It introduces another unknown in the system and can introduce unwanted side affects. We have found software whitelisting is generally more applicable to these sort of systems than traditional AV
Ok, firstly SCADA and PLC's are two different things. SCADA is the HMI control system and PLC's are the parts that actually talk to the physical devices. While sometimes they are in the same box usually they are totally different devices. Secondly PLC's can be anything from windows PC's to low level simple processors. However they have one overriding concern and that is real time control of the plant hardware. This is why PLC's are hard to secure. Often they have not the power to run encryption algorithms required for security.
But they should not need to. Almost all of them are bespoke running closed simple OS, using proprietary languages. More importantly they should all isolated both behind physical security and network within a DMZ. That's not to say security cannot be improved, however these are not your PC's connected to the internet.
SCADA machines are more problematic Generally they are standard PC's running windows(Often quite an old version of windows). The very generic nature of the hardware and OS is its biggest weakness. As are their users. One of the problems we have encountered is viruses being stuck on PC's via USB sticks brought in from outside. We have even found games installed by bored users. So why not put antivirus software on them you may ask? Well the problem there is finding AV software which does not affect the operation of the SCADA software. Secondly is maintaining updates. To do that is either a manual process(not really feasible) or connect them to a central server or internet. This introduces an attack vector of its own.
STUXNET is always highlighted when these conversations come up, but this is misleading. If reports are to be be believed this was perpetrated by national agencies with all the resources that implies. No system is totally secure in that situation, the best you can hope for is to detect and delay. However most systems will never come under such a coordinated attack. Saying that it has concentrated the PLC industries mind on security, so thats not a bad thing, but we are no where near the Armageddon scenario that such articles seem to hint at
After my initial tests, I must say that ReFS is incredible advangement. ReFS supports named streams, object IDs, short names, compression, file level encryption (EFS), user data transactions, sparse, hard-links, extended attributes and quotas. It is basically all the best filesystems compiled into one.
Not only is this good for Windows system, but overall network architecture.
and of course will be an open standard(Sarcasm Alert)
I had the same quandary. I have a panasonic compact which is great,but pants in less than optimal light. I looked at 4/ 3 cameras and was tempted by both sony, panasonic, and olympus offerings. However they are expensive, poor lens choice, and are not really pocketable . In the end you would be better off with something like a sony a35 dslr. Which is comparable price, has a viewfinder but has live view and a bettee selection of lenses
One of the consistent items from the Steve Jobs Biog, was that he kept showing Bil Gates things like the iPad and the iPod and Gates just not getting it. So it does not surprise me
Microsoft over many years have built themselves a straitjacket called windows. They cannot do anything without seeing how it affects their cash cow, without realizing until recently it was strangling them.
I wonder how many other ideas generated from there in-house geniuses they hire every year has been strangled by there short-sightedness
I seem to remember that James Burke(http://en.wikipedia.org/wiki/James_Burke_%28science_historian%29) did similar predictions in his tomorrow world books, but since I last read them when I was about 10 I can't remember much about them. I'm sure one was that pavements would be replaced by moving walkways by know.
If anyone has a copy or if Mr J.Burke is reading I would be fascinated to know how they turned out...
I think the important phrase in that article is the comment from the Danish grid representative that
We are able to balance the present system with strong interconnectors, market-based trade with the neighboring countries, and good wind forecasts.
Which basically is saying that thery can use wind power as long as other countries generate a base load to take up the slack on windless days. The irony here is that much of that electricity maybe generated via nuclear.
Power demand crashes at night (and is likely to go even lower in the future as incandescent lighting is replaced by fluorescents and LEDs), so unless you're idiot enough to try to run your entire grid off PV that's a non-issue. (Solar thermal systems can store heat underground in the form of molten salt, so they can actually function well overnight.)
Reduces not crashes. In our 24/7 society it is likely that load is reduced but is still going to be high. For example AC's take a lot of power and in some climates are likely to still happen at night. Storage technology such as molton salt is untried especially at the scales required to power an industrial technology.
PV power however is perfect in warm sunny climates, since it tends to generate the most energy when demand is at its peak - long, hot, sunny days. That's a feature, not a bug.
