The Nuclear Energy Institute (NEI) has filed a rulemaking proposal with the NRC to REDUCE the number of systems and components to assess for cyber security. Given that nuclear plants are such high value targets and there are so many current malware attacks against control systems, this doesn't make any sense.
There is little information on frequency of ICS cyber attacks. HAVEX and BlackEnergy have been targeting selected ICS vendor HMIs that could be used to give remote access to the attackers. Once your computer is owned there's not much the attacker can't do.
Before the 1990s relatively few choices in PID structure were offered. There were also various supplier specific rules as to how to set the proportional mode and integral mode tuning settings to get proportional-only and integral-only control. A different model controller may have been needed for a different structure.
The Convenor of IEC TC57 WG15 sent a note to ISA99 stating that the power industry organizations have additional or different security situations that are causing us to create our own security standards and guidelines. Other than for compliance reasons (NERC CIP), the power industry is NOT different than other...
The highlights from the 2014 ICS Cyber Security Conference can be found at www.icscybersecurityconference.com. Conference presentations and discussions included actual ICS cyber incidents, new ICS cyber vulnerabilities, and new ICS cyber security technologies.
Not knowing the implications of the PID Form in an existing control system being migrated or the PID Form learned in a University course can cause gross errors in the tuning parameters and potential instability. The PID Form predominantly used today is not the Form in most of the controllers...
Innovative HART communications specialty company ProComSol announced earlier this month that they now have an Android based application that when combined with their Bluetooth modem allows any Android Ice Cream Sandwich based system to be used as a handheld communicator for any HART 7 or earlier device.
There have been many reports of the Chinese and others attacking our critical infrastructure. Bob Radvanovsky from Infracritical acquired some Ruggedom switches from E-Bay and set up a network emulating a well pumping station. Within 2 hours of connecting the systems, he was being attacked primarily from China.
The near-final agenda is now available at www.icscybersecurityconference.com. In finalizing the agenda, one of the presenters will provide very recent results of an ICS honeypot that is being attacked from China. The Chinese were trying to take both root and administrative access to very popular substation communication devices.
October 7-9, I attended the IEC TC45A meetings on nuclear plant cyber security. The nuclear plant standards still need to be more control-system focused and to address both malicous and unintentional cyber incidents.