Skip navigation
All People > Bryan Owen > Bryan Owen's Blog > 2015 > July

NERC facilitates many forums to advance industry practices and grid reliability. "Segmentation and Control Systems - It's a Good Thing!" by Dustin Cornelius from the 2014 Monitoring and Situational Awareness Conference caught my attention as worth reading.


Here are a few observations and comments:


  • Although compliance motivated, Dustin's strategy goes beyond NERC CIP minimal compliance.  More cases like this could be reason for optimism about industry lead approaches to critical infrastructure protection.


  • Back to basics. Microsoft's immutable laws go back to 2001. "Law #8: The difficulty of defending a network is directly proportional to its complexity". I like the way Dustin turns this around to less segmentation is more complex and more risk.


  • Future prediction. While too soon to call a trend, an increasing number of you are implementing host based security perimeters. Whether this approach finds enough momentum to overcome a shinny new NxGen firewall is a tough call. OTOH I wouldn't bet against virtualization.

Ok, Joseph Sirosh and his connected cow case study was good, even great for out of the box thinking. Count me in as an IoT believer!


Bryan's IoT Postulate looks like this:

Business innovation potential = Brains * π ^ (Pervasive Sensing)


No disrespect to spaghetti westerns is intended by this post. 'The Good, the Bad, and the Ugly' is my cyber spin.


We certainly prefer a world where brain designs for good far exceed the bad and ugly plans. Collaboration for goodness is a driving force within the PI Square community. 'Badness' is pretty evident in context of cyber but 'Ugly' designs and actors aren't always so obvious. Sometimes what was once beautiful turns ugly.


For instance, automobiles have been cited as a potential sweet spot for IoT applications. Now consider this recent public recall notice:

"In these vehicles, it could be possible for the engine to continue to run after turning the ignition key to the “off” position and removing the key, or after pressing the Engine Start/Stop button."


Time will tell if the bug is 'cyber' bad or just ugly. More to the point, is potential ugliness of getting the fix. How many affected vehicles will really get updated? Is there a better way? See my teaser on Patching ICS at Ludicrous Speed.


We have this same update servicing challenge across the industrial software solution space. IoT and cyber may well be the catalyst for this kind of innovation.


In the meantime, please keep collaborating and share good practices for maintaining your PI Infrastructure.