Home

HTCIA presentation, CISAC meeting, and continued lack of ICS cyber security understanding

May 15, 2012

I gave a presentation on May 10th at the High Tech Crime Investigation Association Meeting (HTCIA) in Menlo Park, CA on Industrial Control System (ICS) Cyber Security. As with most presentations, the unique ICS issues were new to most of the attendees but I wanted to share two tell-tale reactions from that day. First, during my presentations I often mention that ICS are bought and sold as being secure, when in reality they come out of the box vulnerable but capable of being secured. I illustrate that point with the example of a plant that purchased a Distributed Control System (DCS) believing it came vendor-loaded with Antivirus, only to realize later that it only came capable of supporting Antivirus software but had none installed. Somehow a virus entered this DCS and went undetected for an unknown period of time. At that point came the first interesting reaction from the audience: a senior utility security representative stated one of their plants had implemented a DCS capable of, but not actually endowed with, Antivirus. They also had a virus on the DCS. It is not clear which plant was affected or if it was a nuclear facility, but the security and potentially safety implications are considerable. The second interesting reaction of the day was the ongoing denial about the reality of the vulnerabilities exposed by the 2007 Aurora test at the INL. The same senior utility security representative stated he had “heard that the INL test was rigged" to give the desired results - it was NOT. This is one reason why we will have an entire session devoted to Aurora at the 2012 ICS Cyber Security Conference in Norfolk, VA (http://www.icscybersecurityconference.com/).

On May 14th, Stanford’s Center for International Security and Cooperation (CISAC) had a seminar by Professor David Alderson of the Naval Postgraduate School on critical infrastructure protection. The attendees were some of the top names in the field. It was a fascinating presentation using Operations Research methodology and game theory to determine how to protect critical infrastructure. Dr. Alderson mentioned that in order to secure infrastructure it is critical to understand how systems operate and their interactions. This has been a continuing of mine with having people without control system domain expertise making decisions, or designing products for, ICS cyber security. Dr. Alderson’s presentation did not address some of the issues unique to ICS and I have been invited to speak about ICS cyber security at one of the next CISAC sessions.

Joe Weiss

HTCIA presentation, CISAC meeting, and continued lack of ICS cyber security understanding

Continue Reading

Controlling steam: What you don't know can hurt you

LNG provider boosts operator competence with Immersive Field Simulator

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The Benefits of Using American-Made Automation Products

50 Years of Automation Innovation and What to Expect Next

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Latest from Home

Better assess asset performance

Escape the basement, embrace diversity

Top 50 automation suppliers

Most Read

Top 50 automation suppliers

The future is brighter than you think

How to size and select your next pressure relief valve

Sponsored

Mastering Precision: The Art and Science of Industrial Clamping for Seamless Machining

Toggle Clamps: Everything You Need To Know

From the Powertrain to Your Kitchen - Know the Different Types of Latches For Your Application