Facility Security Flashcards
What is a CAN in Facility Security?
Controller Area Network. Digital Serial Communications network within vehicles
What is the primary interface for a CAN in a vehicle
ODB-II (on-board diagnostics)
What are the security concerns with CANs
There is no concept of source addressing or message authentication in a CAN bus
How can CAN busses be exploited
Attach an exploit to the OBD-11 bus
Exploit onboard cellular connection
Exploit over wifi
What is IOT
A group of objects, electronic or not, that are connected to the wider internet using embedded electronic components
What is the typical OS for most smart devices
An embedded version of linux or Android
What should occur when vulnerabilities for smart devices are identified?
Efforts must be taken to patch vulnerabilities
What is an embedded system
Computer system designed to perform a specific or dedicated function.
What are some of the security concerns with embedded systems
They are considered state environments where frequesnt changes are not made or allowed.
They often have very little support for finding and correcting security vulnerabilities.
What is a PLC
Programmable Logic Controllers are a type of computer that are designed for industrial or outdoor settings
They can automate and monitor mechanical systems.
Can PLC Firmware be patched or reprogrammed?
Yes, the firmware can be patched and reprogrammed
What is a SoC
System on a chip is processor that integrates the platform functionality of multiple logical controllers onto a single chip.
Combines PLCs into a single chip
Are SoCs power efficient?
yes, when used with an embedded system, SoCs are power efficient
What is an RTOS
A Real Time Operating System is an OS that prioritizes deterministic executions of operations to ensure consistent response for time critical tasks.
What are some operational concerns with Embedded Systems
They typically cannot tolerate reboots or crashes
and must have response times that are predictable within microseconds.
What is an FPGA
A Field Programmable Gate Array is a processor that con be programed to perform a specific function by a customer rather then being programmed at the time of manufacture.
Can SoCs be reprogrammed?
No, once they are programmed, they cannot be over written/
What is a benefit of a FPGA
They allow customers to configure the programming logic to run a specific application instead of using ASIC ( Application Specific Integrated Circuits)
What is OT
Operational Technology communication network designed to implement an ICS (Industrial Control System) rather than a data networking system
Describe an ICS
Industrial Control Systems prioritize Availability and Integrity over security over confidentiality.
It is a network that manages embedded devices
Makes use of Field Bus for its communication protocol.
Powers things such as Water supplies, manufacturing
What is FieldBus
Digital Serial Data communications used in OT networks to link PLCs
What is an HMI
Human Machine interfaces are an I/O panel that allows users to configure and moniutor the system
Describe how an ICS system works
ICS manages the process automation by linking together PLCs using a fieldbus to make changes in the physical world.
What is a Data Historian
Software that aggregates and catalogues data from multiple sources wihtin an ICS
What is SCADA
Supervisory Control and Data Acquisition
Type of ICS that manages large scale, multiple site devices and equipment over a large area.
How does SCADA fit into an organization
Typically ran as software on an ordinary computer.
It gathers data from and manages plant devices and equipment with embedded PLCs that are connected over a WAN
What is ModBus
Communications protocol used in OR networks.
OT does not use TCP/IP Stack, it uses ModBus.
What does ModBus do
It gives control servers and SCADA hosts the ability to query and change the configuration of PLCs
What are the four steps to mitigating vulnerabilities for specialized systems as outlined by the NIST
- Establish administrative control over OT networks by recruiting staff with relevant experience
- Implement the minimum network links by disabling unnecessary links, services, and protocols.
- Develop and test a patch management program for OT networks.
- Perform regulate audits of logical and physical access to systems to detect possible vulnerabilities and intrusions.
What is an important warning for OT security audits
enumeration tools and active vulnerability scans can cause issues with OT networks.
What is a Premise System
Systems used for building automation and physical access systems
Many physical system designs allow for monitoring from corporate date networks over lan
What is a BAS
Building Automation Systems are components and protocols that facilitate the centralized configuration and monitoring of systems in an office.
What are some vulnerabilities of BAS
Process and memory vulnerabilities in PLCs
Plaintext credentials or keys in application code.
Code injections against web-user interface`
What are some DOS concerns within a BAS
DOS conditions could be caused by an attack on a BAS that affects items such as HVAC.
If HVAC is interrupted and a server room gets too hot, the servers may shut down to prevent damage to the hardware.
What is a PACS system
Physical Access Control systems are components and protocols that facilitates the centralized configuration and monitoring of security mechanisms within offices and data centers
Can PACS be implemented both as part of a BAS or be an independent system?
Yes, they can be both.
One concern is that if implemented by a vendor, they can fall outside of Threat Hunting as they are managed by a vendor
What are the types of cameras used in physical security monitoring
PTZ ( Pan Tilt Zoom)
CCTV (Closed Circuit TV)
Types of door locks used in physical security
Keys, PINS, Wireless Signals (NFC, RFID), or Biometrics
Describe biometric readers
PACs that rely on the physical characteristics of a person to identify them.
Biometrics are considered a “Something you are: authentication method.
What is an FAR in for biometric readers?
(False Acceptance Rate )
Rate that a system authenticates a user as authorized or validated when they should not have been granted access to the system
What is the FRR for biometric readers?
False Rejection Rate is the rate at which a user is rejected when they should have been validated.
What is the CER for biometric readers?
Crossover Error Rate is where the false acceptance rate and false rejection rate are equal.
CER measures the effectiveness of a biometric system.
What are type A hand held extinguishers used for
Ordinary solid combustibles - Wood, Paper, Fabrics, Rubber.
They are Water based
Green Triangles with an A
What are type B hand held extinguishers used for
Flammable Liquids and gasses:
Gasoline, Oils, Paint, Lacquer
They are a dry chemical or CO2 based
Red squares with a B
What are type C hand held extinguishers used for
Fire involving live electrical equipment
1- shut down power
CO2 based extinguisher
Blue circle with a C
What are type D hand held extinguishers used for
Combustible metals or metal alloys:
Lithium Fires from batteries
Golden Star with a D
What are type K hand held extinguishers used for
Fire in cooking appliances that involve combustible cooking media:
Vegetable or animals oils or fats.
What are the two types of sprinklers
Wet pipe - Puptes filled with water ready for the tips to be melted off
Dry pipe - Pipes filled with air through which water is pushed when needed
Pre action - Will activate when heat or a fire is detected
What is special hazard protection
Clean Agent Syetem that uses inert gas to fight fires where there is live electrical equipment. Can use HALON gas or FM-200, or Co2
What should the level of humidity for HVAC be allowed
40% humidity
Too high, the moisture may cause corrosion on the hardware
Too low, electrostatic discharge may damage hardware
HVAC may be managed via ICS or SCADA
What is the Tempest designation
US Gov standard for the level of shielding required in a building to ensure that emissions and interference cannot enter or exit the facilities.
Also EMP resistant.