Pushing against Jello…

Dec. 20, 2007
Even experts don't understand"¦or we haven't done a very good job of making the issues known and understandable I had the opportunity for formal and informal meetings yesterday with some very influential and knowledgeable people in Washington. One of the two individuals I want to focus on is Jim Lewis from the Center for Strategic and International Studies (CSIS).  Jim provided the membership list for the Blue Ribbon Panel on Cyber Security. I had the opportunity to explain the control s...
Even experts don't understand"¦or we haven't done a very good job of making the issues known and understandable I had the opportunity for formal and informal meetings yesterday with some very influential and knowledgeable people in Washington. One of the two individuals I want to focus on is Jim Lewis from the Center for Strategic and International Studies (CSIS).  Jim provided the membership list for the Blue Ribbon Panel on Cyber Security. I had the opportunity to explain the control system cyber security issues and why traditional IT approaches may not be appropriate for non-Windows-based field devices. I also had the opportunity to state that the industrial control systems community needs to be "at the table" when issues involving control systems are discussed - IT should not be speaking for us. As a result of this discussion, we may get a seat on the Blue Ribbon Panel. On the flight home, I sat next to Francis Harvey. Francis is the ex- Secretary of the Army and managed among other organizations the Westinghouse Science and Technology Center. He is very knowledgeable about IT and security. He is obviously in the senior decision making ranks. However, control system cyber security issues were new to him and why IT is not directly relevant to field devices took him by surprise. He was also stunned that control system networks are not isolated and there is Internet-connectivity to control system networks. Until people at these levels and influence understand the message, we are pushing against jello. Joe Weiss

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.