature and pressure, you have these different components to be mixed in a in a different way. And then, you have these whole blocks in here
52:14:310Alessandro Brighente: that are performing different actions. Right? So you have controllers, you have the summation, you have compensation, right? So all the different actions that you need taking care. Right? So this is something that provides water in the boiler. And this is the the circuit that lets the steam get out. So you want to maintain this at a certain level? Right? So this is something you can.
52:40:438Alessandro Brighente: Is an image. Or maybe you want to produce the steam. It depends on what you actually want to do with
52:47:591Alessandro Brighente: that, basically, is something to implement via your your controller. And this is a mix of these values that you measure different points of the industrial infrastructure.
53:00:800Alessandro Brighente: Okay, so again, we don't care about designing the controller. But we care about okay, what happens if I spoof one of the sensor measures that they provide to these this thing in here? Right. So I how can I do that?
53:17:150Alessandro Brighente: And what would be the effect on the industrial process? Right? So we are dealing with something that potentially can explode. And it's not good. Right? So we need to understand that
53:29:530Alessandro Brighente: we can make it useful.
53:31:310Alessandro Brighente: Basically right?
53:35:990Alessandro Brighente: again, safety influence. The system is one of the components that we've seen in one of the 1st slides. But basically here, we're dealing with risk management. Right? So we have some safety components that are really important industrial system which are not related with security. We're dealing with the fact that we don't want the time to to explode right? So we have something. Some devices dedicated to this.
54:02:40Alessandro Brighente: and they collect data, and they check whether they are identifying some abnormal conditions and situation that should not occur right. Something like if the
54:14:680Alessandro Brighente: the pressure inside the tank is too high, maybe it won't release the sink right or to open the valve. I don't care about the production process anymore. I just want this thing not to explode. Right? So savings around the system are really important because they can take over the control. And it's the equivalent of the the human driver
54:35:280Alessandro Brighente: in the autonomous vehicles that we've seen before. Right? If something really critical is happening. We want the driver to to be able to take over the controlling brake. For instance, right? Same thing happens with the safety instrumented system.
54:54:00Alessandro Brighente: Good. So, of course, since these safety threat system have these high level powers over the industrial system, we want to make them secure. Right? So so in this case, we want to have these devices to be isolated, I isolated in the sense that they need to be locked behind every door keys.
55:19:990Alessandro Brighente: right and
55:25:810Alessandro Brighente: and understand that this needs to be secure and
55:28:630Alessandro Brighente: spend so much time in these.
55:32:890Alessandro Brighente: And then how
55:35:530Alessandro Brighente: good! So now we have an overview on how these devices and what are the main components to save an industry interests?
55:44:00Alessandro Brighente: Right? So we have the sensor actuators. We have the Plcs. Then we have the monitoring facilities. We have the Hms. We have the safety system. We can collect data, and we have a logic that we implemented through there through the Controller.
55:58:844Alessandro Brighente: And then what happened?
56:01:60Alessandro Brighente: How do we get all this information right? So in order to to collect information. We need communication protocols.
56:08:120Alessandro Brighente: Right? So we have a a series of protocols that are dedicated to industrial network.
56:14:880Alessandro Brighente: Right? So we have the communication among devices right at the at the different levels that use different kind of protocols due to the fact that their requirements are different. Right? So we don't want. For instance, we have a Tcp connections on the extension between all the device, right? Maybe we don't even need that right? So we don't want a connection based exchange of information between sensors and the sequence right here.
56:42:810Alessandro Brighente: It's not worth it. Then, anyhow, what we have is that most of these Protocols are Ethernet, and it based right. And we have both wired and wireless connectivity. Mostly we have wire connectivities, and so the the sensors are physically connected to the Tlc. The Tlc is physically connected to the the higher level controller. But then, if we have something deployed over very wide areas. We cannot rely on cables anymore.
57:12:410Alessandro Brighente: Right? So our queues. For instance, we've seen that Rtu's have these wireless communication capabilities
57:19:420Alessandro Brighente: even more.
57:20:480Alessandro Brighente: All the sensors and actuators might be, IoT devices right? Why not? We have these devices deployed over a wide field
57:32:140Alessandro Brighente: right? And then in that case we are talking about the industrial IoT, right? So we have. IoT devices that are implementing an industrial system or part, let's say, of the industrial system and implementing part of its functionalities.
57:45:790Alessandro Brighente: Alright. So in that case, we have devices that are connected over the Internet through to one another or to the devices. They need to report data to
57:58:100Alessandro Brighente: something that we said in one of the 1st lectures, we have a physical system is that we don't really care. No, it's not that we don't care, but the Cahia, I think not something that we want to respect for the central system. But we care more about the availability over integrity, confidentiality.
