Unintentional ICS cyber incidents can have a real cost
Sept. 24, 2012
A number of years ago I had a discussion about ICS cyber security with a colleague from a market-based generation company. His concern was that his plants had to respond to the dispatcher within a prescribed period of time (say 15-30 minutes) or the dispatcher would move on to the next generation unit. The potential economic impact could be huge - loss of direct revenue and a competitor's unit being dispatched instead. This brought up the thought that economics (competitive advantage) could be a driver in hacking their systems.
A number of years ago I had a discussion about ICS cyber security with a colleague from a market-based generation company. His concern was that his plants had to respond to the dispatcher within a prescribed period of time (say 15-30 minutes) or the dispatcher would move on to the next generation unit. The potential economic impact could be huge - loss of direct revenue and a competitor's unit being dispatched instead. This brought up the thought that economics (competitive advantage) could be a driver in hacking their systems. In fact, it wouldn't even need to be a sophisticated hack of the control systems. A simple denial of service of the link between the dispatcher and the plant for more than 30 minutes would be all that was needed.
Fast forward to a real case that wasn't intentional but has a similar impact. A large peaking plant (most likely unmanned meaning remote dispatch) was being paid to provide ancillary services (rapid dispatch response). There was an environmental event that led to the need to dispatch those units to prevent a brownout or blackout condition. For reasons not yet fully understood, not all of the units were able to respond to the dispatcher within the required time. As a result, the regulator is looking to fine the utility. Ironically, the fine is for lack of performance not for lack of NERC CIP compliance as these units are not NERC Critical Assets.
As best as I can tell (I haven't seen the field data yet), this is a classic unintentional ICS cyber incident. I have been asked to help provide the utility a basis for why they didn't know the control system didn't work as expected and why they couldn't see the control system not performing as designed. This subject will be discussed at the October ICS Conference (www.icscybersecurityconference.com).
The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...