Skip navigation
All Places > PI Developers Club > Blog > 2013 > March
2013

Before taking a stab at telltales of a fragile system, why is a cyber security guy talking about fragility anyway?

 

The process control engineer in me is more accustom to the idea of system stability. Think about system response to a bump test when you are tuning loops. Ever have one get away from you? Set off an alarm? Or even cause a trip? Perhaps it’s at these times that system instability flirts with fragility.

 

But wait, there is more to fragility. Fragility has an aura of permanence like broken glass. What about the fabled blue screen of death (BSOD)? BSOD is certainly more than just bad luck and most would agree the experience is a hassle. I once experienced a BSOD during defrag resulting in a system that could no longer boot.

 

Perhaps instability and a fragile system make a perfect storm?

 

Back to why a cyber security guy is talking about fragility. Fragile can be used to describe systems that are both easily trashed by malicious or inadvertent activity and are hard to recover.

 

So with that intro, what are the telltales of a fragile PI System?

  1. If you’ve never tested disaster recovery… your PI System might be fragile.
  2. If everyone runs as administrator or piadmin… your PI System might be fragile.
  3. If you open shares to folders on the PI Server… your PI System might be fragile.
  4. If all PI Server archive files are writeable… your PI System might be fragile.
  5. If your servers are running Windows NT or 2000… your PI System might be fragile.
  6. If your only server reboots are due to power outage… your PI System might be fragile.
  7. If the PI Server out of order event count is high… your PI System might be fragile.
  8. If you discover applications that you don’t know where they came from… your PI System might be fragile.
  9. If you have to take a laptop with you on vacation… your PI System might be fragile.
  10. If your home PC is more powerful than your PI Server… you might be a geek!

All kidding aside, as a security guy the main reason for this post is to strongly urge you to plan a disaster recovery drill in the near future. This week’s copycat cyber-attacks in Korea are reported to include the destructive wiper virus. If you’ve been lax on PI System backups now is the time to review your plan.

 

http://arstechnica.com/security/2013/03/your-hard-drive-will-self-destruct-at-2pm-inside-the-south-korean-cyber-attack/

 

While fragility is seemingly unavoidable in environments tied to plant operations, good preventative maintenance practices are still necessary. Of course, avoiding fragility isn’t the goal. You’d rather operate with stable and resilient systems that you can count on when you need them the most!

“Security in Knowledge” – Commentary from RSA Conference 2013

 

At over 20,000 attendees, RSA USA is arguably the largest annual gathering of folks in the cyber security industry.

 

Like last year, I grazed on the periphery of RSA. Other OSIer’s had full conference access. The B-Sides SF event continues to provide the most bang for the buck ($20 instead of $2000 registration). Likewise the California PUC thought leadership series event on cyber security was free. Both of the former were tight knit and provide good interaction. The RSA Expo was extremely busy but complimentary passes make it a bargain too – these include access to many of the keynote presentations.

 

Rhetoric and hype are consistently in excess at RSA and rose to new found levels this year. The recent State of the Union Executive Order announcement with a presidential directive on critical infrastructure resilience probably would have been enough to keep the spin room busy. But it was Mandiant’s carefully timed APT1 report that seemed to whip the conference into a state of frenzy.

 

Suddenly, critical infrastructure protection is ‘cool’ for mainstream cyber security pros. This buzz almost stole the show from the conference theme related to big data security.

 

The Mandiant booth was packed. APT1 fact sheets were very well done, with one case illustrating the details of espionage attacks on the energy sector. In short this is spooky stuff. The problem with creating so much fear is it can be paralyzing. OMG, everyone is getting hacked, these guys are unstoppable – why try?

 

In one form or another I heard this concept play out over and over. Top experts are struggling to answer the question: “Are we more secure than we were 10 years ago?” Several of these security leaders are calling #FAIL on themselves and the whole security industry.

 

Cisco’s John Stewart seemed to handle the question better than most. After suggesting the question is rigged for good debate he offers sobering advice: a sure way to get hacked is to do nothing on cyber security.

 

This gets me to the main topic of this post. If you are wondering what to do relative to PI System security, your plans should include updates as a priority. PI Server 2012 provides significant security benefits. Also we continue to recommend Windows Server Core as the most secure operating system platform for PI System servers.

 

Finally, if you find yourself paralyzed by all the hype please contact us.  We do offer security advice for the PI System.  Let’s have a conversation about PI System security.  Or come join your peers at the OSIsoft Users Conference security workshop and training. I’ll see you there!

Filter Blog

By date: By tag: