Further to previous stories about SCADA security, there is a new report which may be of interest to some people called '"Data storm" blamed for nuclear-plant shutdown' published at SecurityFocus. http://www.securityfocus.com/news/11465

Briefly, the article describes how a PLC put a "flood" of data on an Ethernet network which caused a pair of VSDs for the recirculation pumps to "hang". The operators were then forced to shut down the reactor.

One of the persons quoted for the article had the following to say about the problem in general:

'Such failures are common among PLC and supervisory control and data acquisition (SCADA) systems, because the manufacturers do not test the devices' handling of bad data, said Dale Peterson, CEO of industrial system security firm DigitalBond.

"What is happening in this marketplace is that vendors will build their own (network) stacks to make it cheaper," Peterson said. "And it works, but when (the device) gets anything that it didn't expect, it will gag."

In many cases, a simple vulnerability scan will even cause the devices to crash, Peterson said. During tests in an electrical substation, Nessus running in safe scan mode crashed devices, he said. In some cases, sending out broadcast data on the network will crash several of connected devices, he added.

"If you were to test any control systems that have any more than three or four different network-connected devices, they could be knocked over very easily," Peterson said.'

 

The facts presented here are completely true. We at ARC Informatique - SCADA Editor - have decided to propose a solution to our clients which reach those "Industrial Network" issues when users connect PcVue to Edge devices via Ethernet. We integrated IntraVue in our offer, allowing non-IT personal to monitor, troubleshoot and diagnose industrial IP communications.