|
January 19, 2008
Cyber Attacks On Power Generation
Back when Power and Control was new (Dec '004) I put up a post called Internet Security, where I discussed the problems of controlling critical infrastructure with the Internet, wireless, or worse yet wireless Internet. George Tenent then head of the CIA said we had a problem. Let me quote a bit to give you the flavor: What George is saying is that the Inherent Design of the internet is not compatible with infrastructure security. Duh.Well it has started. According to the CIA The CIA on Friday admitted that cyberattacks have caused at least one power outage affecting multiple cities outside the United States.Let me tell you that as long as I am designing plants no controls or critical infrastructure will use the Internet protocols or the Internet. Ever. As long as I am designing plants no controls or critical infrastructure will use wireless. Ever. To do is inviting trouble. I will use wires. Coax. Shielded twisted pairs. Fiber. Preferably in conduit except for nodes. All with custom protocols. No easy access, except locally. There is nothing wrong with using encoded data over the internet to report plant operation. There will be no possibility of plant control remotely. Ever. To do so would be stupid. I wasn't born yesterday. Yes. It raises the capital costs and the time required to connect everything together. What is one plant outage worth? What is meeting one extortion demand worth? Once you pay the Danegeld, how do you get rid of the Dane? H/T Instapundit Cross Posted at Power and Control posted by Simon on 01.19.08 at 03:06 PM
Comments
Fritz, I have designed protocols. If they are simple they are not hard to keep secure. In any case I'd go with something like CAN with a custom layer above that. Which is a pretty common way of doing these things. No crash buses (Ethernet). The most important thing is physical security. If you have that the protocol is a minor issue. Lots of nice CAN bus testers out there these days. I even designed a custom one for aerospace in 1998. M. Simon · January 19, 2008 04:52 PM I thought it was fairly common for peaking turbines, small hydro plants, etc to run unmanned and to be turned on remotely when there power is needed. Is this not right? david foster · January 19, 2008 05:58 PM david, I don't know. What I would do with stuff like that is run dedicated lines to the dispatch office. M. Simon · January 19, 2008 06:03 PM Water management has been at the forefront of automation since the rise of irrigation. If I understand correctly, the term "SCADA" originated on a Hydro project in 1973, with a BPA/TRW team. There are some large hydro plants that run unmanned, and have been for years. I'm glad to see someone is taking this seriously. I'm afraid they're not taking it seriously enough. Dishman · January 19, 2008 09:19 PM Post a comment
You may use basic HTML for formatting.
|
|
January 2008
WORLD-WIDE CALENDAR
Search the Site
E-mail
Classics To Go
Archives
January 2008
December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 March 2004 February 2004 January 2004 December 2003 November 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 May 2002 AB 1634 MBAPBSALLAMERICANGOP See more archives here Old (Blogspot) archives
Recent Entries
Flailing Each Other With Ovaries And Melanin
Clinton machine stifles dissent? ITER Is Big Smash! Crash! Woof! Boom! Sharpening the knives of identity politics Government Men Can't Dance The Democrat's Gramscian Problem Edward Teller "In heaven, everything is fine" The biggest threat to affirmative action?
Links
Site Credits
|
|
Ah yes. SCADA hacking. Very scary. I know just enough about the subject to be terrified.
It would be lovely to have everything in conduit. But remember that one nuclear power plant incident happened because workers were cutting a trench in the concrete and came across (and cut) a wire conduit they were not expecting.
I strongly disagree with your "custom protocols" idea. This is security through obscurity. All it means is that your devs and testers will get lazy and will not have a full range of tools for testing their work. The bad guys will take advantage of that. All of the stupid design failures that were caught a decade ago in IP will be lurking in your new custom protocol.
TCP/IP is well-tested and has been beaten to death. Encrypt everything, use solid authentication, and erect firewalls. But your nodes should not rely on the firewalls to do their validation.
And, of course, this set of issues is not confined to power plants. Anything with process control equipment is potentially vulnerable.