Martin McKeay is a respected member of the security community with a lot of great thoughts rambling around in his head. I normally read his stuff with interest and nod my head like a ditto-head.

But no one is perfect, and recently he expounded upon the video "hacking the grid", and talked about how wrong it was.

Having had direct experience with more than three (I'm purposely obfuscating here, don't want to point too many fingers) utilities, I can say without a doubt that his premise is wrong in the two core parts of the argument:

1. There is air gap between network and control systems

2. Control systems are complex and proprietary

I wrote about this in 2002, but CMP Media's search indexing apparently hasn't improved because the article is gone, though resultant letter to the editor lives on. So I'll recap here.

1. There used to be more than an air gap, there was a massive wall, and control engineers wanted to keep it that way. Unfortunately the reality is that Ethernet is cheap and reliable, so companies, including public utilities, moved to it against the advice of their control network engineers. Once it was in place, it was soon interlinked with the data network to provide reporting and data archiving. Air gap is a myth except in places - like nuclear plants - where it is required by regulation, and even then it only takes one employee and one Ethernet cable to create a cross-link.

2. Control systems used to be highly complex and proprietary. Then along came XML-everything, you know, that thing I rant about because some people think talking is too burdensome, we should wrap it all in XML? Yeah, it's portable, it's human readable (which means all the idiots can debug it), and it's (relatively) standardized. I myself have seen a boiler on a power plant be shut down from a corporate desktop using WML. I've also controlled power to businesses from a desktop, turning it off and on at my whim over the corporate data network. Yeah.

What I would like to see is the return of controls to binary, and a new separation of control and data networks - possibly with firewalls, though those are not foolproof like air-gap was - to keep things a touch safer.

As to the genesis of the video and how it was leaked, that I can't comment on. Afraid I can only be an expert in a few things, and political maneuvering or video leakage aren't on my list. I suspect that was more Martin's point - how exactly did it "leak", and is this all posturing? I dunno, but there is some truth to what the video has to say.

 

Until next time,
Don.

Imbibing: Mt. Dew

(re)Reading: The Civilization of Charlemagne, Boussard, McGraw Hill