Log In Register
Print page

Home » Articles » Boyes

Voices: Boyes

Airport Kabuki and Functional Security

What do 9/11, the Detroit Bomber and ICS Security Have in Common?


Walt BoyesBy Walt Boyes, Editor in Chief

In his "Unfettered" (http://community.controlglobal.com/unfettered) blog post, "What do 9/11, the Detroit Bomber and ICS Security Have in Common," Joe Weiss makes a really good point: The result of all governments' responses to the Dec. 25 incident on the approach to Detroit's International Airport has been to stir up the anthill, impose more onerous conditions on the innocent travelling public, and fundamentally do nothing to improve security.

I've been calling this Airport Kabuki or Security Theater. I admit to stealing those names, and I can't remember who said them first.

Why do I call it theater? Because the transportation safety regulations since 9/11 ignore the most important things that you ought to do if you really want to improve security: figure out who's most likely to be a threat, isolate that threat, and contain it.

Instead, in the name of civil liberties and political correctness, we've made everybody conform to humiliating and financially debilitating gyrations for airports, airlines and consumers. "Take off your shoes! Take off your belt! Take off your watch! Take out your laptop!" All you have to do is participate in this kabuki play at any airport to know how the population feels about it. It is clearly nonsense, and everybody knows it.

Yet, because we will not recognize, isolate and contain the threat, the young Nigerian man implicated in the Detroit airplane bombing attempt could quite cheaply throw the travel economy of the Western world into a tailspin (pun intended) on Christmas.

So what do we do?

  1. Scan everything and everybody. It's been said that it is too costly to do this. It has also been said this is an invasion of privacy. Both are nonsense in the face of the threat. This would simply shut down the threat window.
  2. Use profiling techniques to isolate potential threats. TSA is prohibited from doing this, since it has been determined to be an invasion of privacy.
  3. Seamlessly integrate the threat databases in Commerce, State, Homeland Security, and FBI. This was ordered done, DHS was put on the hook for doing it, but the other departments have been foot-dragging. This is a "must do." Calling it a "systemic failure" as the president did, and slapping Janet Napolitano around doesn't and mustn't disguise the fact that the other agencies, particularly State, CIA, the FBI and Secret Service, don't play well with others, and have been doing masterful foot-dragging exercises to keep from losing control over their turf. So it isn't all DHS' fault.
  4. Allow anybody who wants to qualify to be a reserve air marshal. There'd be no question about what should have happened on Dec. 25 last if we instituted that.

The same is true, as Joe points out, for control system security (functional security). The federal government is doing little to require utilities and other critical infrastructure industries to go beyond simple compliance to standards that are, themselves, weaker than they need to be.

The same is true for functional safety, where, over a year after the deadly coverup and accident at Bayer Cropscience in West Virginia, no one is being held accountable, not for the improper practices that killed two workers, nor for the coverup. Congress had hearings that then went nowhere.

Leadership begins at the top, Mr. Obama. Leadership begins with your insistence that your departments really work together, not just for airport security, but for functional security and functional safety as well. Let FERC have enforcement over all the utilities. Let DHS really do its job.

Stop Security Theater Now! 

More Voices

Airport Kabuki and Functional Security
02/02/2010
What do 9/11, the Detroit Bomber and ICS Security Have in Common?

Functional Security–Walking the Walk
01/08/2010
When It Comes to Functional Security, How Do You Handle Security Updates?

ISA: What Is There to Do?
12/11/2009
ISA's Executive Board Needs to Hire a Turnaround Specialist, Not Another Association Manager - or Divvy Up the Money and Go Home

Opportunity Out of Crisis
11/03/2009
What Would Happen if ISA's Leadership Began to Creatively Restructure and Reorganize the Organization?

Shrink-Proof Your Career
10/12/2009
Read This Article and Find Out Why Boyes Says That Automation Professionals Have Been Less Hurt by the Recession Than Other Professionals

Creating a Safety and Security Culture
09/02/2009
The Process Manufacturing Industries Are Inherently Dangerous. Accident Still Happen, Plants Blow Up, and People Get Injured

Creating Functional Security and Safety
08/11/2009
We Still Have Not Managed to Create Whatever Culture We Need to Eliminate the Majority of Safety and Security Failures

Functional Safety and Security- It's Cultural
07/09/2009
Fostering a "Safety and Security Culture" in Our Workplaces

Another Major Safety Fail
06/22/2009
There’s No Way to Tell If the Safety System Would Have Worked, or Did Work, Because Major Parts of It Were Turned Off

