SCADA Security - Why Is It So Hard - Amol Sarwate - Hack in Paris

Explore SCADA security challenges and solutions in this 53-minute Hack in Paris conference talk. Dive into the intricacies of SCADA systems, including RTUs, PLCs, HMIs, and data historians. Examine security implications for various components and protocols like MODBUS and DNP3. Learn about potential attacks, mitigation strategies, and real-world security control implementations. Discover an updated open-source SCADA scanning tool and gain insights on implementing effective security measures for critical infrastructure and control systems. Understand why SCADA security requires more than just technical solutions and tools.

Introduction
Agenda
Background
SCADA Systems
Accidents
Insider Threats
Advanced Persistent Threats
SCADA Framework
Sensors
Data Conversion
Data Communication
Threats
Field Equipment
Communication
Modbus
Models
Function Codes
Script
Wireshark
Firefox
Confidentiality
Modbus DNP3
Confidentiality Integrity Availability
No Authentication
No patching
Best Practices
SCADA Scan Tool