Wind power is variable, but tends to pick up when power demand spikes in cooler climates (during cool windy weather). An efficient grid allows you to move any excess to where it's needed. Energy can also be stored, as pumped water for example, or even in enormous batteries. Costly, but likely cheaper than private insurance for nuclear reactors (particularly in the wake of Fukushima).
Tends but not guaranteed. You cannot gurantee that the wind will meet the load required at anytime. Pumped storage is great if you can find enough places for them. They are also expensive. Large Batterys storage such as molton sodium are again untested on the scale we are talking here is untested.
Personally I still think whatever way we cut it nuclear is still required unless you want to rely on fossil fuels.However a new smarter grid, and increased investment in power efficiency technology and local generation could help.
Most importantly there is not renewable technology that will create the base load.
Sure there is... hydro provides an awesome base load generation capacity, and there are a lot more places you can build dams than geothermal plants.
Of course, most of the people who hate nuclear power hate hydro as well.
I agree hydro is the most viable of renewable technologies, but in the developed world anyway most of the available hydro sites have already been taken. I doubt there is much expansion in hydro. Thats before the issues of erosion etc are considered
If costs are the same or lower for renewable energy technologies that have numerous benefits and far fewer risks, why would rational people choose nuclear?
well I can think of a few reasons. solar PV does not work at night, wind power is variable, geothermal and tidal sites are few.
Look I'm in favour of wind technology and solar, but power generation is not as simple as just generating. You have to be able to generate it at the right time and get it to the right place. Which means you have to have a mixture of technologies. Most importantly there is not renewable technology that will create the base load.
Unfortunately power generation is not like replacing a couple AA batteries its a complex business
I Which of course is absurd. Erlang is useless for implementing servers, kernels, runtimes, networking stacks, file systems, device drivers, VM systems, database servers, or anything else that actually makes a computer tick.
When I first read this I assumed the poster was being sarcastic, but reading again they actually believe it. Erlang useless for implementing servers? Erlang is used to implement loads of servers. You look at the back end of the a lot the the top 100 company web services and you will find them using Erlang to implement their server functionality. Erlang is used to provide database systems too.
The idea that Erlang is some sort of toy academic language that is not used for anything practical is a joke. Erlang came out of a real industrial requirement to allow telecom switches to support millions of processes while remaining up 24/7. From that it has grown to be used in all sort of real world applications. Some could even suggest that its purity has been compromised in order to meet the real world requirements.
The problem with parallel programming is not that its difficult but the tools that are used to implement it. I have used two languages that have made parallel programming a doddle. The first is Occam and the second is Erlang. They both implement parrallel programming the same way, and that is avoid shared memory and use message passing. Once you do that things get far simpler.
The parent has a good point. The concentration has been on power consumption as the reason that Intel are not in the mobile game. Buts thats only part of the story.
The ability to take an arm core, customise it to your specific requirements and therefore differentiate yourself from the rest of the market is just as important. Intel are to expensive for low end products, but the high end market don't want to be clones.
Don't forget having a killer feature of allowing music sharing among other Zune users, then let the legal departments and music industry interests handicap it to the point of being useless
On the other hand, it is possible the age of standalone music players is coming to an end. Even Apple are struggling to do anything new with them. With smart phones having the music playing built in, the need for separate music players is less pressing...
Ok lets get some real facts into this conversation.
1. Windows should not be used in SCADA systems
we all know that windows has a number of security holes. Whether this is because it is inherently insecure, its closed source aspect or its familiarity is a debating point. Probably some of all 3. Unfortunately it is a fact most SCADA systems use windows. The reason for this is historical. The most common SCADA communication system is OPC. When it was originally specified it was based on communication over DCOM. Now you could argue that this is one of the most insane decisions ever because basically it has given windows a near monopoly on SCADA over the past decade. However things are changing OPC-XA is the latest standard and this is more open. However the ubiquity of windows means that I can't see other OS making an impact anywhere in the near future. So we just need to deal with it.
