I thought an unsolicited summary of the ACS Conference might be in order.
"• Group: Process Control Systems Forum Members (from NRC's Perry Pederson)
• Subject: New comment (1) on "The website for the October Control System Cyber Security Conference to be held at the Bethesda, MD Marriott is available at www.realtimeacs.com. Joe Weiss (408) 253-7934 [email protected]"
I attended Joe's conference this week. There were some really good presentations and discussions and enough congressional representation that we could have held a vote on health care. Obviously, the issue of cyber security is coming into vogue and getting some much needed attention. A lot more to do...
Good job Joe!"
Congresswoman Yvette Clarke and Congressman James Langevin along with their staff attended the conference. There were approximately 110 attendees. The attendees and Congressional delegations were surprised at the lack of attendance by the utilities. particularly by the following:
- NERC CIPC utility leadership
- EEI
- NRECA
- APPA
- NEI (Nuclear Energy Institute)
- utility leaders from the NEI security working group
- EPRI
- INL
- DHS S&T
I believe the lack of attendance is a reflection of the interest level of the utility industry in actually securing their facilities. What should be highlighted was the two utility control system engineers that discussed their control system cyber incidents came “on their own nickel”. They did so because they thought it was so important to discuss what they have experienced and the lack of vendor support. Obviously, the above listed organizations have different priorities. Even the local utilities (PEPCO and Dominion) couldn't find it important enough to attend. It is disconcerting that DHS S&T did not feel the need to hear what the ACTUAL control system cyber security issues so their R&D agenda is commensurate with these issues. It is also a shame that the INL security program will attend the SANS SCADA Conference in Stockholm, but couldn’t send a single individual to this or the previous two ACS conferences. What a message.
It should be mentioned that NEI and the utility leadership of the NEI security working group have yet to attend even one non-nuclear control system cyber security conference. This includes ISA POWID 2007-9, ISA Expo 2007-9, Electric Power 2008, or the ACS 2007-9 conferences. NRC’s Scott Morris pulled no punches when he discussed the lack of nuclear utility leadership willingness to address this vital issue in a MEANINGFUL manner. I believe the NRC approach which will utilize NIST SP800-53/NIST SP800-82 will be the wave of the future for ALL industries.
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...
