2016年 - VECサロン

村上 正志

VEC事務局長 / 株式会社ICS研究所 村上 正志

VEC(Virtual Engineering Community)事務局長

  • 1979~1990年まで、日本ベーレーのシステムエンジニアとして電力会社の火力発電プラント監視制御装置などのシステム設計及び高速故障診断装置やDirect Digital Controllerの製品開発に携わる。
    *関わった火力発電所は、北海道電力(苫東厚真、伊達)、東北電力(新仙台、仙台、東新潟)、東京電力(広野、姉ヶ崎、五井、袖ヶ浦、東扇島)、北陸電力(富山新港)、中部電力(渥美、西名古屋、知多、知多第二)、関西電力(尼崎、御坊、海南、高砂)、中国電力(新小野田、下関、岩国)、四国電力(阿南)、九州電力(港、新小倉、川内)、Jパワー(磯子、松島、高砂)、日本海LNG など
  • 1990年、画像処理VMEボードメーカーに移籍し、大蔵省印刷局の検査装置や大型印刷機械などのシステム技術コンサルティングに従事。
  • 1995年、デジタルに移籍し、SCADA製品の事業戦略企画推進担当やSE部長を務める。(2004年よりシュナイダーエレクトリックグループ傘下に属す)また、1999年にはコーポレートコーディネーション/VEC(Virtual Engineering Company & Virtual End-User Community)を立ち上げ、事務局長として、「見える化」、「安全対策」、「技術伝承」、「制御システムセキュリティ対策」など製造現場の課題を中心に会員向けセミナーなどを主宰する。協賛会員と正会員のコラボレーション・ビジネスを提案し、ソリューション普及啓発活動を展開。
  • 2011年には、経済産業省商務情報政策局主催「制御システムセキュリティ検討タスクフォース」を進言、同委員会委員及び普及啓発ワーキング座長を務める。
  • 2015年、内閣官房 内閣サイバーセキュリティセンターや東京オリンピックパラリンピック大会組織委員会などと交流。
  • 2015年、株式会社ICS研究所を創設。VEC事務局長の任期を継続。世界で初めて制御システムセキュリティ対策e-learning教育ビデオ講座コンテンツを開発。
  • 現在活動している関連団体及び機関
    ・公益財団法人日本適合性認定協会JABの制御システムセキュリティ技術審査員
    ・経済産業省の産業サイバーセキュリティセンター講師
    ・日本OPC協議会 顧問
    ・制御システムセキュリティ関連団体合同委員会委員
    ・日本能率協会主催「計装制御技術会議」企画委員

2016年

VEC Solution Presentation
Industry 4.1 J Architecture Concept for More Security and Flexibility to the Factory

I am going to talk about our ICS study project called “Industry 4.1J”
Agenda is these.

  • What we are aiming.
  • Architecture of “Industry 4.1J”
  • Study from Study
  • Conclusion

What we are aiming.

If we use the Cloud for IoT System, we have the Cyber Security Risk and have to use the DMZ (DeMilitarized Zone) for each Plant.
NIST (National Institute of Standards and Technology) published “Guide to Industry Control System Security” in February 2015.
It use the DMZ (DMZ is High Cost) for each Plant.
“Private Cloud, is able to be a replacement of DMZ”
Scope was so clear, just to validate “Safe, Reliable and Flexible Plant/Factory” by using “Private Cloud”.
We established a project named “Industry 4.1J”.

Architecture of “Industry 4.1J”

I can’t explain all details of Industry 4.1J.
It’s a long story.
20 min is too short to tell.
But, I would like to talk about key part of Industry 4.1J.


Industry 4.1J brings “Security” and “Flexibility” to the Plant/Factory.

Security means Cyber Security.

I will explain it later.
But one important thing is this is a logical closed network.
You know, private cloud has no direct internet connection.
Then each Plant/Factory can share the operational management system by using Cloud with less security risks.

Another key part is “Flexibility”.

It gives Plant/Factory high resiliency.
What I mean “high resiliency” is ”Plant/Factory operational system is recovering quickly after stop it”.
It’s a BCP (Business Continuity Plan) issue.
Plant/Factory people want to make downtime short as much as possible all the time.
Because of money.
Also to protect brand, to keep good reputation.

