M
M Griffin
I guess your control system is connected to the Internet then, isn't it? That might be once removed via the domain controller, but the DC is running the same OS and is vulnerable to the exact same viruses and worms that the SCADA or HMI system is. You don't have a true "air gap".
There was a nuclear power plant in the US whose control system was knocked out for hours by the SQL Slammer worm a few years ago. There was one PC on the control network that used MS Windows and had an MS SQL Server database. They <i>thought</i> the control system was isolated, but the control system was connected to business system, and the business system was connected to an outsourced financial consultant, who got the worm. That's all it took. Fortunately, the reactor was already shut down for other unrelated reasons.
Just to be clear, I don't think "isolate the control system" and "keep your patches and anti-virus up to date" can be reconciled. If the security patches and anti-virus updates can get through, the viruses can get through. It's not a winning strategy.
There was a nuclear power plant in the US whose control system was knocked out for hours by the SQL Slammer worm a few years ago. There was one PC on the control network that used MS Windows and had an MS SQL Server database. They <i>thought</i> the control system was isolated, but the control system was connected to business system, and the business system was connected to an outsourced financial consultant, who got the worm. That's all it took. Fortunately, the reactor was already shut down for other unrelated reasons.
Just to be clear, I don't think "isolate the control system" and "keep your patches and anti-virus up to date" can be reconciled. If the security patches and anti-virus updates can get through, the viruses can get through. It's not a winning strategy.