The gap between IT and Control systems keeps getting bigger – continued

    July 29, 2010

    April 22nd, I wrote the following blog: As part of on-going Smart Grid efforts, IEEE issued the draft standard P1547.4/D10.0 1 Draft Guide for Design, Operation, and Integration of Distributed Resource Island Systems with Electric Power Systems for balloting ending April 17, 2010. The draft standard addresses microgrids in electric power systems and provides alternative approaches and good practices for design, operation, and integration. The document is intended to provide an introductory overview and address engineering concerns of distributed resources.

    April 22nd, I wrote the following blog: As part of on-going Smart Grid efforts, IEEE issued the draft standard P1547.4/D10.0 1 Draft Guide for Design, Operation, and Integration of Distributed Resource Island Systems with Electric Power Systems for balloting ending April 17, 2010. The draft standard addresses microgrids in electric power systems and provides alternative approaches and good practices for design, operation, and integration. The document is intended to provide an introductory overview and address engineering concerns of distributed resources. The document is a very good engineering document. However, it does not mention cyber security even once.

    I just reviewed IEEE P1676™/D1.0 Draft Guide for Control Architecture for High Power Electronics (1 MW and Greater) Used in Electric Power Transmission and Distribution Systems, dated July 2010 for the ballot closing July 30th. This standard is used for Smart Grid as well as NERC CIP assets. In the System Layer description, it states the following: "The system control layer sets operating modes, receives status information, and sends control loop settings and set-points in the application and converter control layers. The system control layer communicates with lower layers through fiber optic Ethernet using the TCP/IP for transportation of the data. Riding on the TCP/IP is the Application Protocol Data Unit (APDU) utilizing the IEC60870 standard protocol. The communication between the system control layer and lower layers is asynchronous in that it depends on both network traffic and frequency of requests from the system control layer." The document is a very good engineering document. However, cyber security is not mentioned once in the entire specification nor any firewalls or any other form security shown in the architecture. 

    As shown by the Siemens PLC problem and these two standards, the gap, or rather canyon, still remains between IT and control systems.

    Joe Weiss

    Continue Reading

    Sponsored Recommendations

    Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
    Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
    Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
    An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...

    Latest from Home

    Businessman in recruitment concept with horseshoe magnet
    Source: MxD
    Figure 1: Steady streams of students and other visitors take in the digital and cybersecurity demonstrations at Manufacturing times Digital (MxD) institute, which provides participants with programs in digitalized tools, cybersecurity and workforce expertise.
    Two petrochemical workers inspecting pressure valves on a fuel tank

    Most Read

    Sponsored