Lightbulbs Slowing Going on over Control System “Cyber Incidents”

April 14, 2008
I had a meeting Wednesday morning with an IEEE standards committee on cyber security of substation devices. Following that, Marshall Abrams from MITRE and I gave a presentation at RSA, which is billed as the world’s largest cyber security conference. I then gave a presentation at a major control system users’ group meeting. There were several other presentations at RSA on the subject of “SCADA security.” In one of the panel sessions, there was a discussion about media hype and how it is hurting ...
I had a meeting Wednesday morning with an IEEE standards committee on cyber security of substation devices. Following that, Marshall Abrams from MITRE and I gave a presentation at RSA, which is billed as the world’s largest cyber security conference. I then gave a presentation at a major control system users’ group meeting. There were several other presentations at RSA on the subject of “SCADA security.” In one of the panel sessions, there was a discussion about media hype and how it is hurting the process by jading management. Following that concern, a presentation was made about how easy it was to hack the grid. It certainly succeeded in getting media hype on an approach that is dubious at best in terms of doing any damage to control systems. As to the three meetings I attended, the reactions at all three were remarkably similar. To start with, there was a lack of appreciation of how real the problem really was. There was also a lack of understanding by the IT community of the uniquenesses of these systems and why solutions need to be tailored to these systems. More importantly, the “light started going on” with several knowledgeable control system engineers as what was actually meant by the term “cyber incident.” Once it was explained that a cyber incident means an impact on confidentiality, integrity or availability, and not just an intentional attack, several people came forward to say they had experienced problems (cyber incidents) resulting in system downtime in substations, power plants and chemical plants. My database is increasing and the need for discussions on preventing these types of events is growing more urgent. Consequently, there will be significant discussions on actual cases at the August Cyber Security Conference in Chicago.

Sponsored Recommendations

Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...