The December 2015 Ukrainian hack can happen in the US despite the statements made to the contrary. DHS reiterates that BlackEnergy is in the US grid and that control systems should not be connected to the Internet.
The most disturbing disturbances, the ones that are frequent, fast and furious (FFF), are self-inflicted either in the design, installation, maintenance or operation of the process control system. The good news is that through better application of advances in technologies and the better education of everyone responsible for the implementation,...
George Cotter (formerly Chief Scientist for the National Security Agency) and I briefed the FERC Commissioners on cyber threats and cyber incidents affecting the grid. The cyber security regulations fail to include a requirement that utilities (or nuclear plants) remove malware found in their networks.
I will be giving the keynote presentation February 22nd in Washington DC at the National Academies of Science, Engineering, and Medicine Conference on Critical Infrastructure Security: The Role of Public-Private Partnerships.
The advent of smart transmitters has reduced the effect of large measurement spans on accuracy but most measurement accuracies are still a function of per cent of span, albeit possibly detailed by more sophisticated equations than simply the error being a percent of span. Bigger considerations these days concern the effect...
Process instrumentation and other field devices generally have minimal cybersecurity protection but can have VERY significant impacts. Security researchers have demonstrated the ability to compromise these devices on wired and wireless networks.
January 15, 2016, CyberWire published an interview with me on the implications of the Ukrainian power grid cyber attack and other current ICS cyber security issues - http://thecyberwire.com/interviews/interview_with-Joe-Weiss.html