Not every ICS cyber vulnerability is critical. ICS cyber security should focus on what can affect ICS or system operation so the end-user can prioritize what threats are important to system reliability and safety.
The 2015 ICS Cyber Security Conference will be October 26-29 at the Georgia Tech Hotel and Conference Center in Atlanta (www.icscybersecurityconference.com ). This will be the 15th in a series that began in 2002. Because the Conference focuses on timely ICS cyber security issues, the agenda is now being finalized.
Control is all about dealing with change whether it is disturbances or moving setpoints. The controller can only do as well as the changes it sees and the changes it is able to make. Here we look at what is truly important realizing what is on the specification sheet may...
The Control Engineering 2015 Cyber Security Survey doesn’t seem to identify ICS cyber security impacts. The focus was on IT and networking devices with no mention of ICS field devices. A significant number of respondents experienced “cyber incidents” with their ICS networks – not devices.
The automation profession suffers from the lack of a common understanding of the terms used and their units. By taking a closer look at key terms for plant dynamics, we can have more intelligent discussions and better recognition of the contributing factors so that we can find what part of...
For control systems, the CIA triad needs to add an additional term -“S” for safety. This is a real issue as there have been more than 50 actual control system cyber incidents that have injured or killed people.
My database now has more than 725 actual control system cyber incidents. VERY few were identified as cyber. There have been more than a 1000 deaths, major equipment damage, significant environmental releases, and even bankruptcies yet the C-suite too often is missing.
I have been able to identify more than 600 ACTUAL control system cyber incidents (I keep finding more) though most of the incidents were never identified with the word “cyber”. A very conservative estimate of the direct costs of control system cyber incidents to date is more than $15 Billion.