Joe reports from ISA POWID meeting

June 12, 2008
Observations from beautiful, hot Scottsdale – ISA POWID Symposium ISA POWID is the instrumentation and controls symposium for fossil and nuclear power generation. On Tuesday, ISA POWID held 6 hours of security tracks. My general observations include: - Nuclear Energy Institute (NEI) had another scheduling conflict which precluded that organization from sending anyone to Scottsdale. That makes at least six major non-nuclear control system cyber security conferences that NEI has managed not to b...
Observations from beautiful, hot Scottsdale – ISA POWID Symposium ISA POWID is the instrumentation and controls symposium for fossil and nuclear power generation. On Tuesday, ISA POWID held 6 hours of security tracks. My general observations include: - Nuclear Energy Institute (NEI) had another scheduling conflict which precluded that organization from sending anyone to Scottsdale. That makes at least six major non-nuclear control system cyber security conferences that NEI has managed not to be able to attend. - Several generation utilities are removing black start capabilities so as to avoid the NERC CIP standards. CIP stands for Critical Infrastructure Protection. Shouldn’t it bother people that utilities are making the critical infrastructure less reliable in order to avoid the potential fines associated with the CIP standards? - Several utilities have excluded all fossil power plants from being critical assets. In one case, utility management gave IT the responsibility for NERC CIP compliance including plants and substations. What gives? - During the NERC CIP discussion, it was very evident there was confusion as to what was a critical asset and how big did it have to be. Jim Batug gave a great answer that focused on the effect any cyber asset would have on power plant operation. - There was a very interesting discussion by two DCS vendors of the effects of memory leakage on control system performance.  Memory leakage is a well-known issue in the IT community that is of little consequence. However, this is a big deal for control systems. At least to me, this seemed to be a new issue that I have not seen in “top 10” vulnerability lists. All in all, it was a very interesting symposium with many utilities wanting to be able to address security, but not having corporate buy-in or resources. Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...