Monday, November 03, 2008

SCADA Watch: Infrastructure Cybersecurity Is in Our Hands

Keith Larson writes on

Even without the terrorist attacks of September 11 and the U.S. Dept. of Homeland Security’s resultant push to secure the country’s critical infrastructure, an organized effort to protect process automation systems from cyber events was bound to bubble to the top of our priority list. Call it the law of unintended consequences at work. Process automation systems were once isolated as well as proprietary, two natural—and highly effective—ways to protect critical systems from malware and other scourges of the Internet age.

But even as the problem—and awareness—of cyber security issues gathered steam in the outside world, the process automation community unintentionally increased the cyber vulnerability of many of its systems.

Indeed, over the past 15 years, we drove the widespread adoption of the very same commercial, off-the-shelf (COTS) computing platforms that the black hats were targeting.

And simultaneously, in recognition of the need for manufacturing data transparency, we pushed the interconnection and integration of process control with other enterprise systems to unprecedented levels, effectively multiplying our systems’ vulnerabilities.

More here.

Note: Indeed - this is exactly the same point that I have tried to make many times. -ferg


Post a Comment

<< Home