58:17:840Alessandro Brighente: Right? So all these protocols are built to to provide the availability. So they need to be full time they need to be kind of real time they are should be Udp based, right? We don't want connection based protocols
58:37:35Alessandro Brighente: and they need to have sufficient resources. Right availability is,
58:43:703Alessandro Brighente: deals with the resources of the network. So we so we should have a sufficient bandwidth, and we should have a very low latencies, right? Because we need to be kind of real time. We are actually controlling a process that is happening in this real time, and we need to to gather data and to provide instructions in in real time.
59:07:770Alessandro Brighente: Enough. So
59:09:600Alessandro Brighente: now the question is given that we have these constraints. How do we set up the the network for the industrial system
59:21:300Alessandro Brighente: when someone.
59:22:800Alessandro Brighente: as you, as we mentioned before, communication, is not something that we need, right? So we don't need those devices to
59:31:120Alessandro Brighente: to talk with the one another. But we need to create dedicated routes. Right? So a certain zone need to communicate with devices in that zone and maybe have a connection with the with other zones.
59:44:882Alessandro Brighente: So it means that we can minimize somehow, we can run this optimization problem to minimize the the number of the switches that we need to pass through or the the routing hubs that we need to pass through in order to get to bring data from sensors to
00:01:170Alessandro Brighente: one of these devices. Right? So this is an example on how you might implement them
00:11:151Alessandro Brighente: net network system. Right? So here you have the H, my client that needs to report the data to the controller. Right? So that's the the path you might need to go through. Right? You need to to have some
00:27:94Alessandro Brighente: some of these devices to provide you addresses, or to route you through the to the correct platform.
00:35:570Alessandro Brighente: Good. So if everything needs to pass through the through the router, it's a mess. Right? So the 1st thing the Hmi client needs to go to the router to get the information on where the Hmi server is. Hmi server replies that provides information back and forth many, many times right? And this is that they not latency optimized
00:56:830Alessandro Brighente: alright. So this is not something you want, especially in industrial networks. If that Hmi client is providing information on the control that it needs to stop, it needs to stop. We cannot wait for these routing of package to happen
01:15:790Alessandro Brighente: right? So here you have the
01:19:490Alessandro Brighente: how, the the description of the the previous previous figure, right? So, for instance, I see that the IP based routing might not be the best choice I would want to use switches as much as possible.
01:36:693Alessandro Brighente: Unless we are traversing a functional boundary. What does it mean? If we move from a zone to another.
01:43:910Alessandro Brighente: then we might want to use routers. But if we need to communicate with device in a certain zone we might use, which because they're definitely faster.
01:51:650Alessandro Brighente: Okay, so yeah, I'm I'm good. I'm going kind of passing these this part, because I think you already know about the networking and telling you things that
02:01:520Alessandro Brighente: should more or less be clear. If that's not the case, please tell me
02:06:670Alessandro Brighente: there seems some cases that are kind of confused.
02:13:940Alessandro Brighente: Is it clear what they mean when I talk about the IP based routing kind of
02:33:650Alessandro Brighente: no, not going to
02:36:820Alessandro Brighente: cover the whole network part. What you care about in this sense, if you are not already.
02:45:600Alessandro Brighente: knowledge of both about networks, is that if if you need routers routers they need to gather information on where they should redirect your traffic to
02:57:330Alessandro Brighente: right, and then you can do that. You can have to connect many different sub parts of the networks. But what you have is an alternative. If you use switches, you have a faster way of directing the traffic. And that's why we care about switches in here. Right? So if we use switches and industrial networks, we should do that
03:18:300Alessandro Brighente: should do that because basically allows us to optimize that performance. The whole point is about having communications retire fast enough.
03:32:40Alessandro Brighente: Good. So this is something that happens at a higher level. Right? So if you're talking about devices that have operating systems that are kind of complex computing devices. And they may want to implement all of these protocols. But then, if we go down and down with the with the levels of the the scatter system right? So as we move towards the the sensors and actuators
03:56:800Alessandro Brighente: and the field level controllers. Then we might not want to have a protocols that are overly complicated. Right? I mean, we need something very simple. We have devices with a specific address that is not going to change. And we want to to send data to one another.
04:15:390Alessandro Brighente: Right? So, for instance, here is one example of the protocols that you might have in here. Now you're talking about field bus field bus is a bus based communication protocol.