2. Outside networks should not be connected to a industrial control system.
Great in theory, and maybe achievable in a factory environment as long as you have engineers on 24 hour call. But there are many situations where it is not practical. For example a offshore wind farm. In these situations unless you are going to lay your own cables, the most efficient way of monitoring your system is over the internet cloud. Now this does not mean you are using the internet. You will use VLAN over dedicated portals. Your system will be protected behind multiple firewalls.There are many levels of protection you can put in and while no protection is totally secure it will still survive the majority of attacks.
In fact a greater danger is often not the internet but the ubiquity of USB memory keys. Basically if you lock down your system so there is no network access, support and commissioning engineering being persistent little buggers will find ways to make there life easier like putting patches on via USB keys which were only recently connected to there home computer. At least with network access you can monitor the activity.
The one thing the Stuxnet virus has done is wake people up to the dangers. Most people who work in the industry new industrial systems are far less secure than say a banking system. However the assumption has been that because viruses were targeted at things like obtaining credit card details, there was little damage they could do if they infected a control network. Also the assumption was that control networks OS are outside the knowledge area of the average virus writer so targeted viruses would be rare. This is awake up call that now control systems are seen as the new battleground by governments. Why bomb a nuclear plant when you can plant a virus? There is going to a lot more emphasis on security on such systems going forward and that can only be a good thing
The XBOX was helped by Sony messing up its upgrade policy. They were determined to sell Blue Ray through it so the PS3 came out late and to expensive.
MS will need to have Apple and Android make the same mistakes if they want to get the same effect. Apple especially seem very good at maintaining a technical lead
Well, windows 7 is designed for mouse input while the iPad OS is designed from the start for touch input. Also windows 7 require a large amount of memory and a power hungry(compared to arm processor anyway) processor to work so increasing cost and killing battery life.
Slashdot Mirror
It introduces another unknown in the system and can introduce unwanted side affects. We have found software whitelisting is generally more applicable to these sort of systems than traditional AV
LOL
Ok, firstly SCADA and PLC's are two different things. SCADA is the HMI control system and PLC's are the parts that actually talk to the physical devices. While sometimes they are in the same box usually they are totally different devices. Secondly PLC's can be anything from windows PC's to low level simple processors. However they have one overriding concern and that is real time control of the plant hardware. This is why PLC's are hard to secure. Often they have not the power to run encryption algorithms required for security.
But they should not need to. Almost all of them are bespoke running closed simple OS, using proprietary languages. More importantly they should all isolated both behind physical security and network within a DMZ. That's not to say security cannot be improved, however these are not your PC's connected to the internet.
SCADA machines are more problematic Generally they are standard PC's running windows(Often quite an old version of windows). The very generic nature of the hardware and OS is its biggest weakness. As are their users. One of the problems we have encountered is viruses being stuck on PC's via USB sticks brought in from outside. We have even found games installed by bored users. So why not put antivirus software on them you may ask? Well the problem there is finding AV software which does not affect the operation of the SCADA software. Secondly is maintaining updates. To do that is either a manual process(not really feasible) or connect them to a central server or internet. This introduces an attack vector of its own.
STUXNET is always highlighted when these conversations come up, but this is misleading. If reports are to be be believed this was perpetrated by national agencies with all the resources that implies. No system is totally secure in that situation, the best you can hope for is to detect and delay. However most systems will never come under such a coordinated attack. Saying that it has concentrated the PLC industries mind on security, so thats not a bad thing, but we are no where near the Armageddon scenario that such articles seem to hint at
After my initial tests, I must say that ReFS is incredible advangement. ReFS supports named streams, object IDs, short names, compression, file level encryption (EFS), user data transactions, sparse, hard-links, extended attributes and quotas. It is basically all the best filesystems compiled into one.
Not only is this good for Windows system, but overall network architecture.
and of course will be an open standard(Sarcasm Alert)
I had the same quandary. I have a panasonic compact which is great,but pants in less than optimal light. I looked at 4/ 3 cameras and was tempted by both sony, panasonic, and olympus offerings. However they are expensive, poor lens choice, and are not really pocketable . In the end you would be better off with something like a sony a35 dslr. Which is comparable price, has a viewfinder but has live view and a bettee selection of lenses
One of the consistent items from the Steve Jobs Biog, was that he kept showing Bil Gates things like the iPad and the iPod and Gates just not getting it. So it does not surprise me
Microsoft over many years have built themselves a straitjacket called windows. They cannot do anything without seeing how it affects their cash cow, without realizing until recently it was strangling them.