Industry 4.1J is aiming to bring both capabilities into the Plant/Factory.

And we did a study project.
So, what are the items to be verified?
Protecting Plant/Factory against cyber attack is one big challenge.
Also some part of SCADA systems must be running at Cloud data center.
Data transmission must be stable.
Transmission speed must be high enough.
And no data loss.
It must be less effort to implement.
Must be less cost to implement.
Like an add-on layer on top of the Plant/Factory system.
So it should be adoptable and realistic approach for the Plant/Factory.
Industry 4.0, an original concept is too complicated.
And cost too much to make a big change on the existing Plant/Factory system.

Big company can make big change, but many factories want to have more low risk low cost plan like Industry 4.1J.

This picture is showing our basic concept.
Red square line is highlighting project scope.
Cloud service is Arcstar Universal One, NTT Communications service.
It’s available in over 190 countries.

Study from Study

Ok, we had a long list of TESTS.
But I just tell you about 2 major parts.
Data transmission.
And, Security.
Results from our tests, all are completed successfully.
Let’s look into these 2 tests.
This is a network chart of actually we had run the TESTS.
All software and hardware components are installed onto NTT Communications Data Center in Tokyo.
And it has demo Plant/Factory and remote site.


How much transmission speed is required?
It’s really depends on system.
There is no standard speed.
But we tested data transmission speed from demo Plant/Factory to private Cloud.

The result is 10K events per second.
It is good enough for average Plant/Factory system.

Also another test with database.
Replication speed is over average.
It’s good enough.

It marked 48K events per second.
And it’s stable.
Speed and Stability is very very important for Plant/Factory.

TEST 3: Monitoring and detecting mal-activity

  • Mal-activities are expecting to happen and detected in both Plant/Factory network and Private Cloud, but attacker’s approach should be restricted by this closed network architecture.
  • As many industry people aware about “Stuxnet” approach, it’s infecting by USB and other in-direct route like 3rd vendor who maintain ICS in the Plant/Factory by updating and checking device health with their PC or other device set bringing into the Plant/Factory.
  • we constructed two tiers protection mechanisms integrating SIEM, Security Switch, Cyber security applications and HMI from different vendors.

Main part of Industry 4.1 J ability is ”Security”.
I mentioned earlier.
And the important aspect is “Just monitoring and detecting security event”.
Running anti virus and stopping ICS applications is worst scenario.
It must be monitored and detected only.
Sometime, removing mal-application stops ICS application.
It’s an un-willing situation.
You must think about it.
But we must detect mal-events in both segments Plant/Factory and Cloud.
This is closed network.
There is no internet connection.
However, human is able to bring malware into Plant/Factory without internet connection.
Stuxnet made it without direct internet connection from Plant/Factory.
So, we must treat it to protect business.

Then, Monitoring and Detecting mal-activity is implemented into two different segments.
Private Cloud.
And Plant/Factory network.
This is a flow diagram of detecting and blocking mal-activity in Plant/Factory network.
SIEM (Security Information and Event Management) is detecting intrusion from Plant/Factory network and identify the device by IP address.
Then SIEM send a request to Security Switch to block infected device.
It’s a quarantine.

Also SIEM can receive other mal-events from endpoints.

This is extra integration work.
You can see mal-events on HMI like this.
SIEM send request to HMI when security breach is detected.

Operator is usually dealing with HMI, not SIEM.
Such kind of integration is easy to recognize security breach is happening by Plant/Factory operator.

Conclusion

  • “Industry 4.1J” concept is possible to extend existing ICS system and Monitoring mechanisms with mixed vendor protection products is working well.
  • We will run this on top of real Plant/Factory to evaluate performance and risks/costs of migration.
  • If you have any questions, please contact
    masashi.murakami@ics-lab.com

So, we successfully validated Industry 4.1J concept with multiple vendors support.
So many ICS applications and security tools are working together.
Performance is good enough.
Security tool chain is working good.
So the next step of this project is now under the discussion.

Thanks you!