Secure Operations Ensuring Cybersecurity to enable Industrial IoT

Unrestricted © Siemens Mobility GmbH siemens.com/dcu Leading global companies joined forces to encourage security in a networked world.

Protecting the data of individuals 1 and companies Preventing damage from people, 2 companies and infrastructures Establishing a reliable foundation on which confidence 3 in a networked, digital world can take root and grow Evolving Landscape

1950s – 1960s 1980s 1999 2010s 2015 Military, governments and Computers make their The globe is Cloud computing Industry 4.0, Internet of Things other organizations implement way into schools, homes, connected enters the & Big Data. computer systems business and industry by the internet mainstream

Information Processing Automation Digital Connectivity and Intelligence

1970s 1990s 1991 2000s 2020s Home computer Digital enhancement The World Wide Mobile flexibility Smart and autonomous is introduced of electrification and Web becomes systems, Artificial Intelligence automation publicly accessible Industroyer/Chrashoverride WannaCry Melissa Worm Morris Worm ILOVEYOU

AT&T Hack Blue Boxing AOHell NotPetya Cryptovirology Cloudbleed Level Seven Crew hack sl1nk SCADA hacks Infinion/TPM Denial-of-service attacks Meltdown/Spectre Cybersecurity solutions focused on (OT) Security

IT Security OT Security Confidentiality Availability

3-5 years Asset lifecycle 20-40 years Forced migration (e.g. PCs, smart phone) Software lifecycle Usage as long as spare parts available High (> 10 “agents” on office PCs) Options to add security SW Low (old systems w/o “free” performance) Low (~2 generations, Windows 7 and 10) Heterogeneity High (from Windows 95 up to 10) Standards based (agents & forced patching) Main protection concept Case and risk based Risk vs Budget

Your Risk Your Budget Ever growing risk landscape Wait or use your creativity

?

Tomorrow

Today

After a major incidentAftermajora

Today

Yesterday

Tomorrow Yesterday …costly impacts on operations

$1-2M / day $38-88M 225,000 $300M Economic impact of Average annual spend Customers without Cost of NotPetya ransom buying energy to replace on unplanned downtime2 power due to Black ICS attack to single energy production Energy attack, 20153 industrial company in capabilities1 20174

Sources: 1)Richmond Times, 2)GEOilandGas, 3)E-ISAC, 4)CNBC Structure by IEC 62443 IEC 62443 - Roles and Scope IEC 62443 - Roles and Scope Cybersecurity Concepts for Mobility

Defense in Depth - IEC 62443 …”for future deployments, with products with built-in cybersecurity features”

Perimeter protection & IDS

…”installed base (legacy) and automation products without built-in cybersecurity” Cybersecurity goal IEC 62443 Security Levels

SL 1 SL 2 SL 3 SL 4

Protection against Protection against Protection against Protection against deliberate attacks with simple intentional attacks with intentional attacks with unintentional or accidental means advanced means advanced resources attacks

Attacker type Attacker type Attacker type Script Kiddie Criminal organization Nations / Agencies Cybersecurity Pillars

IDS JRS / SPX DCU CONFIDENTIAL

DCU Data Capture Unit (Data Diode)

© Siemens Mobility GmbH 2020 Enabling connectivity while keeping networks physically isolated? …Data Diode technology

Critical network Open network

Tx Tx Electromagnetic induction Rx Rx PHY Tx Rx Tx Tx Rx Rx PHY

▪ Guarantees protection and network isolation via hardware design that lacks the vulnerability of firewalls Siemens 4 DCU ▪ Reliable - MTBF +16yrs

▪ Galvanic isolation & physical separation ensures only one-way communication Connectivity Concept

3. Cloud

Vendor Deploy Security Patches Cloud App VPN – Worldwide Device Management

Rollout Applications Router + FW and Updates 2. IT Network – Worldwide Cloud Connector

OWG App Storage Industrial Edge Runtime Diagnostics and Connectors Local data storage - OWG receiver Rail Operator DCU

1. OT Network (SIG) 0% risk of customer operation disruption OWG – DCU

Real-time data collection OCC – OWG sender TVD IXL Designed to be modular

3. Cloud

Vendor

Cloud App Asset Management VPN

2. IT Network Router + FW

OWG - Receiver

Rail Operator DCU

1. OT Network (SIG)

OWG - Sender

SCADA / Interlocking USP´s

Safety assessment 0% risk Vendor neutral SL3 - IEC 62443 4- 2 operation disruption Standard protocols CONFIDENTIAL

IDS Intrusion Detection System

© Siemens Mobility GmbH 2020

Topology with DCU

IT/Enterprise network

IDS Server

Syslog

IDS Sensor IDS Sensor

Security logs Security logs

Port Port mirror mirror

Security logs Security logs OT / Signaling (safety) network Industrial Switches Industrial Switches Endpoints Endpoints JRS Juridical Recording System & Encryption

© Siemens Mobility GmbH 2020 What & Why

What Why

JRS collects, stores and validates all critical Data from juridical recorders is needed for all SIG system data. legal or formal investigations of accidents or “near-miss” situations. JRS provides “Proof” that the stored data is unaltered and complete (integrity intact). CENELEC 50701 will require data integrity tools for new railway systems. JRS prevents the alteration and/or deletion of data acc. to IEC 62443 security concept: • Components • Communication Main features

1. Modular juridical recorder - Based on X.509 Certificates (PKI)

2. RAID 6 - High performance and reliable of data storage

3. Secure OS – S2L2 with Certificates, Secure Boot and Whitelisting.

4. IEC 62443 4-2 SL3 - Compliant

5. Interference Free – Compatible with DCU Funtionality

1 | Data collection 2 | Data Storage 3 | Evaluation & Validation 4 | Data Extraction

IXL

Components

DCU / Diagnostic PCs RAID 6 JRS software Customer or Siemens WORKING FOR A POLLUTION-FREE TOMORROW …ONE JOURNEY AT A TIME

SIEMENS Mobility Disclaimer

© Siemens AG 2020

Subject to changes and errors. The information given in this document only contains general descriptions and/or performance features which may not always specifically reflect those described, or which may undergo modification in the course of further development of the products. The requested performance features are binding only when they are expressly agreed upon in the concluded contract.

All product designations may be trademarks or other rights of Siemens AG, its affiliated companies or other companies whose use by third parties for their own purposes could violate the rights of the respective owner.

Page 26 Unrestricted | © Siemens Mobility 2020 | Andres G. Guilarte | SMO RI PR | 2020-12-02 Contact Published by Siemens Mobility GmbH

Andres G. Guilarte Global Product Manager SMO RI PR SD Germany

E-mail [email protected]

Page 27 Unrestricted | © Siemens Mobility 2020 | Andres G. Guilarte | SMO RI PR | 2020-12-02