1. Home

How valuable is the ICS-CERT? Is it focused on the right issues?

Feb. 20, 2012

A control system is generally composed of a human-machine interface (HMI) that is often a Windows-based system and field controllers. The HMI is essentially an IT system with IT vulnerabilities. The field controllers generally use proprietary real time operating systems or embedded processors. Field controllers generally have minimal cyber security and minimal cyber

"

A control system is generally composed of a human-machine interface (HMI) that is often a Windows-based system and field controllers. The HMI is essentially an IT system with IT vulnerabilities. The field controllers generally use proprietary real time operating systems or embedded processors. Field controllers generally have minimal cyber security and minimal cyber logging and forensic capabilities.

Bob Radvanovsky has been working on a private project to correlate and analyze data from recent DHS ICS-CERT advisories, alerts, bulletins and notices.  What he found should not surprise anyone, nor is there much information other than what he is revealing from the public-facing U.S. CERT (ICS-CERT page) web site. Bob will be providing a more detailed, more comprehensive report reflecting specific statistical information at a future date (undisclosed and TBD).

Results:

There are 203 reports that have been publicly made available; the first report was made available on 11-Mar-2010 (ICSA-10-070-01 - Rockwell Automation RSLINX Classic EDS Hardware Installation Buffer Overflow) on the U.S. CERT web site. Of the 203 reports that are currently, publicly available (includes all reports from 11-Mar-2010 up to and including the 3 recent update reports from 14-Feb-2012), the breakdown is as follows:

GPS-related                                                             2      0.99%
Malware-related                                                      12      5.91%
Miscellaneous (cannot accurately put into a category) 7      3.45%
Network-related                                                        1      0.49%
Software-related                                                       2      0.99%
SCADA/HMI console-related                                  155     76.55%
Control systems-related (includes PLC, DCS, RTU)   24     11.82%

When I analyze the results of my control system cyber incident database, the most significant U.S. incidents from an impact perspective were control system-related. These include the four control system cyber incidents that killed people, two major-cyber related electric outages, two nuclear plant shutdowns, etc. The SCADA/HMI console-related incidents were generally of low impact other then the 2003 Northeast Outage (which did not damage equipment).

It appears that ICS-CERT seems to be focusing on the lesser important issues.

Joe Weiss

Continue Reading

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...

Latest from Home

2412ct_cartoon
Engineer or lab staff pointing on instrument calibration
U.S. election day; people at voting booth at U.S. election station with American flag in background.

Most Read

Sponsored