Turbine controls security patch causes loss of control

There has been significant discussion about the adequacy of patching ICSs. A significant problem occurs when vendors issue a patch that can impact the control system yet the end-user will install the patch because it is not possible to test the systems interaction of the patch. This problem has occurred more frequently than people are aware and recently led to a significant near miss - the loss of view and loss of control of a turbine while at power. A brief discussion of this and other selected incidents can be found at www.controlglobal.com/unfettered. There are a number of very important issues that have arisen from this most recent incident including disclosure, resilience, testing, etc. The utility will discuss the incident and associated ramifications at the October ICS Cyber Security Conference (www.icscybersecurityconference.com).

Joe Weiss
 
Top