Legacy Control System Cybersecurity/Reliability Test Bed
Aug. 27, 2012
There has long been a strong desire to find solutions for securing industrial control systems that go beyond "simply" exposing problems and risks. So what is so difficult about finding solutions? The answer is technology, use and compliance. Solutions exist for some parts of the control system (Windows-based workstations, IP-based networks) that have been adopted/adapted from the IT community.
There has long been a strong desire to find solutions for securing industrial control systems that go beyond "simply" exposing problems and risks. So what is so difficult about finding solutions? The answer is technology, use and compliance. Solutions exist for some parts of the control system (Windows-based workstations, IP-based networks) that have been adopted/adapted from the IT community. The IT systems community has been exposed to vulnerabilities much earlier than ICS, and it makes sense to leverage the large investments made in IT by importing approaches that make sense in a control systems environment. Unfortunately, this leaves a good part of many control systems still exposed: there have been very few solutions for the actual field control systems, the non-Windows, non-IP parts of the loop.
I am currently working with a utility and some of their control system suppliers to secure their legacy control systems for reliability considerations. The team is looking at older systems with "minimal" security that will NOT be replaced for years and newer technology with some degree of security. As the utility is not under the purview of the NERC CIP process, they can address security from an engineering perspective. The utility has an Operational Technology (OT) manager with control systems background. To date, there have been meetings with OT, Operations, and two vendors.
The October ICS Conference (www.icscybersecurityconference.com) will provide a status of the utility/vendor program. This includes a lessons-learned by the utility and vendor teams and a better idea of the scope of the problem.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...