Symantec Expands SCADA Protection for Electric Utilities; Web Seminar Offers Advice on ICCP Signatures and Other Security Measures Required to Become NERC CIP Compliant.
CUPERTINO, Calif. -- Symantec Corp. (Nasdaq:SYMC SYMC Symantec Corporation (stock symbol) ) today announced expanded security protection aimed at helping electric utility companies proactively detect and prevent malicious attacks against the infrastructure of computers and applications -- known as Supervisory Control and Data Acquisition (application) Supervisory Control and Data Acquisition - (SCADA) Systems are used in industry to monitor and control plant status and provide logging facilities. SCADA systems are highly configurable, and usually interface to the plant via PLCs. (SCADA (Supervisory Control And Data Acquisition) A process control application that collects data from sensors and machines on the shop floor or in remote locations and sends them to a central computer for management and control. ) networks utilizing the Inter-control Center Communications Protocol Hardware and software standards that govern data transmission between computers. The term "protocol" is very generic and is used for hundreds of different communications methods. A protocol may define the packet structure of the data transmitted or the control commands that manage the (ICCP (Institute for Certification of Computing Professionals, Des Plaines, IL, www.iccp.org). An organization founded in 1973 that offers industry certification and worldwide test centers. ) protocol -- used to run key U.S. utilities. This specialized SCADA security includes protection against known and zero-day attacks, enabling utility companies to more effectively meet the new security requirements of North American North American
named after North America.
North American blastomycosis
see North American blastomycosis.
North American cattle tick
see boophilusannulatus. Electric Reliability Council (NERC NERC Natural Environment Research Council (UK)
NERC North American Electric Reliability Corporation (Princeton, New Jersey, USA)
NERC Northeast Recycling Council
NERC National Environment Research Council ) Critical Infrastructure Protection Department of Defense (DOD) program to identify and protect assets critical to the Defense Transportation System. Loss of a critical asset would result in failure to support the mission of a combatant commander. (CIP (1) (Common Isochronous Packet) The packet format used in time-based (real time) FireWire transmission. See FireWire, IEC 61883 and mLAN.
(2) (Common Industrial P ).
ICCP is the primary protocol used to communicate real-time data Real-time data denotes information that is delivered immediately after collection. There is no delay in the timeliness of the information provided.
Some uses of this term confuse it with the term dynamic data. , schedule, and control command exchanges between the energy control centers that operate these SCADA networks and remote terminal units (RTUs) and substations. While it has been developed with built-in security, in today's interconnected environment additional security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising"
security are critical for enabling uninterrupted operations for transmission, generation and independent service operators.
ICCP security signatures are available immediately for Symantec Network Security 7100 Series appliances offering real time intrusion prevention (IPS) and detection to proactively protect critical enterprise assets, and are supported by Symantec Managed Security Services. These signatures were developed to address not just known attacks, but also key vulnerability areas for optimal protection against new and unknown exploits. Symantec Research Labs, the company's industry-leading research organization, crafted the signatures using new techniques developed specifically for ICCP.
"Given that SCADA networks are the underlying infrastructure for worldwide power grids, it is vital that the integrity of these systems remain intact," said Gary Sevounts, director of Symantec power and energy industry strategies and solutions. "Beyond our extensive internal testing of these vulnerability signatures, we have also successfully run these signatures for over three months with no false positive triggers, further validating our development efforts. As a result electric utility companies can rely on our ICCP signature protection as part of their effort to meet pending NERC CIP compliance requirements, to mitigate the risk of potential service disruptions, process redirection, or manipulation of operational data that could result in public safety concerns."
The Symantec ICCP signatures were rigorously lab tested by the leading ICCP provider SISCO SISCO Self Insured Services Company (Dubuque, IA)
SISCO Saudi Industrial Services Company
SISCO System Integration Specialists Company
SISCO Somuah Information Systems Co. for three months, using live ICCP traffic, and produced no false positives. This testing also included a known attack procedure, which had previously resulted in crashed systems, and the Symantec signatures correctly triggered against this known attack. In addition, leading EMS vendor AREVA T&D tested live ICCP traffic for two weeks and also detected no false positives. These tests indicate the Symantec solution accurately detects and prevents attacks, without producing false positives that could result in unnecessary control system downtime.
"Securing the SCADA infrastructure is of critical importance to the energy industry," said Ralph Mackiewicz, vice president, sales and marketing for SISCO, Inc. "The work of Symantec to develop ICCP signatures for intrusion detection and protection is an important step in improving the security environment for SCADA communications and is very complimentary to SISCO's own efforts in securing ICCP communications. SISCO wholeheartedly whole·heart·ed
Marked by unconditional commitment, unstinting devotion, or unreserved enthusiasm: wholehearted approval.
whole supports the Symantec approach based on real implementations of SCADA systems and protocols that are in actual use today and was very pleased to have been able to work with industry leaders like Symantec and AREVA on this project."
