Jake Brodsky is a veteran of more than 30 years at a large water utility. He has been involved in every aspect of ICS and SCADA from the instrumentation in the field, RTU firmware, the safety systems, controls, network protocols, network architecture, telecommunications, virtualization, systems programming, scripting, screen design, database design, data archival, and most of all: Operations and Maintenance. Twenty years ago, when upgrading a SCADA system, Jake began looking in to security features. Finding none, he got busy trying things out. Jake has had to live with his creations. His experience was hard-won from actual field use. He has made presentations and worked with standards committees for many years. After retiring from the water utility, he now works at Jacobs.
Secure coding practices in workstation and server applications are known to prevent easily identified vulnerabilities. This same issue exists for the people who write code for PLC’s and other Level 1 devices, and most who do PLC coding don’t understand the security ramifications. Like much of ICS / OT it is about 10 years behind […]