Save the WBF
05/11/2009
If You Care About 21st-Century Manufacturing, Go to the Website and Join WBF. We Need the “How” as Much or More Than We Need the “Why”

How Safe is Safe? How Secure is Secure?
04/03/2009
Functional Security: a Convergence of the Disciplines of Functional Safety and Control System Cybersecurity

It’s Not Just a Job
02/27/2009
Welcome to the Hotel Automation. You Can Check Out but You Can Never Leave

What Will It Take to Keep Us Cyber–Safe?
02/06/2009
How Are Different Companies in the Automation Industry Approaching Cybersecurity Issues? Are They Working Towards Protecting Their Assets?

So You Can’t Retire—Now What?
01/09/2009
If Your 401K or Pension Plan Has Lost Its Value, Take a Look at Your Skills and Your Training. Now May Be the Time to Look at CAP or CCST Training

It Looks Like Up to Me…
12/12/2008
The Process Industries Will Be Among the Least Affected of the Industrial Verticals by the Global Economic Meltdown

What Is To Be Done?
10/28/2008
Who’s Going to Step Up and Create A Global Infrastructure Computer Emergency Response Team?

ISA100.11a: Half Baked to a Schedule
10/06/2008
If this Standard's Not Done, It Shouldn't Be Leaving the Oven

If They Can, Why Haven’t They?
09/05/2008
It’s the Time Between When the Vulnerability Is Found and When It Is Fixed by the Vendor and the Fix Is Installed by the End User That Is Scary

Not Playing Nice
07/29/2008
If You Were Waiting for the ISA Standard to Make Everything Right, You Might as Well Stop. It Isn’t Going to Happen

The Future and YOU
07/01/2008
Manufacturing Isn’t Going Away, Toffler Pointed Out, Any More Than American Agriculture Went Away A Hundred Years Ago

Them as Can, Do
06/12/2008
Informing the Government of the Problem Is Good, but It Might Be Better for ISA to Spend Some Serious Money Doing Something About It

Sometimes You Just Have to Let Go
05/04/2008
ISA Has Decided to Use the Compliance Institutes as a Way to Recover the Lost Revenue from the Dying ISA Show

The Elephant in the Room
03/28/2008
There’s an Elephant in the Wireless Room

Just Because They Haven’t, Doesn’t Mean They Won’t
03/07/2008
At the SANS Conference in January, CIA Representative Tom Donahue Revealed that the Agency Had Documentary Evidence of Attacks on Utilities Outside the U.S. Of Course, If Systems Can Be Hacked Outside the U.S., the Same Systems Are Vulnerable Inside. And the Systems Are the Same.

The Horse with Stripes
02/04/2008
IT Security Professionals Profess to Be “Industrial Cyber Security ," Yet, It Takes More to Function Properly in the Industrial Controls Environment

A Quick Pause for Shameless Self-Congratulation
01/03/2008
Walt Boyes Says: "We're Still Here, and We’ve Created the Best Magazine in the Space"

What’s in a Name?
12/10/2007
ISA Council of Society Delegates votes to rename the society the International Society for Automation.

Get ‘em While They’re Young
11/06/2007
We need to attract new star talent to the automation profession.

What’s It Going to Take?
09/27/2007
The ASM Consortium, and the Center for Chemical Process Safety, ISA, the IEC and other organizations have been out beating the drum for increased operator training and improved alarm management and human-machine-interfaces.

Out of the Automation Box
07/13/2007
ISA announces the S100 Compliance Institute to test and enforce compliance with new wireless standard. The S100 will be avilable to the publin in late 2008.

Take one for the team!
06/01/2007
Organizations that only serve declining memberships are missing the point. The number of automation professionals isn’t declining; it is the number of them who feel the need to be included that’s declining.

Finally playing nice
05/01/2007
Editor in Chief Walt Boyes congratulates the members of the SP100 Industrial Wireless Standard committee for their willingness to compromise in the name of service to the end-user community.

The virtues of simplicity
04/01/2007
If we can design higher level development tools, both hardware and software, all the way down to kids’ toy level, imagine what we’re about to see for design tools for professional automation applications.

Profession development kit?
03/01/2007
For the automation profession to be successful and recognized as one of the most important disciplines in the world, ISA has to reinvent itself as the banner carrier for the automation profession.

Reaching the young crowd
02/01/2007
It’s time the industry develops new content and new ways of delivering it to young automation professionals, the ones who are so hard to find, and who are so leery of joining professional organizations.

