Control systems ARE different...yes they are!

The horse with stripes might just be a zebra  Joe Weiss posted a great discussion of how and why they are different, and why control engineers are different and have different training and skills at Unfettered. Once again, it becomes clear that control systems, whether they are machine controllers, cell control systems, single loop control systems, DCS systems or SCADA systems, have their own sets of issues that people skilled only in computer science, and who have only worked in Enterprise IT do not have the expertise to understand. So, what do we do about it? Well, one of the things we can do is to recognize the situation for what it is, instead of sticking heads in the sand and arguing that just because the horse has stripes, it isn't a zebra. The obvious next thing is, how do we educate IT experts in the arcane ways of automation, and just as important, how do we educate automation professionals about the lessons two generations of IT professionals have learned about security? We have to do both of those things, or we will be guilty of endangering our critical infrastructure-- and all the millions of people who depend on it for their daily lives. I've just been invited to work on the third edition of the Automation Body of Knowledge...a sourcebook created by ISA for just the purpose of educating people inside and outside the Automation profession about what it is that we do here, and why we do it. I was supposed to write the chapter on process for the first and second editions, but prior commitments made it impossible. If you are a cybersecurity professional, and you haven't got years of process or factory automation domain expertise, do you own one or more of these books? The Automation Body of Knowledge, ISA Press, www.isa.org/books The Instrumentation Reference Book, 3rd Edition, Butterworth-Heineman, www.amazon.com (I admit to being the editor of this volume...and I still like it a lot. The 4th edition will be published in late 2008.) The Instrument Engineer's Handbook, by Bela Liptak, CRC Press/ISA Press (I admit also to being a chapter author here as well) www.isa.org/books If you haven't read any of these, you might want to. There are others. And this year, we'll be producing a series of "Back to Basics" videos for controlglobal.com. We invite you to watch them and learn.

What are your comments?

You cannot post comments until you have logged in. Login Here.

Comments

  • Walt - hope I haven't been too far on the other side of your arguments on the SCADA lists. I have a computer science degree, have worked several years as an integrator and about as many full time IT jobs. You have the right idea. I think your 5th paragraph puts it best:

    The obvious next thing is, how do we educate IT experts in the arcane ways of automation, and just as important, how do we educate automation professionals about the lessons two generations of IT professionals have learned about security?

    I'd like to point out that an easy first step is drawing lines in responsibility. This is a bit oversimplified, but I've been successful in the past with a little communication on both ends - IT guards and configures the network and servers, automation experts deal with hardware and PLC programming. Distributed control clients fall in the middle, but that's not too difficult a problem. A little recognition and communication goes a long ways as a starting point. Then it becomes a matter of training.

    Reply

RSS feed for comments on this page | RSS feed for all comments