CISCO Executive Briefing Sessions on ICS Security

    Jan. 29, 2010

    Tuesday to Thursday, I presented a control system cyber security discussion for CISCO’s Executive Collaboration Roundtable (ECRT). The sessions were for electric utilities and addressed NERC CIP, Smart Grid, NRC cyber security, and most importantly engineering prudency. More than 40 attendees from approximately 32 utilities attended via TelePresence and WebEx. Most were from IT. There were some common assumptions and themes:

    Tuesday to Thursday, I presented a control system cyber security discussion for CISCO’s Executive Collaboration Roundtable (ECRT). The sessions were for electric utilities and addressed NERC CIP, Smart Grid, NRC cyber security, and most importantly engineering prudency. More than 40 attendees from approximately 32 utilities attended via TelePresence and WebEx. Most were from IT. There were some common assumptions and themes:
    - It is not possible to fully secure control systems. This surprised many of the IT attendees. The intent is to put a “club” on them to make them more secure than they are now. There are currently no best practices for trade-offs between performance/safety and security.
    - Silos still exist between IT and operations. There were discussions about this topic each day – we are getting better but have a long way to go. It should also be noted that Operations is not homogeneous either. The silos make it difficult to adequately address control system cyber security.
    - Employing inappropriate IT policies and tools, such as scanning, can affect control systems. One utility mentioned they tried scanning a control system network in a power plant. This impacted the plant and IT was “not invited back”. In this case, the plant was down for an outage so it did not shut the plant down, but it did shut the DCS down for several hours.
    - Particularly for NERC CIP compliance, many IT participants felt they had “air gapped” the control networks from Corporate and elsewhere. After further discussions in each session, it became more evident they had not fully isolated their control systems.
    - Control system vendor products surprised many of the IT attendees. By simply googling control system vendor products, the websites showed they were using Bluetooth, had internal modems in their devices, etc. 
    - The most fundamental and important issue with all three sessions was the aim – almost all were concerned about NERC CIP which is a compliance exercise- many were not reacting to the fundamental reason for cyber security is to protect the reliability of their hundreds of millions of dollars worth of operational assets.

    All in all, they were very good sessions, with the “lights going on” as each session progressed.

    Joe Weiss

    Continue Reading

    Sponsored Recommendations

    Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
    Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
    Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
    An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...

    Latest from Home

    Fantasy cartoon artistic image of a monster that is a sickly black rat with the wings and tail of a pigeon in a medieval alley (AI generated)
    shutterstock_2350178555_converted
    Brain drain, immigration in foreign country. Tiny graduates and students, migrants with suitcases and bags running to fly abroad to work and study, leave motherland cartoon vector illustration

    Most Read

    Sponsored