I wonder how many other ideas generated from there in-house geniuses they hire every year has been strangled by there short-sightedness
unified automation
You can run OPC-UA over DCOM so you don'y have to throw away your legacy code. You can then evolve your system later
But I too will be so glad when I don't have to run a system over DCOM
What a great find, thank you! Short of calling it internet, he got it perfectly right.
Almost right. If only he had added "and will be a marvellous mechanism for the transfer of salacious pictures of young ladies "
I seem to remember that James Burke(http://en.wikipedia.org/wiki/James_Burke_%28science_historian%29) did similar predictions in his tomorrow world books, but since I last read them when I was about 10 I can't remember much about them. I'm sure one was that pavements would be replaced by moving walkways by know.
If anyone has a copy or if Mr J.Burke is reading I would be fascinated to know how they turned out...
I think the important phrase in that article is the comment from the Danish grid representative that
We are able to balance the present system with strong interconnectors, market-based trade with the neighboring countries, and good wind forecasts.
Which basically is saying that thery can use wind power as long as other countries generate a base load to take up the slack on windless days. The irony here is that much of that electricity maybe generated via nuclear.
Power demand crashes at night (and is likely to go even lower in the future as incandescent lighting is replaced by fluorescents and LEDs), so unless you're idiot enough to try to run your entire grid off PV that's a non-issue. (Solar thermal systems can store heat underground in the form of molten salt, so they can actually function well overnight.)
Reduces not crashes. In our 24/7 society it is likely that load is reduced but is still going to be high. For example AC's take a lot of power and in some climates are likely to still happen at night. Storage technology such as molton salt is untried especially at the scales required to power an industrial technology.
PV power however is perfect in warm sunny climates, since it tends to generate the most energy when demand is at its peak - long, hot, sunny days. That's a feature, not a bug.
Wind power is variable, but tends to pick up when power demand spikes in cooler climates (during cool windy weather). An efficient grid allows you to move any excess to where it's needed. Energy can also be stored, as pumped water for example, or even in enormous batteries. Costly, but likely cheaper than private insurance for nuclear reactors (particularly in the wake of Fukushima).
Tends but not guaranteed. You cannot gurantee that the wind will meet the load required at anytime. Pumped storage is great if you can find enough places for them. They are also expensive. Large Batterys storage such as molton sodium are again untested on the scale we are talking here is untested.
Personally I still think whatever way we cut it nuclear is still required unless you want to rely on fossil fuels.However a new smarter grid, and increased investment in power efficiency technology and local generation could help.
Most importantly there is not renewable technology that will create the base load.
Sure there is... hydro provides an awesome base load generation capacity, and there are a lot more places you can build dams than geothermal plants.
Of course, most of the people who hate nuclear power hate hydro as well.
I agree hydro is the most viable of renewable technologies, but in the developed world anyway most of the available hydro sites have already been taken. I doubt there is much expansion in hydro. Thats before the issues of erosion etc are considered
If costs are the same or lower for renewable energy technologies that have numerous benefits and far fewer risks, why would rational people choose nuclear?
well I can think of a few reasons. solar PV does not work at night, wind power is variable, geothermal and tidal sites are few.
Look I'm in favour of wind technology and solar, but power generation is not as simple as just generating. You have to be able to generate it at the right time and get it to the right place. Which means you have to have a mixture of technologies. Most importantly there is not renewable technology that will create the base load.
Unfortunately power generation is not like replacing a couple AA batteries its a complex business
Erlang has most of the observable properties of Occam, so it's not all lost.
The problem is that people still insist on using mutable shared state in concurrent programs. If only they stopped doing silly things like that...
Erlang has most of the observable properties of Occam, so it's not all lost.
The problem is that people still insist on using mutable shared state in concurrent programs. If only they stopped doing silly things like that...
Right on, brother
I Which of course is absurd. Erlang is useless for implementing servers, kernels, runtimes, networking stacks, file systems, device drivers, VM systems, database servers, or anything else that actually makes a computer tick.
