Control System Cyber Security and Auditors
I just returned from participating on a panel session at Electric Power 2008 in Baltimore. Electric Power 2008 is focused on electric power generation (not transmission and distribution). Consequently, it was fascinating to hear what the generation attendees felt about security and the NERC CIPs as well as to see...
Training the Bad Guys Dale Peterson’s April 22nd blog had the following: “Jason Larsen’s presentation on SCADA and Control System hacking from Blackhat Federal 08 is now available.” There has been a prevailing view that control systems are secure because they are so arcane and obscure.
Applied Control Solutions, LLC For Immediate Release Contact: Joe Weiss (408) 253-7934 or email@example.com. Cyber Security Conference Focusing on Potential Causes, Prevention of Recent Power Blackouts and Plant Shutdowns (Trips) August 4-7, 2008 – Burr Ridge, IL Applied Control Solutions, LLC announces the eighth in a series of conferences focused...
I had a meeting Wednesday morning with an IEEE standards committee on cyber security of substation devices. Following that, Marshall Abrams from MITRE and I gave a presentation at RSA, which is billed as the world’s largest cyber security conference.
The following report by Ryan Singel appeared at Wired.com yesterday. April 09, 2008 On June 10, 1999, a 16-inch diameter steel pipeline operated by the now-defunct Olympic Pipeline Co. ruptured near Bellingham, Washington, flooding two local creeks with 237,000 gallons of gasoline.
I have been involved in hosting a conference on control system cybersecurity for seven years. It has always been held with a focus on and with the perspective of a control systems engineer. Several events have “opened my eyes” to what seems to be missing: * Design issues.
I read about, or attend, government programs, industry programs, and industry conferences that purport to have solutions for “SCADA security”. All I can do is shrug my shoulders. There are several fundamental issues that have not yet been addressed: - There is still a dreadful lack of understanding about legacy...
As a nuclear engineer who has worked inside and outside of the nuclear industry, I have my thoughts on why nuclear plants are so far behind non-nuclear facilities in securing control systems. I spent 5 years managing the EPRI Nuclear Plant Instrumentation and Diagnostics Program.