HOME  |  NEWS  |  BLOGS  |  MESSAGES  |  FEATURES  |  VIDEOS  |  WEBINARS  |  INDUSTRIES  |  FOCUS ON FUNDAMENTALS
  |  REGISTER  |  LOGIN  |  HELP
Blogs
Blog

SCADA: The Next Secure Generation

NO RATINGS
View Comments: Newest First|Oldest First|Threaded View
Loring Wirbel
User Rank
Blogger
Re: SCADA posting
Loring Wirbel   6/23/2011 5:23:58 PM
NO RATINGS
You're right about 64-bit as a future prospect.  NRT OS should have been staring me in the face, but I assumed such broad use of real-time kernels, it just sort of passed by me as a don't care - which is silly.  Thanks for comments.

 

jmacpherson
User Rank
Iron
SCADA posting
jmacpherson   6/23/2011 4:29:30 PM
NO RATINGS

Loring, The part I do find interesting is where you mention about controllers changing to 64-bit. Even though there appears to be development in this area considering that most plant floors just recently moved from Windows CE to Windows XP for OS, 64-bit is not supported on an OS until you get to Vista or higher.

You also mentioned two of the three communication needs within an industrial network. Real-time and hard-real-time. There is a third in between the two extremes which is non-real-time. These three communication needs each have timing associated with them and therefore must be processed differently. In today's designs an OEM is locked into one vendor for most products so they interact well within the network or the other option is using bridges which create latency in the communications. Therefore leapfrogging may work for some parts of the network process but not for all areas of need.

 


You have really given some good 'food for thought' here.

Loring Wirbel
User Rank
Blogger
Re: Preaching to the choir
Loring Wirbel   6/23/2011 1:06:13 PM
NO RATINGS
What Jack R. mentioned is one reason why leapfrogging may be inevitable.  It seems that application software is often developed with an eye to what sounds cool, rather than the sense it makes to the overall SCADA environment.  A perfect example is the forementioned apps for Android and iPhone.  Even in the IT community, client smartphone apps are being developed for corporate access, and even some military-security applications, that don't seen to take into account the shakier security and stability environment of the self-invoking smartphone app.  When one hears of monitoring or security apps developed for SCADA systems, allowing process managers to check on a power system via an iPhone, there's something that screams "Ooops!  Don't want to go there!"  But we'll only learn of the hazards after the fact, requiring one or several more rounds of leapfrogging.

Jack Rupert, PE
User Rank
Platinum
Application Holes
Jack Rupert, PE   6/23/2011 12:32:36 PM
NO RATINGS
The unfortunate thing with SCADA security is that the big hole is still the application software that in many cases is not being maintained (or possibly even developed) by people with an eye toward security.  A lot of the customers at my previous employer required access to the application to make "updates" online as well as download the program.  While in some cases, this type of access was regulated through a more secure method provided by their own IT department, in other cases they were not involved, opening up the same doors that STUXNET came through.

Alexander Wolfe
User Rank
Blogger
Re: Preaching to the choir
Alexander Wolfe   6/23/2011 12:26:16 PM
NO RATINGS
On the one hand, it's always good news when vendors are able to cut the bad guys off at the knees, in this case by going to more advanced kernels, then beefing up networking protocols, and now looking at encryption. OTOH, one gets weary over the constant need to upgrade to stay that one little step ahead of the bad actors. Are we stuck with this leapfrogging scenario from here on out, Loring?

Loring Wirbel
User Rank
Blogger
Re: Preaching to the choir
Loring Wirbel   6/23/2011 12:03:07 PM
NO RATINGS
No doubt Cyber Command is already looking into that at Fort Meade - and we'd be the last to know!

Terry Sweeney
User Rank
Iron
Preaching to the choir
Terry Sweeney   6/23/2011 11:46:38 AM
NO RATINGS
Really interesting, timely post, Loring -- as if industry and governments were sufficiently sensitized to the security issues you raise, Stuxnet made it abundantly clear what sort of havoc embedded malware could wreak. A larger security sensibility at this level is long overdue.

Partner Zone
More Blogs
Engineer comic Don McMillan explains the fun engineers have with team-building exercises. Can you relate?
The damage to Sony from the cyber attack seems to have been heightened by failure to follow two basic security rules.
Reshoring is picking up steam, but it's not outpacing the overall continuing growth in outsourcing.
Here's a variety of views into the complex production processes at Santa's factory. Happy Holidays!
The Beam Store from Suitable Technologies is managed by remote workers from places as diverse as New York and Sydney, Australia. Employees attend to store visitors through Beam Smart Presence Systems (SPSs) from the company. The systems combine mobility and video conferencing and allow people to communicate directly from a remote location via a screen as well as move around as if they are actually in the room.
Design News Webinar Series
12/11/2014 8:00 a.m. California / 11:00 a.m. New York
12/10/2014 8:00 a.m. California / 11:00 a.m. New York
11/19/2014 11:00 a.m. California / 2:00 p.m. New York
11/6/2014 11:00 a.m. California / 2:00 p.m. New York
Quick Poll
The Continuing Education Center offers engineers an entirely new way to get the education they need to formulate next-generation solutions.
Jan 12 - 16, Programmable Logic - How do they do that?
SEMESTERS: 1  |  2  |  3  |  4  |  5  |  67


Focus on Fundamentals consists of 45-minute on-line classes that cover a host of technologies. You learn without leaving the comfort of your desk. All classes are taught by subject-matter experts and all are archived. So if you can't attend live, attend at your convenience.
Learn More   |   Login   |   Archived Classes
Twitter Feed
Design News Twitter Feed
Like Us on Facebook

Sponsored Content

Technology Marketplace

Copyright © 2014 UBM Canon, A UBM company, All rights reserved. Privacy Policy | Terms of Service