1. Home

Further Information On September 20-23 ACS ICS Cyber Security Conference

July 26, 2010

ICSs are designed for performance and safety, not security. The recent Siemens Programmable Logic Controller (PLC) and VxWorks (real time operating system for ICS field devices) vulnerability disclosures lay bare significant security gaps in ICSs. Moreover, the differences between IT and ICSs led to the conflicting recommendations on the Siemens PLC vulnerability by Microsoft and Siemens. The Siemens and VxWorks vulnerabilities coupled with the Hatch Nuclear Plant cyber incident demonstrate we are still learning what is unique about ICS cyber security.

ICSs are designed for performance and safety, not security. The recent Siemens Programmable Logic Controller (PLC) and VxWorks (real time operating system for ICS field devices) vulnerability disclosures lay bare significant security gaps in ICSs. Moreover, the differences between IT and ICSs led to the conflicting recommendations on the Siemens PLC vulnerability by Microsoft and Siemens. The Siemens and VxWorks vulnerabilities coupled with the Hatch Nuclear Plant cyber incident demonstrate we are still learning what is unique about ICS cyber security. Despite the perception that ICSs look like IT systems, they are not and need to be addressed accordingly. This has enormous implications for the Smart Grid, nuclear plants, and other critical infrastructures.  ICSs must continue to operate – cyber security mitigation cannot be allowed to impact their mission. Yet, as of today there have been little discussions between the ICS domain experts and cyber security experts to try to prevent the unintended consequences that CONTINUE to occur to these critical systems. Consequently, like last year’s conference, here is a peek at what to expect at this year's ACS Conference:

- Presentations by end-users providing first-hand experience on actual ICS cyber incidents.
- Input and participation from the Navy and Air Force as ICS cyber security also directly affects them.
- Presentations by the Nuclear Regulatory Commission (NRC) and FERC
- Demonstrations of ICS cyber vulnerabilities.
- Significant time allocated for open discussions on how to address the problems. And lastly, because this subject is so important to them, at least one member of Congress and the Chairman of FERC are adjusting their schedules to speak to the Conference.

We are finalizing the contract with the hotel early this coming week, You will be notified when the website will be open for registration. As with previous ACS Conferences, the presentations will only be available to Conference attendees.

PS - The next meeting of the ISA 67 joint working group on nuclear plant cyber security will be Monday Morning September 20th at the hotel. Additional activites in conjunction with the Conference are being finalized.

Joe Weiss

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

shutterstock_2425509123
shutterstock_2490634143
processing

Most Read

Sponsored