This discussion follows one from months earlier by Walt Boyes on functional security.
As a result of the San Bruno natural gas pipeline failure, I have a had a number of conversations with people on the definition of "cyber incident". What is clear to me is that using the term "cyber" which in the IT world connotes a malicious attack can mean something totally different in the ICS world. While the term "cyber" may be appropriate for the Windows-based HMI, some people feel it may not be appropriate for the field devices which are generally not Windows and often not connected to the Internet. There are similar discussions within the IT community on non-Windows computers (eg, Linux) and non-IP-based communications (eg, X.25). Rather than denial of service, the ICS world worries about denial of function, loss of operator view, etc. These failures, intentional or not, can have devastating consequences. Often it is not possible to distinguish between an unintentional incident and a malicious attack. Currently, the NIST definition states that electronic communications between systems that affects C,I, or A is a cyber incident. The Hatch nuclear plant, Browns Ferry, Bellingham, and DC Metro incidents to name just a few were cyber incidents by this definition as was San Bruno. Do we need a new ICS term in place of the term "cyber"? Do we need to redefine what is meant by Integrity to include design deficiencies? These are all good questions and I expect this discussion to go on with the revision to ISA 99.01. These issues will get even worse in the future. Let's not forget the goal which is to ensure ICSs operate in a safe, reliable manner.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...