While I live in South Florida, I was in California during the short FPL blackout yesterday. At dinner with some other control system security professionals the talk obviously went to the FPL event. A few interesting points:
– Since this affected the Turkey Point nuclear plants we may get a NRC report on the incident. So often the details of events are never made public, and that is why the Browns Ferry Report was so interesting and instructive.
– The true cause of the Browns Ferry scram is still not known. My guess is the controller protocol stack. Others believe it was an overwhelmed switch or network infrastructure. We may never know.
– Then we revisited that last statement. Why don’t we know? Sure it may be impossible to see the actual data, but can’t we put that type of controller and switch in a test environment and send some malformed data or excessive data? You could go full out and do a Mu or Wurldtech test, but it likely could be identified with much simpler, open source tools in a matter of minutes. It should be simple to determine with a high probability what the cause was and focus on what needs to be fixed in the offending device.