As a nuclear engineer who has worked inside and outside of the nuclear industry, I have my thoughts on why nuclear plants are so far behind non-nuclear facilities in securing control systems. I spent 5 years managing the EPRI Nuclear Plant Instrumentation and Diagnostics Program.
Why IT needs to keep its distance from control systems Several actual events and tests have shed new light on why IT needs to understand the issues with control systems before things go uncontrollably wrong. That is, control systems (Operations) coordination and leadership is absolutely required before those networks are...
Today, we received a press release from a security company, announcing that they had found a vulnerability in a piece of third-party software. We often get these. I'm not naming names. What we DON'T get, however, is the context.
Since Mark has brought up the issue, I think it is time for a complete response. It may ruffle some feathers. When I first got involved in cyber security at EPRI in February 2000, we had to make a decision as to what should be the scope of the program.
I had a telephone and email exchange today with an international electric industry security standards committee that I would like to share. It goes to the heart of the issue that there is little knowledge and understanding of control system cyber security issues and the resulting training that is required.
Here's the official press release from Steve Kim at Wurldtech. I'm posting it, because Joe is quoted in it, and he is the shy and retiring type, and doesn't want to blow his own horn (not). Walt
-------------------------------------------------------------------------------- I suspect many of you know me. I'm Jake Brodsky. I write online about SCADA from the perspective of an asset owner. A lot of people tell me I write good stuff. Most think I have my hea...
I had the opportunity to attend and participate in the St. Mary’s University Cyberterrorism Law Conference in San Antonio Wednesday and Thursday. There were several interesting observations: - Since the focus was cyberterrorism, the conference was heavily tilted the government and DOD.
From Bryan Singer at Wurldtech: Wurldtech is launching an applied research project which I think would appeal to folks like yourself. The planned undertaking is the largest study of its kind, examining the cyber security threats and vulnerabilities present in currently deployed control systems. By leveraging the Achilles platform...
I am at a cyberterrorism and law conference in San Antonio.