One answer as to why control systems are still so vulnerable
May 13, 2018
One reason control systems are still so vulnerable is the lack of understanding by IT security and the lack of participation in the control system security process by control system experts.
The following question was asked May 12, 2018 on the SANS ICS Community site: “I am gonna assess hydro power plant running several turbine generators controlled by SCADA Scala 250 from Andritz. This a very specific ICS environment. I am curious if someone here has any experience with this kind of assessment with hydro power plants and power turbines. I need to know what's the most critical functional blocks here and where to focus.”
There are several issues screaming about this post. Doesn’t the operator understand the need? In reality, why was the operational group that understands SCADA not involved? Why was the IT security organization that doesn’t understand SCADA putting out the RFP and making the vendor selection? How can the operator accept an assessment by someone having to reach out to even understand what to assess? Unfortunately, this is the norm not the exception.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...
