Thoughts on DHS Metrics Primer

Aug. 13, 2009

The June 2009 DHS Primer Control Systems Cyber Security Framework and Technical Metrics report is meant to address a critical missing link – metrics for control system cyber security. It is a good start. My comments come from the perspective of how does this Primer address actual control system cyber incidents.  That statement leads to my first concern – most control system cyber events are incidents not attacks. Many of these actual incidents have caused significant damage and yet did not violate IT security policies. However, the Primer is focused on malicious IT-type attacks. Another concern is security knowledge. According to the Primer, “The security group represents those people in an organization who are directly responsible for the cyber security of the control systems.” Many security groups are staffed by IT-trained security experts. There are very few people that actually understand control system cyber and most are not in the security group. There have already been numerous cases where the security organization CAUSED the control system cyber incident. Not only does the metric not account for this, having the wrong people doing the wrong things should lead to a NEGATIVE metric. The final concern is the Primer simply does not recognize the unique issues with legacy control systems. Many systems cannot take complex passwords. Many systems simply cannot be patched expeditiously, if at all.

I am simply not seeing much coming out of the DHS Control Systems Cyber Security Program to address legacy control system issues or the actual incidents that have occurred.

Joe Weiss

Sponsored Recommendations

Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...