When I first read this I assumed the poster was being sarcastic, but reading again they actually believe it. Erlang useless for implementing servers? Erlang is used to implement loads of servers. You look at the back end of the a lot the the top 100 company web services and you will find them using Erlang to implement their server functionality. Erlang is used to provide database systems too.
The idea that Erlang is some sort of toy academic language that is not used for anything practical is a joke. Erlang came out of a real industrial requirement to allow telecom switches to support millions of processes while remaining up 24/7. From that it has grown to be used in all sort of real world applications. Some could even suggest that its purity has been compromised in order to meet the real world requirements.
The problem with parallel programming is not that its difficult but the tools that are used to implement it. I have used two languages that have made parallel programming a doddle. The first is Occam and the second is Erlang. They both implement parrallel programming the same way, and that is avoid shared memory and use message passing. Once you do that things get far simpler.
The parent has a good point. The concentration has been on power consumption as the reason that Intel are not in the mobile game. Buts thats only part of the story.
The ability to take an arm core, customise it to your specific requirements and therefore differentiate yourself from the rest of the market is just as important. Intel are to expensive for low end products, but the high end market don't want to be clones.
Didn't Richard Branson already announce plans to visit the deepest point of all the oceans, so I presume he already has the technology to do this?
Since to the best of my knowledge no one has ever directly detected a gravitational wave the best guess for the cut off frequency is 0
Don't forget having a killer feature of allowing music sharing among other Zune users, then let the legal departments and music industry interests handicap it to the point of being useless
On the other hand, it is possible the age of standalone music players is coming to an end. Even Apple are struggling to do anything new with them. With smart phones having the music playing built in, the need for separate music players is less pressing...
Microsoft has taken a 2% stake valuing the site at 2 billion dollars....
Ok lets get some real facts into this conversation.
1. Windows should not be used in SCADA systems
we all know that windows has a number of security holes. Whether this is because it is inherently insecure, its closed source aspect or its familiarity is a debating point. Probably some of all 3. Unfortunately it is a fact most SCADA systems use windows. The reason for this is historical. The most common SCADA communication system is OPC. When it was originally specified it was based on communication over DCOM. Now you could argue that this is one of the most insane decisions ever because basically it has given windows a near monopoly on SCADA over the past decade. However things are changing OPC-XA is the latest standard and this is more open. However the ubiquity of windows means that I can't see other OS making an impact anywhere in the near future. So we just need to deal with it.
2. Outside networks should not be connected to a industrial control system.
Great in theory, and maybe achievable in a factory environment as long as you have engineers on 24 hour call. But there are many situations where it is not practical. For example a offshore wind farm. In these situations unless you are going to lay your own cables, the most efficient way of monitoring your system is over the internet cloud. Now this does not mean you are using the internet. You will use VLAN over dedicated portals. Your system will be protected behind multiple firewalls.There are many levels of protection you can put in and while no protection is totally secure it will still survive the majority of attacks.
In fact a greater danger is often not the internet but the ubiquity of USB memory keys. Basically if you lock down your system so there is no network access, support and commissioning engineering being persistent little buggers will find ways to make there life easier like putting patches on via USB keys which were only recently connected to there home computer. At least with network access you can monitor the activity.
The one thing the Stuxnet virus has done is wake people up to the dangers. Most people who work in the industry new industrial systems are far less secure than say a banking system. However the assumption has been that because viruses were targeted at things like obtaining credit card details, there was little damage they could do if they infected a control network. Also the assumption was that control networks OS are outside the knowledge area of the average virus writer so targeted viruses would be rare. This is awake up call that now control systems are seen as the new battleground by governments. Why bomb a nuclear plant when you can plant a virus? There is going to a lot more emphasis on security on such systems going forward and that can only be a good thing
The XBOX was helped by Sony messing up its upgrade policy. They were determined to sell Blue Ray through it so the PS3 came out late and to expensive.
MS will need to have Apple and Android make the same mistakes if they want to get the same effect. Apple especially seem very good at maintaining a technical lead
Personally I'll be sticking to JSON
Well, windows 7 is designed for mouse input while the iPad OS is designed from the start for touch input. Also windows 7 require a large amount of memory and a power hungry(compared to arm processor anyway) processor to work so increasing cost and killing battery life.