Editor’s Note: this is an excerpt from the Pike Research Blog.
The story goes that a group of business people were stranded on a desert island with a bountiful supply of canned and therefore imperishable food, but no way to open the cans. As the group struggled to find a solution the lone economist in the group piped up, “Assume a can opener…”
Sometimes it seems that’s how we approach industrial control systems (ICS) security. “Assume a secure perimeter…” It’s not fair to expect any single product or any single vendor to provide complete security for ICS networks, and yet we seem stuck in a world of point-solution purchases and security without any overriding architecture. It’s as if we’re saying, “If I can just get me some [insert technology of the week], then I’ll be secure.” Read more
As a reader of this blog you likely don’t need to be convinced that SCADA and ICS Security need to be greatly improved. There are several ways to go about accomplishing that, and I am glad that there is a healthy dialogue underway on this topic within the industrial security community. This includes the back and forth between myself and Dale Peterson of Digital Bond, that continues with this article.
When I attended Digital Bond’s S4 Conference earlier this month I heard Dale talking about “SCADA apologists”; however, I didn’t think he was referring to me. Then, in a blog article posted yesterday, he says “I’m disappointed that Eric went the SCADA apologist route”.
I am writing today to restate my position on what I believe needs to happen to improve SCADA and ICS security. I will also clarify where our own Tofino Security products fit in. Read more
Editor’s Note: This article was contributed by Laura Mattson, marketing specialist.
Early in 2012 Eric Byres wrote a blog article predicting what he thought would happen in 2012 with regards to SCADA and ICS security. I went back to his blog and highlighted the four main predictions he made. Then I asked him to rate himself on each one. Read more
In last week’s blog, Heather wrote an excellent summary of Mark Cooksley’s network security presentation regarding “Why Industrial Networks are Different than IT Networks“. In it she noted that the number one goal of ICS security is based on the concern for safety. This is spot-on in my opinion. However, there is more to consider when it comes to industrial security priorities… Read more
Recently I saw a posting on LinkedIn asking “What’s the difference between a SCADA system and an ICS system, and if there is no difference, then why do we have two different names?”
This is a good question, because unless you have worked in the industrial automation field for a few decades, the terminology can seem very confusing. Not only do we have SCADA versus ICS, we also have terms like Process Control, Discrete Control, Industrial Automation, Manufacturing Automation Systems, Distributed Control Systems, Energy Management Systems and so on.
The Quick Answer
Now the quick answer is that Supervisory Control and Data Acquisition (SCADA) is a subset of Industrial Control Systems (ICS).
SCADA generally refers to control systems that span a large geographic area, such as a gas pipeline, power transmission system or water distribution system. I use both terms together because SCADA is often better known by the press, government officials and the public, but ICS is probably the technically correct term to use if you are referring to industrial automation of all types. Read more
Editor’s Note: This is an updated version of this article, which was first published the Tofino Security Blog on June 14, 2011.
Honeywell and the ISA Security Compliance Institute last week announced that two more Honeywell products, the Experion® C300 DCS controller and the Experion fieldbus interface module (FIM) joined the Honeywell Safety Manager in achieving its pioneering ISASecure Level 1 certification. Following this announcement Dale Peterson questioned the value of some aspects of ISASecure certification.
Here is why I believe, as I did in June 2011, that ISASecure certification is valuable. Read more