Just a few years ago, plants didn't have to worry about the safety of their networks. From an IT point of view, plants were silos -- succinct and secure. That changed over the past decade. To improve efficiency, plants connected out to the company's back office and beyond to suppliers and customers.
The increased connectivity gives the business office insight into what the plant is producing, what orders are complete, and what new supplies need to be ordered. The network can alert customers that a shipment is on the way. It can also alert suppliers that a new shipment is needed. Most of the connectivity runs along Internet connections.
This extended network prompted a battle between the organization's IT team and the control folks on the factory floor. IT is accustomed to adding patches late at night, when the office employees are gone. A quick reboot, and everything is fine when the office employees show up the next morning. With plant networks, that's not so easy. If a plant is running 24/7, you can't add patches and reboot without shutting down the plant.
In addition, the plant is now vulnerable to hacking. When automation and control managers discuss this challenge, the vulnerability that most worries plant employees is not terrorists, hackers, or competitors -- it's disgruntled employees. Who else would know how to crack the system, push the right buttons, and pull the right levers to disrupt the network?
Design News will present a radio show on this topic on Thursday, Dec. 6, at 12:00 p.m. EST. It's free and open to all. You can sign up for the program, "Network Security: Don't Get Hacked," by clicking here. The presenter is Eric J. Byres, CTO and vice president of engineering of Tofino Security, one of the leading experts on network security. During the half-hour presentation (followed by a half-hour of online chat), Eric will discuss the challenges and solutions for securing your network.
Jake, that's what I've always thought. The disgruntled employee is the most dangerous hacker. That employee is the one who knows where are the buttons and levers are.
We would like to think that we're defending against evil script kiddies living in their Mom's Basment, or some foreign hacker working for a government agency. So many decide to defend against the faceless Man-In-The-Middle attacks because they're an easy sell to management. But that's not what experince has shown.
In reality most of them are your co-workers. Yes, the ones you drink coffee with every morning. Aside of the flimsy and unstable designs or configurations, it usually takes extensive inside knowledge to do real, lasting damage to most control sytems.
That's why the most notorious cases are usually the work of insiders.
As one of the co-founders of the SCADASEC e-mail list, Chairman of the DNP User Group, and a voting member of the committee that reviews and writes the DNP3 SCADA protocol (also known as IEEE-1815), this subject is very near and dear to my heart and to my career.
Eric Byres is a well known and highly regarded expert in this field. But there are differences of opinion and there are practicalities that have to be answered.
For example, you could build a perfectly secure system and it would be very labor intensive, and so unusable that the whole process you're working on becomes uneconommical. It's just like trying to build a bulletproof fighter jet. You can certainly protect certain key parts, but you can't protect the whole thing. It would be so heavy that it would never get off the ground.
Likewise with SCADA and control systems, we need lightweight but effective security that doesn't get too far in the way of those who use it and doesn't become so difficult to use that it is cheaper to run operations manually.
The big secret to maintaining a posture of this sort is to keep the data hounds at bay. All this idiotic talk of "Big Data" presumes that someone will "surf" over this data and discover lovely gold nuggets of precious observations that will save the company money. The latter is predicated on gathering the data cheaply. Well, if you want to keep it secure, it won't be cheap any more.
The other problem is that there are too many people with glossy CIO literature who salivate puddles of drool over knowing real time data in the boardroom. No CEO in his or her right mind would want to know data in this detail. It does no good except if you dream of micro-managing your company toward insanity.
There are judgement calls to be made. There are political situations that need to be addressed. And frankly, it is time for some pushback against the "real time" data hounds who have no understanding of the business processes, the industrial processes, or where the leadership of the company wants to go.
We need to get more secure. Of that there is no dispute. The differences of opinion are on the hows and whys.
Yes, Ann, it was quite a transition from those early dial-up services to the Internet we now know. One significant change is that you no longer need a librarian intermediary between you and the information you're seeking. I remember attending an online conference in the mid-80s. A presenter from one of the major online services (I think McGraw-Hill) demonstrated a page of information. I took about two minutes for the page to load. He admitted that the Internet was not quite ready for consumers.
Rob, I'd forgotten about those online search specialists. That does take me back! I also remember the debut of AOL, and using the first browser, Mosaic, which later morphed into Netscape.
Yes, Ann, I remember the Internet before the WWW. In the early 80s, I worked for a company that prepared articles for sites such as Dialog and sites like Lexus and Nexus. That was back in the day when intermediaries such as special librarians often ran the online searches.
It was a small world with publications such as Online Review and Information Today. I'll never forget when I saw a TV commercial for America Online. I couldn't belive this small online world had spilled over into the consumer world.
Rob, that was before the Web, but not before the Internet (I started posting my stories to the Computer Design bulletin board using a 300-baud modem in 1989. For those of you who don't know what that means, it was a very, very slow modem connection to the pre-Web predecessor of a website). In any case, these were not closed loops where I worked, or at the company's customers.
Ann, wasn't that a closed loop back then? Since that was before the Internet, I would think they didn't have the same conflict over patches that they do now.
The same volunderability is often found in office building networks where there are wire-closets sometimes left open in hallways. easy instant hacking, with no pesky passwords if the right wireless hub is used.
By experimenting with the photovoltaic reaction in solar cells, researchers at MIT have made a breakthrough in energy efficiency that significantly pushes the boundaries of current commercial cells on the market.
We looked at a number of sources to determine this year's greenest cars, from KBB to automotive trade magazines to environmental organizations. These 14 cars emerged as being great at either stretching fuel or reducing carbon footprint.
From Dell / Intel® New Paradigms in Design Work Scott Hamilton, vertical market strategist for Dell Precision workstations, 5/2/2013 3
Early in my career, I worked as a draftsman and remember the days of drawing on vellum with numbered pencils and Mylar with plastic lead. This was a fun experience in the sense that I ...
I've been using workstations for more than 10 years and love finding ways to get more performance from my system. With demanding professional applications that require more power each ...
A lasting memory from my first job as an engineer in an auto assembly plant is standing on hard concrete at six in the morning, vending-machine coffee clutched in hand, listening to ...
A quick look into the merger of two powerhouse 3D printing OEMs and the new leader in rapid prototyping solutions, Stratasys. The industrial revolution is now led by 3D printing and engineers are given the opportunity to fully maximize their design capabilities, reduce their time-to-market and functionally test prototypes cheaper, faster and easier. Bruce Bradshaw, Director of Marketing in North America, will explore the large product offering and variety of materials that will help CAD designers articulate their product design with actual, physical prototypes. This broadcast will dive deep into technical information including application specific stories from real world customers and their experiences with 3D printing. 3D Printing is
To save this item to your list of favorite Design News content so you can find it later in your Profile page, click the "Save It" button next to the item.
If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
3 
