Monday, February 15, 2021

IEC 61850 To Help Securing Process Automation Systems

A Hacker Tried to Poison a Florida City's Water Supply ... the attacker upped sodium hydroxide levels in the Oldsmar, Florida, water supply to extremely dangerous levels ... Within seconds, the intruder was attempting to change the water supply's levels of sodium hydroxide, also known as lye or caustic soda, moving the setting from 100 parts per million to 11,100 parts per million

Click HERE for a news report.

How could that happen? Who knows!

There are a lot of discussions complaining about missing security measures like VPN, etc.

Independent of the communication security it is a big mistake that the value could be set to such a BIG number: 11,100 ppm.

IEC 61850 could help to prevent such a situation by applying Analogue Setting model:

At the City of Oldsmar water treatment facility, the "maxVal" of Sodium Hydroxide injection may have been limited to 500 ppm ... as a consequence, there would be no way to configure this to 11,000 ppm.

And: in case somebody changed the value at all, the setMag would change and dchg would become true issuing a report or log entry ...

With the SCL (System Configuration Language, IEC 61850) it could also be configured (in SCL notation) that a particular configuration value could not be changed at all (Fix), changed by a service (Dyn), or changed by SCL only (Conf).

For Input signals there are many specific configuration attributes defined ... 

It is very difficult to convince programmers, managers, R&D people, any other group ... to apply the IEC 61850 Tool.

Hope that will slowly change ... 

Additional discussion by Jake Brodsky click HERE ... summarizing: "... The more self integrity features we include, the more reasonable process limits that we include, the safer we will be."