One of the reasons I am writing down these thoughts is so that people that have more information than I can correct me when I am wrong. Hopefully I will then learn.
...Read the NRC report. Look at how carefully crafted the description was. It should be read very carefully. I have my doubts the PLC vendor was quoted in context. I don't know if we'll ever get to the bottom of this. My suspicion is that someone's neck is on the line and they're doing all they can to deflect the glare of the investigation. I can't say I blame them, even if it is wrong.
I agree Jake though I'll shy away from any specific suspicions. I will say that there were a ton of engineering mistakes in this one. Lets start with using broadcasts as a primary commmunication mechanism. (I'm guessing rockwell but not certain)Have a loss of PLC communication result in a cessation of steady state opperation for essential equipment.Questionable failsafe status. (granted these are highly dependant on design items we don't know)...
Jim, there isn't much wrong with using broadcasts in an isolated producer/consumer network such as ControlNet. The wrongness, in my hedged opinion (given the dearth of information here), is that this network wasn't isolated from everything else. Too many people see Ethernet in use in Control Systems and think it must be just like the Ethernet they see everywhere else. Nothing could be further from the truth. We use Ethernet media because it's fast, easy to test with off the self products, and easy to fix. However, we can not transport just any traffic on it. I really don't know what protocols they used over the Ethernet, whether it was TCP/IP based, or what else it may have used. I've seen all sorts of interesting Ethernet-ish implementations. The only thing they have in common is that they use the same physical media. And that's really all this is about. What is industrial, should stay industrial. Traffic loads should be carefully analyzed. There should be no room for error of this sort. But apparently, there was...
Post a Comment
Enter your email address:
Delivered by FeedBurner
Proud member of Security Bloggers Network, a FeedBurner Network.
Subscribe to DCS Security
Proud member of The Science Network, a FeedBurner Network.