Last week I received a humorous note from Dr. Paul Dorey directing me to two side-by-side lead articles in the latest Automation.com eNewsletter, Programmable Automation Controllers (PAC) Update.
Practical SCADA Security
Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips
- Add new comment
Recently Rob Hulsebos wrote an article for this blog where he raised the perennial problem of programming errors contributing to security vulnerability. I have a newsflash for you - this isn’t new. It may be a new concept to some in the world of Industrial Control Systems, but it’s been a problem for software engineers since about 5 seconds after the first ever program successfully compiled.
The discovery of SCADA-security issues by Luigi Auriemma and Siemens PLC weaknesses by NSSLabs this year is interesting from a software-engineering point of view.
It has been almost 25 years since I first started working in the industrial network field and 15 years since I first focused on SCADA and ICS security. From the start, I have been amazed at how difficult it is to get people to see the whole picture.
For example, control engineers know what a PLC or control loop is, but constantly underestimate the impacts that cyber threats have on their industrial processes. IT professionals understand the risks, but often don’t understand the processes and components.
I am just flying back from attending my first NSA Trusted Computing Conference in Orlando, Florida. While this is not an ICS or SCADA security conference, if you want to get a glimpse of what security technologies to expect in the next decade, this is a good show to attend.
- ‹ newer posts
- 20 of 33
- older posts ›