The HMI system is separate from the control function of the underlying control system.
Hardware issues happen. Sometimes badly when the hardware is old. That is why there is redundancy. It is a bit hard to recover from a failed raid controller though without taking the server down. The 6 servers are doing the same job, so one going down is expected but extremely rare.
A 'crash' also happens if someone loads borked data onto the servers. This has happened in the past and is why there are redundant servers:p We always load new configurations to a certain server to test and after it is validated it is loaded on the rest.
Here in Norway you pay for data and that is that. How you use it doesnt matter as long as it goes through the phone somehow. Disabling tethering on a phone would cause a major issue here... trying to charge for it would be commercial suicide....
It is not a quirk of mathematics. It is a quirk of language. While it can be parsed the way you say, most would parse it to mean "1/100000 of previous consumption". It might not be the "right" way, but it is the way most people read it.
So on one hand what you state is correct from a mathematical standpoint but on the other hand irrelevant. It is technically incorrect but the phrase "xxx times less" has become the way people express that something is 1/xxx of what it used to be. You can yell at people until you're blue in the face but it is pointless to try to change the language back to what it used to be:p
Of course, having an air gap is the best way to secure it.
Unfortunately having said air gap makes everything quite a lot more expensive... and hard to use.. and much less flexible.
When it comes to issues like power grids there needs to be network connections between different sections of the grid for control purposes. In a spiffy nice happy-fun world these would run on dedicated fiber channels or other such separated networks... Unfortunately this is horribly expensive.. So expensive in fact that most would be fired for doing it:p
What most end up with is some sort of point-to-point encrypted tunneling communication channel that uses the internet for transport. Vendors will tell us all this is perfectly secure as there is no way for anyone to get into the datastream.... As long as you assume the encryption implementation is perfect.. "whops".
Another issue is that even with dedicated connections that are not "internet" connections.. most if not all providers of such networks have a management network on top of it.. If this network is compromised the separation of your expensively bought "private" network is well and throughly fucked.
If you hear a simple solution to a complex problem it is usually wrong:p
And that is why most of these critical systems are "on the internet".
Most if not all oil rigs in the north sea are connected to land-based systems over fiber and a microwave link (for redundancy). These land based systems need to be connected to the location where the engineers do their work on said systems. To be able to do that work, you need live data from the plant both for analysis and logging. The easiest way to do that is to have a restrictive firewall between the land-based system and the engineering network. As the engineers need to have access to a myriad of documentation databases the workstations are connected to a corporate network... Said corporate network is of course connected to all kinds of gateways... including the internet.
Boom, you're on the internet. And usually this is no big deal.
You still have to get through 5-6 layers of networks, all of em highly monitored and restricted as much as possible without compromising the ability to do actual work... It is not a simple job at all, and it relies on there being bugs in software on all levels of firewalling to work. Fairly unlikely.
And... finally...
Lets say you manage to get into the control system of an oil rig in the north sea. What exactly are you going to try to do? Cause an explosion? How are you going to do that? Overload equipment? Well, the controllers will go bonkers with alarms if that condition were to even get close.. Going to screw with the emergency shutdown system? Sorry, you cant write to those controllers without going out into the field and flipping/turning a physical switch. Cause process upset and cost the company money? Sure, you could do that. Cause release of process material or damage to the plant? Bloody hard to do even with full source code access to the plant (which I happen to have for some of the rigs..). Even with all that information I would still be hard pressed to do anything that the system wouldnt catch as an issue.. Alarms go off if you change anything while the system is running. Operators would be all over the issue before anything serious could happen.
Oh... and did I mention the hardwired safety system which will go to a safe state if you cut power? Yeah... In case of a major control system crash or attack you cut power to the whole fucker and it blows off pressure and resets to a safe state. This is required by law and is checked at least annually over here. It is a major PITA but I wouldnt have it any other way.
1. Create regular full backup of production system. 2. Verify that the backups are ok. Preferably by multiple people and/or external personnel. 3. Ship said backup on physical media to an off-site location where admin staff has no access.
Now... Tell me just how the lone rogue admin is going to fuck up this system?
Having the keys matters not. You still cant destroy the backup that is no longer in your possession. You -can- however release the information in the backup if you release the keys.
A fairly simple and common procedure is to have a sealed envelope with master encryption keys in a safe somewhere that the admins do not have access to. Hell, in my previous job I didnt have access to the physical location where backup tapes were stored. I could ship stuff there, but not retrieve without a process of filing a request through S@P to be approved by my senior.
While I dont fully agree with those claiming this is completely "off topic" it doesnt really answer the question at all.
The issue might be that the admins work in an organization with shitty leadership but that is not really something an admin can reasonably be expected to 'fix'.
What can be done though is to set up systems that mitigate the risk and damage of someone going batty. That is the question presented, not how to fix bad management!
My account has only people I want seeing my personal stuff. I am fully aware that the "security" of facebook privacy etc is bunk but it does give me a place to have day-to-day drivel without having to deal with the trolling asshats on most blogging sites.
I make my money building control systems for oil rigs and find it challenging and interesting. I have no need to drive traffic to my blog:p
I have no clue how one could study history without having knowledge of the major religions of the world. So many of the historical events that shaped the world were motivated at least partially by religious faith...
