SCADApedia
AAA  AAA 

Roadmap Interviews and Comments

Last week in Chicago the Energy Sector Roadmap Working Group had a two-day workshop to hear about the current control system research efforts and how it will or will not help meet the Roadmap milestones. This event was a bit different because it was an input event where the Working Group was gathering information as opposed to a conference trying to spread the word.

A couple of important questions kept being repeated by the asset owners on the Working Group. What would be the tangible results from the research for my company? Who in my organization would use these results? How does this research effort contribute to achieve to meeting the Roadmap goals? Researchers may want to keep these in mind next time they seek funding.

I recorded three interviews at the Roadmap Workshop.

Direct link to the podcast.

 
icon for podpress  Standard Podcast: Play Now | Play in Popup | Download

Podcast Info:

We have made it easier for you to get Digital Bond’s podcasts.

Subscribe via iTunes.

Or you can subscribe to the Podcast RSS Feed.

I did have a chance to review the recently issued Water Sector’s Roadmap for Securing Industrial Control Systems. It is modeled off the Energy Sector. Overall a useful and well done document, but it has one large, glaring problem. There are a tremendous amount of near-term 1-year milestones. It would be impressive if the water sector, which has not been terribly effective to date, could achieve 25% of these 1-year milestones. It’s always a bad idea to have a ten-year plan that begins failing in year one.

Author: Dale Peterson
Posted: June 3rd, 2008 under Dept. of Energy, Podcasts, Uncategorized.
Comments: 2

Comments

Comment from Jake Brodsky
Time: June 3, 2008, 10:39 pm

The water roadmap looks like the energy roadmap because both roadmaps were facilitated by the same firm. The facilitators had a lot to do with the similarity of these documents. Many of the people on the water sector committee had a deer in the headlights look when they made comments on this document. Most had no idea what the energy sector roadmap looked like.

Part of the problem with people who read these “roadmaps” is that they don’t understand what these things are for. It is mostly to raise awareness among stake-holders that security is a necessary element of control systems design.

The water industry has been particularly lax with discussion of control systems design, primarily because the control systems are usually very simple affairs. Only in the last decade have things started to get complex enough that water and wastewater systems need to consider the impact of more sophisticated process control on their control systems. Even that isn’t universal. Most of the control systems design impact happens with larger, more heavily integrated water utilities.

In other words, there really isn’t the same degree of sophistication among most water utilities as you might find in the energy sector.

That’s why the water sector document milestones look different. However, I still have to agree that the milestones in BOTH documents are somewhat unrealistic for the near term.

One thing missing from both of these documents is the notion that security comes from the top down. Not. Just as we discussed with safety, it must come from both the bottom and the top and it has to meet mid-way.

The real problem here is education on a massive scale. We can’t just educate the leaders who will wave their hands and somehow security happens. We need the technocrats in the middle and the participation of boots on the front line or none of this is going to happen.

Those are the missing pieces of this roadmap. Without buy-in at all levels, none of this is going to happen. I’m working on the middle and lower levels in my industry. I hope there are others like me in the energy sector, or most of these milestones will remain two and three years away for a decade or more.

Comment from amino world
Time: June 5, 2008, 2:10 pm

another fine webcast, dale (esp the comments from tom)!

Write a comment