Lessons learned to date on utility testbed
Even though we are just in the preliminary stages, there have been a number of interesting findings:
- Even though there are a plethora of cyber security solution providers, very few actually understand the unique needs of the ICS community.
- Many of the non-ICS technologies, though not developed for reliability, can provide benefits to the ICS community with "minor" modifications.
- There are unintended consequences of using IT-developed technologies for ICS applications such as use of VMware thin client architecture. ICSs need to have guaranteed resources always available. IT staff changing memory or storage allocation can cause significant impacts on ICS performance.
- Depending on product security certification may not be sufficient. Since ICSs are systems-of-systems, product certification does not address the interconnectivity between systems.
- The testbed provides a unique opportunity to address the integration of devices from multiple vendors using different security approaches.
- The ultimate purpose of the test bed is to better secure the utility's ICSs for reliability. That is, make ICSs more robust as a more robust ICS is a more secure system. However, a more secure ICS is NOT necessarily a more robust ICS. Consequently, the focus on reliability.