What needs to be considered to secure control systems

April 15, 2009
I am in the process of responding to a request from Congress. In doing so, I have had several experts provide input. I wanted to share one very important point that was contributed by Eric Cosman. It has been too often overlooked or ignored in the rush to make these systems appear to be like business IT systems:
"
I am in the process of responding to a request from Congress. In doing so, I have had several experts provide input. I wanted to share one very important point that was contributed by Eric Cosman. It has been too often overlooked or ignored in the rush to make these systems appear to be like business IT systems: “Securing Industrial Control and Automation Systems (IACS) has to be done from a solid engineering perspective. It needs to start with a goal of improving system safety, performance, reliability, and availability in the face of cyber-related threats. The IACS community needs to develop accepted baselines of what constitutes an acceptable risk assessment methodology, an acceptable vulnerability assessment methodology, and a measure of how much security is enough security based on the goals of system safety, performance reliability, and availability.” Joe Weiss

Sponsored Recommendations

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...