What does it take to get engineering back into security?
July 1, 2013
As an engineer, I have been brought up to work with number, physics, and logic. As a control systems engineer, I have brought up to focus on reliability and safety - we want the process to work and not to hurt people. I had a large group of like-minded colleagues that I could call on to discuss these issues in a reasonable technical manner. In general, governments were passive bystanders except for the Nuclear Regulatory Commission (NRC) when it came to licensing of plant safety. What's more information sharing was a given and occurred at multiple venues. Alas, cyber security shows up.
As an engineer, I have been brought up to work with number, physics, and logic. As a control systems engineer, I have brought up to focus on reliability and safety - we want the process to work and not to hurt people. I had a large group of like-minded colleagues that I could call on to discuss these issues in a reasonable technical manner. In general, governments were passive bystanders except for the Nuclear Regulatory Commission (NRC) when it came to licensing of plant safety. What's more information sharing was a given and occurred at multiple venues. Alas, cyber security shows up. Now look what has changed: - IT has effectively taken over control systems under the guise of security - Programs like the NERC CIPs require people to use "the Emperor wears no clothes" philosophy and look the other way - IT organizations feel if it doesn't affect their systems, it is of no interest - IT security technologies are developed for IT and rebranded as SCADA without having an understanding of what it can do to control systems - Government organizations are developing "consensus" standards without having any requirement that these standards are actually meaningful. - Most distressing of all is the chasing of the buck where previous collegial discussions and honest disagreements are now branded as heresy with all of the accompanying back-biting
The utility test bed is meant to try to change the paradigm of security for security sake and make it security for reliability and safety sake. We have the only utility in the country willing to evaluate these cyber security technologies and talk about them. Yet, we are still on the outside looking in.
Before it is too late, how can we go back to being engineers?
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...
