1. Home

What Is ICS Cybersecurity – You Don't Need Digital Assets

Oct. 8, 2014

Determination of the potential impact that a cyber incident may have on the ICS should incorporate analysis of all non-digital control mechanisms and the extent to which they can mitigate potential negative impacts to the ICS.

I am in Las Vegas attending the IEC TC45A Nuclear Plant Cyber Security Standards meetings as a designated US Expert. As mentioned, in my earlier blog, I have a great concern about many people in nuclear (and other) industries only focusing on malicious cyber attacks to the exclusion of unintentional cyber incidents. There is also a prevailing misconception that you need to have a digital system in order to be cyber vulnerable. Older analog systems also have CPUs and signal processing. The recent disclosures about cyber vulnerabilities about HART (4-20milli-amp) protocol makes this issue not just a discussion about unintentional incidents but also brings it into the malicious realm.

As mentioned, the NIST definition of a cyber incident does not mention “digital” nor does it require the incident to be malicious. The latest draft version of NIST SP800-82, Rev 2, “Draft Guide to Industrial Control System Cyber Security” states the following:

“3.5.Consideration of the Potential Physical Impacts of an ICS Incident

Evaluating the potential physical damage from a cyber incident should incorporate:

i)    how an incident could manipulate the operation of sensors and actuators to impact the physical environment
ii)    what redundant controls exist in the ICS to prevent an impact; and
iii)    how a physical incident could emerge based on these conditions.

Determination of the potential impact that a cyber incident may have on the ICS should incorporate analysis of all non-digital control mechanisms and the extent to which they can mitigate potential negative impacts to the ICS. There are multiple considerations when considering the possible mitigation effects of non-digital control mechanisms.”

Yesterday (10/7), I had a conversation a with senior government official that demonstrated a gap in understanding of what is a cyber incident. The official told me he had read my recent blog about TMI (Three Mile Island) being an ICS cyber incident. His response was it couldn’t be because there was no digital assets in TMI in 1979. The “aha” was he did not realize you do NOT need to have digital assets to have a cyber incident. It is important to note this is not a hypothetical situation – ICS cyber security directly contributed to the core melt at TMI.

Continue Reading

Sponsored Recommendations

2024 Industry Trends | Oil & Gas

We sit down with our Industry Marketing Manager, Mark Thomas to find out what is trending in Oil & Gas in 2024. Not only that, but we discuss how Endress+Hau...

Level Measurement in Water and Waste Water Lift Stations

Condensation, build up, obstructions and silt can cause difficulties in making reliable level measurements in lift station wet wells. New trends in low cost radar units solve ...

Temperature Transmitters | The Perfect Fit for Your Measuring Point

Our video introduces you to the three most important selection criteria to help you choose the right temperature transmitter for your application. We also ta...

2024 Industry Trends | Gas & LNG

We sit down with our Industry Marketing Manager, Cesar Martinez, to find out what is trending in Gas & LNG in 2024. Not only that, but we discuss how Endress...

Latest from Home

Source: Trihedral

Most Read

Sponsored