Laurent Demortier, executive vice president of AREVA T&D, in charge of the automation business unit adds, "This collaboration helps ensure that customers using AREVA/Symantec security solutions get the maximum benefit from their security investment, with technology, integration, and services tailored to the unique needs of the critical infrastructure environment of electrical utilities."
NERC CIP Readiness Web Seminar
In an upcoming Web seminar, Symantec will conduct a readiness workshop designed to help electric generation and transmission companies, and independent system operators find a balance between optimal NERC CIP compliance, and profitable, cost effective operations. The Web seminar, titled "NERC CIP Readiness Workshop for Electric Utility Companies" will be held on Thursday, Sept. 15th, at 1:00 p.m. EDT/10:00 a.m. PDT PDT
Pacific Daylight Time
PDT Pacific Daylight Time
PDT n abbr (US) (= Pacific Daylight Time) → hora de verano del Pacífico
PDT . Attendees can register at http://ses.symantec.com/EC_EMAIL See e-mail. .
Ideal for IT operations, engineering professionals and management responsible for compliance, the seminar will address the following:
--Pertinent details of NERC CIP
--Tools to evaluate and assess the current level of NERC CIP compliance readiness
--Tactics that can help companies cost-effectively comply with NERC CIP
--Secure Inter-Control Center Communications Protocol (ICCP) connectivity as part of complying with NERC CIP
"Our most recent research indicates that security continues to be one of the top IT concerns in the energy industry," stated Rick Nicholson, vice president of research for Energy Insights, an IDC company. "With the recent passage of the Energy Policy Act of 2005, which includes provisions regarding electric transmission reliability, we expect spending on cyber security by US electric utilities to accelerate during the next 2-3 years, especially as it relates to SCADA and other real-time systems. Within that context, the ICCP protocol is one of most critical areas that must be addressed in terms of cyber security."
About Symantec ICCP Signature Support
Symantec offers ICCP signature capability as part of the Symantec Network Security appliance series, offering proactive network intrusion prevention, and Symantec Managed Security Services, providing real-time threat analysis to meet compliance requirements with minimal business impact. These signatures provide proactive protection on X.500, CMIP (Common Management Information Protocol) Pronounced "c-mip." A network monitoring and control standard from ISO. CMOT (CMIP over TCP) is a version that runs on TCP/IP networks, and CMOL (CMIP over LLC) runs on IEEE 802 LANs (Ethernet, Token Ring, etc.). , CMIS (Common Management Information Services) Pronounced "c-miss." An OSI standard that defines the functions for network monitoring and control.
CMIS - Common Management Information Services , FTAM (File Transfer Access and Management) A communications protocol for the transfer of files between systems of different vendors.
FTAM - File Transfer, Access, and Management: an application layer protocol for file transfer and remote manipulation and Microsoft Exchange Server Microsoft Exchange Server is a messaging and collaborative software product developed by Microsoft. It is part of the Microsoft Servers line of server products and is widely used by enterprises using Microsoft infrastructure solutions. protocols.
SISCO (Systems Integration Specialists Company, Inc.) is a privately held developer of standards-based real-time communications and integration software for energy utilities headquartered in Sterling Heights, Michigan Sterling Heights is a city in Macomb County of the U.S. state of Michigan. As of the 2000 census, the city had a total population of 124,471, making it the fourth largest in Michigan. Geography
According to the United States Census Bureau, the city has a total area of 95. . SISCO is the world leader in the Inter-control Center Communications Protocol (ICCP) with installations on 6 continents serving electric utilities, independent systems operators, gas pipeline operators, power generators, and original equipment manufacturers supplying these customers.
With manufacturing facilities in over 40 countries and a sales network in over 100, AREVA offers customers technological solutions for nuclear power generation and electricity transmission and distribution. The group also provides interconnect systems to the telecommunications, computer and automotive markets. These businesses engage AREVA's 70,000 employees in the 21st century's greatest challenges: making energy and communication resources available to all, protecting the planet, and acting responsibly towards future generations.
AREVA's T&D division is an active player around the globe. It designs, manufactures and supplies a complete range of equipment, systems and services for all stages in the transfer of electricity, from the generator to the large end-user. For more information, go to www.areva-td.com.
Symantec is the world leader in providing solutions to help individuals and enterprises assure the security, availability, and integrity of their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please view the Symantec Press Center at http://www.symantec.com/PressCenter/ on Symantec's Web site. All prices noted are in US dollars and are valid only in the United States.
Symantec, the Symantec logo, VERITAS, and the VERITAS logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and certain other countries. Additional company and product names may be trademarks or registered trademarks of the individual companies and are respectfully acknowledged.