Will Your Protection System Work In A Cyber Incident?

Stage 2

Protection and Safety systems are designed and deployed to prevent high consequence incidents from happening. The ICSsec community has seen examples where these systems have been hacked and modified, Stuxnet and Triton, to prevent proper operation. But what if it isn’t even necessary to attack the safety or protection system to prevent it from doing it’s one task?

This session is the result of a research team conducting network testing of a power and load shedding system against a large simulator for a customer’s power system feeding a very large oil field. A number of test cases to prove the protection systems operated as anticipated, this became the base-line for performance. After getting the base line measurements, the team started to break various links in the network, and other degrading actions and various network loads, and measured the impact to the protection system being able to perform its tasks.

This session will show the testing methodology, results and lessons learned for you to insure you can rely on your safety and protection systems to perform as expected and required during any type of incident.

Detection & Response Risk Management