[Halld-controls] Fwd: [Ics-security] Problems tracking controls HW and SW
Elliott Wolin
wolin at jlab.org
Wed May 9 10:33:23 EDT 2012
FYI, request from Kelly:
-------- Original Message --------
Subject: [Ics-security] Problems tracking controls HW and SW
Date: Wed, 09 May 2012 10:02:54 -0400
From: Kelly Mahoney <mahoney at jlab.org>
To: ics-security at jlab.org
As I get alerts from ICS-CERT, I try to look through the PR system to
see if anyone at JLab purchased the product(s) in question so I can
ensure they are informed. This turns out to be very difficult for
several reasons -
1.) The controls world is notoriously incestuous in that many companies
will rebrand an OEM product and sell it as their own. I've seen some of
the HIMA I/O line sold by no less than five manufacturers.
2.) Siemens' sales slogan is "If we don't sell it we will buy a company
that does." This is pretty true of the business. When tracking down a
particular EPICS ioc manufacturer, I found the company and/or product
line had been bought and sold four times.
3.) OEM manufacturers will rebrand their own devices to appeal to a
particular market - the example at JLab is the Koyo PLC line from Asia
sold in the US as "Direct Logic."
Problems on the purchasing side:
4.) Many components and hardware are sold through distributors. JLab
purchasing will go to multiple distributors to get the best price. A PR
search will typically not turn up a particular manufacturer. A search
for a distributor may only give a partial list and may not include the
product of interest.
5.) To make matters worse, Purchasing is required to use a given
percentage of small/disadvantaged businesses. Many times these
businesses are set up to act as middlemen - they get the PO from JLab,
then go to a large distributor, who then orders from the actual
manufacturer.
Things we can do to help:
1.) When ordering controls HW/SW, include keywords such as Controls,
PLC, SCADA, HMI, I/O ,... that makes searching easier.
2.) Try to include the manufacturer's name and/or product line in the
descriptive text.
In the next few months, we would like to develop a database of controls
hardware and software used at the Lab. This will make the job of
matching threats to specific JLab equipment much easier. If you send
me (FOR SECURITY REASONS *_DO NOT REPLY ALL_*) a list of controls
hardware and software you are using I will start compiling the data.
Info should include:
Manufacturer (e.g. Rockwell, GE, ABB, Motorola, Direct Logic, Siemens,
National Instruments, Cisco, ...)
Vendor (Name of vendors on PRs or credit card purchases)
Description (PLC, PC-104, SCADA SW, PLC Programming SW, ...etc.)
Function (PSS, CMTF Controls, CHL Controls, Test Stand, HVAC, Fire,
Building Controls, RF HPA controls,...etc.)
Location(s) - note if multiple units are used, then list the facility as
the location (CEBAF, HALLA/B/C/D, FEL, CMTF,...)
Model/Part Number
Software Platform (Windows XP/7 32/64 bit, Linux, RTEMS, VxWorx, ...)
Software and/or Firmware Revision
Owner name and e-mail
JLab Property tag, if applicable
_*DO NOT INCLUDE NETWORK IDENTIFIABLE INFORMATION*_ such as IP or MAC
address, Computer name, or network name. This will be collected separately.
Kelly Mahoney
--
--
Sincerely,
Elliott
================================================================================
Those raised in a morally relative or neutral environment will hold
no truths to be self-evident.
Elliott Wolin
Staff Physicist, Jefferson Lab
12000 Jefferson Ave
Suite 8 MS 12A1
Newport News, VA 23606
757-269-7365
================================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.jlab.org/pipermail/halld-controls/attachments/20120509/f6632d0a/attachment.html
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Attached Message Part
Url: https://mailman.jlab.org/pipermail/halld-controls/attachments/20120509/f6632d0a/attachment.pl
More information about the Halld-controls
mailing list