Who do we trust?
01/03/2007
Among high-tech industries, surveys show that end users of process automation equipment and systems trust their vendors more than trade magazines, industry analysts and others.

Control is truly global!
12/01/2006
Perhaps you’ve noticed articles in CONTROL and on ControlGlobal.com have become less North America-centric over the past few years. This is intentional, and you can expect the trend to continue.

UCSC and automation education
11/01/2006
There aren’t many schools training automation professionals, but who can blame them for not wanting to do more than a head nod toward teaching the tools and techniques in their science and engineering curricula?

The world according to…
10/13/2006
There may be no going back to the days when people believed that ISA was the voice of the end user, but if it wants to carve out new territory for itself, it needs to put money back into niche groups.

SP50 times two?
09/01/2006
CONTROL Editor Walt Boyes says we need to do more than pay lip service to the idea of user input when it comes to ISA’s SP100 Wireless Standard and proposes formation of a central, unbiased user group.

Vendor vs. vendor
07/03/2006
CONTROL Editor in Chief Walt Boyes issues a challenge to end users everywhere: Tell your vendors to stop playing Spy vs. Spy and participate fairly in standards creation for fieldbus and wireless.

Are the wireless standards stalled?
06/01/2006
At one point, SP100 nearly didn't issue a true standard. Now, HART Wireless is in trouble, too. What’s it going to take to not repeat the SP50 debacle? CONTROL Editor in Chief, Walt Boyes, comments.

Immigrants are us
05/05/2006
We are all immigrants here, and if you look at the contributions made by immigrants to arts, letters, science and engineering in the U.S. over the past 400 years, the amount of innovation is staggering.

End users walk the walk
04/07/2006
There’s been a huge language shift in the industry during the past 20 years which is driving end user nuts. It seems the higher you go up in the automation food chain, the harder it is to describe what you do.

Would you want your kid to do this job?
03/10/2006
Despite a shortage of young engineering professionals, most of us don't want our kids to grow up to work in the automation industry, but what is automation but applied information science?

Institutional knowledge for the future
02/10/2006
Knowledge earned by hard work and experience in process automation is waning at an alarming rate, but there are a few shining lights on the industrial landscape. CONTROL Editor in Chief Walt Boyes comments.

My opinion doesn't count!
01/09/2006
Why do we do the Reader's Choice Awards? Because an editor's opinion doesn't matter, that's why. Read Editor Walt Boyes' column about this year's survey and find out who's the best...according to you!

It's a great time to be an end-user!
12/02/2005
Editor in Chief Walt Boyes says the Big Boys are prepared to buy your loyalty with all sorts of goodies, so keep your price high. It's a buyer’s market out there for the first time in decades. Read why.

How safe is your job?
11/01/2005
Editor in Chief Walt Boyes implores you to watch trends, stay current in your field, and have a backup plan just in case the levee breaks. After all, when it comes to job security, the best defense is a good offense.

Can we make the jump to a wireless plant?
10/10/2005
CONTROL's Editor in Chief Walt Boyes says that if we don't, we won't continue to show the productivity and cost savings we've been able to until now. Read how wireless can affect what you do.

You better know more!
08/28/2005
There is excellent training out there, provided by trainers who aren’t vendors, and don’t have the barely hidden agenda of wanting to sell you stuff.

The summertime blues
08/07/2005
CONTROL Editor in Chief Walt Boyes prepares for another round of User Group Madness meetings and says he’d like to see creation of an unbiased user group run by end users of many different products.

In the future: More, better, cheaper sensors
07/27/2005
According to Editor in Chief Walt Boyes, instrumentation companies are going to have to re-think their design criteria if they are going to make the “lights out” plant of the future practical.

How can we save ISA?
07/01/2005
The resignation of ISA’s third Executive Director in less than six years makes CONTROL Editor in Chief Walt Boyes wonder what ISA has that still matters to the typical process automation end user.

Security is more than hating Microsoft
06/01/2005
In his June editorial for CONTROL, Editor in Chief Walt Boyes believes we are picking unfairly on the security flaws of Microsoft, while ignoring the wider implications of the problem for process automation.

C’mon, vendors, let’s step up!
05/15/2005
ISA has been trying for years to get employers in the process industries to support process automation careers, but it could do a lot more if it had the volunteer involvement it used to have from vendors.


Free Subscriptions

Control Digital Edition

Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.

  • Featured White Papers