Monday, June 25, 2007

Sticky SCADA Terminology

Because the SCADA Security Community is so small, moves so slowly, and you can literally count on one-hand the folks that have technical depth in both SCADA an Security (depending on how you define either) I passively try to keep an eye on things. Dale previously blogged on the "sloppy use of SCADA" and one of the better bosts on the SCADA Mailing list revisits the issue. Although probably won't understand most of it if you are new to the field, this was definitely a good starting point which basically differentiates between DCS and SCADA based on 3 criteria
  • Closed vs. Open Loop (human vs. "computer" control)
  • Geographic Distribution (single plant or entire region)
  • Discrete vs. continuous vs. process (this I can't come up with a simple explanation)
As an outsider (speaking from experience, even having programmed PLC's, written subsets of SCADA protocol implementations, and having been privileged to have have touched the networks of a couple of electric/gas control centers) I still found it difficult to speak with authority on the system level. But this is a good starting point for folks new to the field.

1 comment:

Jake Brodsky said...

Keep at it Matt. There are a few of us still drinking from firehoses at both sides.

For those of you considering this field, spend some time talking to both IT Security people and Controls Engineers. You will learn a great deal from both.

Another note I want to point out to you folks from the IT world: One of my rants about SP-100 efforts toward the use of wireless controls was picked up by Walt Boyes. There was one thing I deliberately left out of the rant because I don't feel I know enough to comment: Security of Wireless controls. Once again, I'm aghast that some still appear to be writing standards as if security is merely an afterthought.

Keep up the good work Matt.