04:25:750Alessandro Brighente: and it allows communication between the field level devices. Right? So you have these
04:32:530Alessandro Brighente: sensors and actuators, and they need to report them
04:37:920Alessandro Brighente: the information back to to the controller, right? And they don't need to report that much data. They just need to report information about the is the switch open and close. what is the temperature value? What is the pressure value? Right? So
04:53:90Alessandro Brighente: very, very simple data. So we have a protocol that works over at the minute, right? And doesn't need that many layer on top of that right? We don't need the the whole 7 layer. Tcp, IP stack, but we just need something simpler
05:09:620Alessandro Brighente: again. 1st of all, because devices are simple. They don't have much capabilities in terms of computation. And we don't need complexity here, right? We just need to report the values back to whatever wherever they they're needed. Right? So we have these dedicated
05:27:269Alessandro Brighente: Protocols. As you can imagine, these protocols have not been designed for security. Right? They they they don't have security, mind. So if we are talking about field bus, or if you're talking about MoD bus, or if you're talking about many of the protocols that we've seen, mostly they don't have.
05:45:840Alessandro Brighente: I know, for instance, authentication.
05:47:870Alessandro Brighente: They might have some crc's, something similar to what we've seen for the for the campus basis to provide integrity protection, but confined to to specific field. Right?
06:01:720Alessandro Brighente: So we see all the problems that we have with them. And then wireless networks. Here's the the example, right? As I mentioned before, we might have something like devices that deployed on the field. And also in this case we don't need the report that much data, right? They need to be efficient and just report
06:22:659Alessandro Brighente: whatever it's needed to to the controller to understand what is happening. So also in this sense, we have, dedicated protocols. And
06:33:730Alessandro Brighente: yeah, communication protocols. For instance, you have the wireless card in here. Which is one of the protocols, or you might have some Laura based, or 6 folks based protocols. Right? That are IoT protocols that we'll see when we're talking about IoT but those in this sense. The the point is you need to convey just a small amount of information to provide control
06:57:510Alessandro Brighente: capabilities to your industrial control system.
07:03:350Alessandro Brighente: right? And segmentation, because it's this thing that we've seen before, right? So how to
07:10:631Alessandro Brighente: to create zones. Basically, right? So it's just some information you might have seen before. You might want to cement your network to to these different zones, because you need the communications in here. You just need a small amount of exchanges between here and here, and so on. Support. Right? So these might be organized according to the Scada architecture, and that helps you in designing
07:35:910Alessandro Brighente: which zones might be or not trusted. And of course you can do that.
07:41:210Alessandro Brighente: And the physical level, or a logical level, physical level means you have a group of devices inside the room. Great! That's 1 of the zones, for instance, at the logical level is that it's something that you do on a protocol level? Right? So I decide that all the devices with a certain address range.
07:59:630Alessandro Brighente: 4, th
08:01:620Alessandro Brighente: an address within a certain range belong to a certain zone. Right? So. And that creates one of your box and helps you defining. Okay, these kind of devices belong to this zone. Not necessarily need to be in the same physical place. Right? So
08:17:200Alessandro Brighente: you can divide them in this way.
08:21:760Alessandro Brighente: Regarding physical separation, one of the important concept is that of the air gap. Right? So when we're talking about Air Gap system, it means that we have no actual connection with the devices behind the door, right? So it's something like, I have a server behind the door, behind the door which is not connected to the Internet or any other network, right? And if I want to put some data, update some data from the server. I need to have my devices connected
08:48:819Alessandro Brighente: physically connected to to the server. Right? So when we have this kind of situations, we talk about target systems.
08:55:340Alessandro Brighente: And of course, you have a
08:59:479Alessandro Brighente: many fancy ways of getting data out of aggregate systems. Sometimes looking like.
09:10:590Alessandro Brighente: does this work when they say, Okay, we use millimeter wave radars and based on how fast the defense are spinning inside the PC. I know the operation that the PC is doing, and therefore I can extract expeditary data out of this. Get system.
09:30:359Alessandro Brighente: It seems to be working nice? Right? But yeah, this is really important. When you have a
09:39:301Alessandro Brighente: information that you want to protect, you put them in an arrogant system. And it means that it has no connection
09:45:80Alessandro Brighente: with any other networks.
09:48:950Alessandro Brighente: Okay, so again, here's an example to how you might create these zones.
09:54:810Alessandro Brighente: Yeah, this was just to give you some basic introduction on industrial control system. In the next lecture we'll see. What are they? The actual security problems involved
10:05:580Alessandro Brighente: of this thing is, if I didn't tell you the whole story behind that
10:12:520Alessandro Brighente: difficult. Okay, thank you very much. Enjoy your weekend.
10:22:370Alessandro Brighente: Okay.