Federal Cyber Security R&D project

May 21, 2010

I attended the National Coordination Office for Networking and Information Technology R&D (NITRD) in Oakland, CA, May 19th. The meeting was a follow-on to the August Cyber Leap Year Summit and had three “game-changing themes”. Once again, there was no one there besides me from the industrial control system community. The end state of this effort requires a dynamic understanding of the totality of its complexities and is meant to be game-changing - that is revolutionary not evolutionary.

I attended the National Coordination Office for Networking and Information Technology R&D (NITRD) in Oakland, CA, May 19th. The meeting was a follow-on to the August Cyber Leap Year Summit and had three “game-changing themes”. Once again, there was no one there besides me from the industrial control system community. The end state of this effort requires a dynamic understanding of the totality of its complexities and is meant to be game-changing - that is revolutionary not evolutionary. The approach used the following as examples – on-line banking, commerce, health care, and personal communications.  Notice the lack of industrial control systems.  The 1st theme was called “Moving Target” which will provide research into technologies that will enable us to create, evaluate, and deploy mechanisms and strategies that are diverse, and continually shift and change over time to confuse attackers. Can anyone imagine doing this with control systems???  The 2nd theme was Tailored Trustworthy Spaces which means that it provides a flexible, adaptive, distributed trust environment. This sounds interesting, but how does it apply to a control system environment?  The third theme was Cyber Economic Incentives. Again, it sounds interesting, but how does this apply in a control system environment.  After the program, I mentioned that a possible game changer for control systems would be to have some selected control systems experts identify what functionality would be needed for new control systems (step 0).  Then have the security community determine how they would secure those functions (step 1).  The DOE and DHS roadmaps assume step 0 is known and go directly to step 1. This approach did not seem to get much interest.

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...