-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Peter Evans wrote: > On Mon, Nov 09, 2009 at 12:13:23AM -0800, Paul Ferguson wrote: >>> http://fergdawg.blogspot.com/2009/11/scada-security-conscience-abuse-of.html >>> >>> : Yes, I am pissed. > > I don't blame you. > > I haven't worked in SCADA since 1991. When it was a package > called Dexterity. That brings back memories I'd rather not have. > I also, for some reason, miss it, because you felt you were doing REAL > stuff, when you could see how fast the blowers were running, how much > was > in the hoppers and watch values changing (all without having to wear > ear-defenders!)
There are many issues here. However, the general discussion on being able to take out an electric utility (or any other control system for that matter) through use of the Internet, misses the major point of control systems design: All digital control systems should have analog safety systems. It should not be possible to create a circumstance where damage can occur through the failure of a digital control. Period. If such a failure is possible, do NOT blame it on the Internet (or bad software, or terrorists, or cybercriminals, or anything else outside of the control itself), because the issue is really that the control system itself is poorly designed. Bottom line: If a digital control (SCADA, DCS, PLC, etc.) can be manipulated to cause a system failure, then the control system is badly designed and lacks the appropriate safety systems dictated by standard control system design practices. Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: [email protected] e: [email protected] http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkr4AJcACgkQUVxQRc85QlPAiACgmQ2Am+dnKG43+LDhIfSMntd5 v6AAnje6YRIxiSr5HKI2M8O+8CFH5QkO =oeQF -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
