Several major electric utilities and NERC auditors have demonstrated the inanity NERC CIP implementation.
An IT security person from PG&E stated he would maintain the integrity of the firewalls even if it meant it would turn the lights off. His job was security not operations, and that came first.
Since the NERC CIPs mandate anti-malware and anti-virus protection, some large utilities, including Con Ed and PSE&G, are mandating protective relays to have malware protection even though adding this function will reduce the effectiveness and function of the relay. All this just to avoid Technical Feasibility Exemptions (TFEs).
NERC CIP auditors have fined utilities for attempting to make their utilities more secure than the NERC CIPs. Can you imagine being fined for trying to be more secure than NERC’s minimum bar?
NERC auditors allow inappropriate policies because the CIPs only require policies, not APPROPRIATE policies.
Control systems are engineered systems implemented for the purpose of keeping lights on, not providing security. These are systems not just individual components.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...
