ACS Conference and electric industry apathy

Oct. 22, 2009

I thought an unsolicited summary of the ACS Conference might be in order. 

I thought an unsolicited summary of the ACS Conference might be in order. 

"• Group: Process Control Systems Forum Members (from NRC's Perry Pederson)
• Subject: New comment (1) on "The website for the October Control System Cyber Security Conference to be held at the Bethesda, MD Marriott is available at www.realtimeacs.com. Joe Weiss (408) 253-7934 [email protected]"
I attended Joe's conference this week. There were some really good presentations and discussions and enough congressional representation that we could have held a vote on health care. Obviously, the issue of cyber security is coming into vogue and getting some much needed attention. A lot more to do...

Good job Joe!"

Congresswoman Yvette Clarke and Congressman James Langevin along with their staff attended the conference.  There were approximately 110 attendees. The attendees and Congressional delegations were surprised at the lack of attendance by the utilities. particularly by the following:
- NERC CIPC utility leadership
- EEI
- NRECA
- APPA
- NEI (Nuclear Energy Institute)
- utility leaders from the NEI security working group
- EPRI
- INL
- DHS S&T
I believe the lack of attendance is a reflection of the interest level of the utility industry in actually securing their facilities. What should be highlighted was the two utility control system engineers that discussed their control system cyber incidents came “on their own nickel”. They did so because they thought it was so important to discuss what they have experienced and the lack of vendor support. Obviously, the above listed organizations have different priorities. Even the local utilities (PEPCO and Dominion) couldn't find it important enough to attend. It is disconcerting that DHS S&T did not feel the need to hear what the ACTUAL control system cyber security issues so their R&D agenda is commensurate with these issues. It is also a shame that the INL security program will attend the SANS SCADA Conference in Stockholm, but couldn’t send a single individual to this or the previous two ACS conferences. What a message.

It should be mentioned that NEI and the utility leadership of the NEI security working group have yet to attend even one non-nuclear control system cyber security conference. This includes ISA POWID 2007-9, ISA Expo 2007-9, Electric Power 2008, or the ACS 2007-9 conferences. NRC’s Scott Morris pulled no punches when he discussed the lack of nuclear utility leadership willingness to address this vital issue in a MEANINGFUL manner.  I believe the NRC approach which will utilize NIST SP800-53/NIST SP800-82 will be the wave of the future for ALL industries.

Joe Weiss

Sponsored Recommendations

Measurement instrumentation for improving hydrogen storage and transport

Hydrogen provides a decarbonization opportunity. Learn more about maximizing the potential of hydrogen.

Get Hands-On Training in Emerson's Interactive Plant Environment

Enhance the training experience and increase retention by training hands-on in Emerson's Interactive Plant Environment. Build skills here so you have them where and when it matters...

Learn About: Micro Motion™ 4700 Config I/O Coriolis Transmitter

An Advanced Transmitter that Expands Connectivity

Learn about: Micro Motion G-Series Coriolis Flow and Density Meters

The Micro Motion G-Series is designed to help you access the benefits of Coriolis technology even when available space is limited.