Why Do We Need IEC 61850 (SCL) Based System Configuration Descriptions?

IEC 61850 has been developed in the late 1990's mainly by protocol experts and protection engineers - results are well done and applied all-over. Later IEC 61850-6 (SCL - Substation System Configuration Language) was in the focus. Now, 30 years later the industry has learned that the System Configuration Description goes far beyond information models and communication networks and services - AND PROTOCOLS. The crucial aspect is about a COMPLETE description of the WHOLE system ... from device independent descriptions of Functions and Function Models applying a Top-Down-Modeling-Approach. Work towards this approach is going on in several projects, e.g., IEC 61850-90-30 (IEC 61850 90-30 – IEC 61850 Function Modeling in SCL). A nice description from Jörg Reuter (Helinks) can be found HERE from the pacworld magazine. IEC 61850 based aspects is - of course - just one (crucial) aspect of a system. There are more aspects ... like Hardware, Software, Cybersecurity, Operation, ...

In addition to getting a complete system specification based on SCL to get a running IEC 61850 based system that does the job you want to have ... there is another crucial aspect: Engineers may be happy to use a complete SCD file to configure everything and then forget the SCD file ... don't forget it BUT keep it up-to-date and NEVER EVER make any change in the system without updating the SCL based System Description! 

You may need the complete and updated SCD file to help you "protecting" yourself in case there is a damage or an accident ... when "a fleet of well dressed lawyers who will use the lack of that document to make you all look guilty after ..." may arrive immediately after ... as Jake Brodsky (a well known engineer) just published in an article about "Industrial Cybersecurity “Gatekeeping”" ... worth to read.

Here is one excerpt from his article: "Take the time to find out where the important documents are such as the Standard Operating Procedures, the chemical Safety Data Sheets, and especially the Control System Narrative documents are located. If you can’t find the control system narrative documents, stop. Get someone to agree to write them with you. This is effectively your contract with the engineers, technicians, and operators that indicates in plain language what is supposed to happen normally and in most upset conditions. If you’re operating without that living document you will all be fodder for a fleet of well dressed lawyers who will use the lack of that document to make you all look guilty after an accident."

What could be done to get and maintain such complete descriptions of various aspects of a system? Do we need more lawyers, politicians, engineers, ... ? 

I am kidding (just a bit): "Hire a lawyer to escort you when you have an interview for a new position as a responsible engineer in a utility or ... in order to figure out (by the right questions of the lawyer) that the company applies with what Jake Brodsky recommends!"

What we really need is more engineers ... gray-hair experts that know a lot about the systems ... that could write down what the systems do and how they work ... and that could train the young people ... BUT: it isn't easy to convince the management to let the engineers learn from the experienced, gray-hair experts ... gray-hair engineers could lead the horses to the water - but they cannot make to drink it. 

What do you think? Let me know!

Again Security: How do you Protect your Industrial Control System from Electronic Threats?

Industrial Control System (ICS) need to be protected from Electronic Threats - one of the most crucial challenge yesterday, today, and in the future. Joseph Weiss (PE, CISM - one of the real senior experts in the field) uses the term “electronic threats” rather than cyber security because there are many electronic threats to Industrial Control Systems beyond traditional cyber threats (as he says).

Joe Weiss has written a book with more than 300 pages published in 2010 worth to study (and more important TO IMPLEMENT): "Protecting Industrial Control Systems from Electronic Threats"
List of contents:

1. Industrial Control System Descriptions
2. Convergence of Industrial Control Systems and Information Technology
3. Differences between Industrial Control Systems and Information Technology
4. Electronic Threats to Industrial Control Systems
5. Myths
6. Current Personnel Status and Needs
7. Information Sharing and Disclosure
8. Industrial Control System Cyber Risk Assessments
9. Selected Industry Activities
10. Industrial Control System Security Trends and Observations
11. Industrial Control System Cyber Security Demonstrations
12. Selected Case Histories: Malicious Attacks
13. Selected Case Histories: Unintentional  Incidents
14. Industrial Control System Incident Categorization
15. Recommendations

As long as you can read this blog post you could assume that there is enough power for all computers involved in the chain from the server holding this bog to your computer.

When you will see the following message on your screen: "Sorry, we are out power!" don't worry that much - because the only message you CANNOT SEE ON YOUR SCREEN IS: "SORRY; WE ARE OUT OF POWER. No power no screen display. ;-) 

Click HERE for more details on the book.

I guess Joe would have spent another 100 or so pages to talk about IoT vulnerability if he would have written the book now. 

In a report published the other day by Wired you can read:

"On Tuesday, the internet-of-things-focused security firm Senrio revealed a hackable flaw it's calling "Devil's Ivy" a vulnerability in a piece of code called gSOAP widely used in physical security products, potentially allowing faraway attackers to fully disable or take over thousands of models of internet-connected devices from security cameras to sensors to access-card readers.

Using the internet-scanning tool Shodan, Senrio found 14,700 of XXXX's cameras alone that were vulnerable to their attack-at least, before XXXX patched it. And given that's one of the dozens of ONVIF companies alone that use the gSOAP code, Senrio's researchers estimate the total number of affected devices in the millions."

Unbelievable!!
Click HERE for the full Wired report.

How long will you wait to implement more measures to protect your industrial control system?

Start now - latest next Monday.

The Most Concrete Control Room Flooding

Have you ever seen a control room flooded by concrete stuff: wet concrete!

Three rows of relay equipment were submerged in the concrete click HERE for a
Report and HERE for number of pictures. Where: The other day in London’s Underground.

This concrete could extend the life time of the relay control room by decades … ;-)

It just could happen.

Keep all doors and back-doors closed – not only the firewall.

Are SCADA System Vulnerabilities Real?

Yes, the vulnerabilities are really real! One of the latest reports came from the ICS-CERT ALERT the other day.

ICS-ALERT-12-284-01

Excerpt: “… the vulnerabilities are exploitable remotely by authenticating to the service using hard-coded credentials. Exploitation of these vulnerabilities would allow attackers to remotely connect to the server and executing remote code, possibly affecting the availability and integrity of the device.”

Recommendation: Take the security risks very serious – technical people, managers, accountant people, researcher, consultants, vendors, users, … ALL!!

More to come.

Get prepared to expect the unexpected.