Yeah, but that would require people to have a grip on reality and we cant have that;)
A lot of people will make the choice of being offended by something just to be offended!
There is no amount of logic or reason that will work on those short of a 'final solution' type thing which I think we can all agree is not really a solution worth even considering:p (Not that it isnt amusing to troll for reactions from people with the phrase though...:p)
"It's ridiculous, but science is being bullied in the US..."
There fixed that for ya.
Here in Norway... if a teacher were to teach creationism in a biology class they would most likely be fired... Religious theories and differing views like creationism and FSM (flying spaggeti monster) would most likely be covered in a class covering religion. Before everyone goes batshit: The classes covering religion and alternate belief systems are structured around facts about said groups. Like pillars of faith, holy texts and history about the origins of the religions. It has been decided long ago here that it is essential for our population to at least have a minimum of information about such issues as it makes society a whole lot less ignorant and hateful.
Both my parents are teachers and teach sciences. There is the occational student with anal parents making demands but they usually shut up after being introduced to the actual content of the lessons... If they continue and disrupt the education more likely than not a "letter of concern" would be sent to child services. (Routine thing in schools here, to help discover unhealthy home environments and abuse etc).
Amusingly my father has a muslim student and he attended the Advent christian protestant ceremony before christmas. He was given a letter to be signed by his parents if they wanted him excused from it but their reply was simply "It doesnt matter, he has his own belief and experiencing the christian ceremony wont harm and might be useful for him". The kid had no issue and put it more bluntly "I dont believe in any of it anyway so why make a fuss?".
Slashdot Mirror
The HMI system is separate from the control function of the underlying control system.
Hardware issues happen. Sometimes badly when the hardware is old. That is why there is redundancy. It is a bit hard to recover from a failed raid controller though without taking the server down. The 6 servers are doing the same job, so one going down is expected but extremely rare.
A 'crash' also happens if someone loads borked data onto the servers. This has happened in the past and is why there are redundant servers :p
We always load new configurations to a certain server to test and after it is validated it is loaded on the rest.
Kollsnes Gas refinery in Norway has a control system running entirely on DECNET :p
Mostly because it is almost impossible to get them to upgrade because the damn servers are so fecking stable.....
They have 6 servers and have had less than a handful of crashes since 1996.... It is quite scary :p
And I suspect said ddos will be "for teh lulz" or somesuch :p
The more pain in the ass the DRM is, the better for everyone. It raises awareness of the problem.
We just need to hit critical mass which I suspect a ps3 dial-home drm might actually do.
There is a surprising amount of people who do not have an active internet connection to the ps3 on a daily basis and only connect it for updates...
I have a domain that forwards *@example.com to my gmail address.
I sign up using the site name as the account-name whenever I have to provide one.
When spam arrives from an email in annoying quantities I add a specific rule to send that email address into a dead account.
The charge for tethering is such a scam :p
Here in Norway you pay for data and that is that. How you use it doesnt matter as long as it goes through the phone somehow.
Disabling tethering on a phone would cause a major issue here... trying to charge for it would be commercial suicide....
That would require them knowing what they're talking about.
Cant have that now can we :p
In the UK it can be libel even if it is true.
That is one of the reasons so many assbags(alleged) sue there ;)
A friend of mine successfully had the name "Adolph Treffler" for several years on facebook.
"Treff" is norwegian for "hit", so I guess you can see where this is going :p
While they require a real name, Anthi would probably fly, and your friends probably wont give a carp (:p) about the change.
Annoying I know, but sometimes the only way to go about it.
(yes, the carp is intentional, who cares about fish :p)
Not the case here in Norway luckily ;)
If they dont provide the service you paid for you get your money back.
Yay for consumer protection laws :D
It is not a quirk of mathematics. It is a quirk of language.
While it can be parsed the way you say, most would parse it to mean "1/100000 of previous consumption".
It might not be the "right" way, but it is the way most people read it.
So on one hand what you state is correct from a mathematical standpoint but on the other hand irrelevant. :p
It is technically incorrect but the phrase "xxx times less" has become the way people express that something is 1/xxx of what it used to be.
You can yell at people until you're blue in the face but it is pointless to try to change the language back to what it used to be
Most likely their idea is to protect oil tankers and the likes from a guy named "Mr. The Plague" or perhaps "Zero Cool".
I think that is the last place I saw the term used :p
The constitution has already been downgraded from "law" to "guideline" so I doubt adding an amendment would help.
Have a gander at the way the teeth of the constitution have been filed down over the past 10 years... Scary.
HAM operators ;)
Got to love em
Of course, having an air gap is the best way to secure it.
Unfortunately having said air gap makes everything quite a lot more expensive... and hard to use.. and much less flexible.
When it comes to issues like power grids there needs to be network connections between different sections of the grid for control purposes. In a spiffy nice happy-fun world these would run on dedicated fiber channels or other such separated networks... Unfortunately this is horribly expensive.. So expensive in fact that most would be fired for doing it :p
What most end up with is some sort of point-to-point encrypted tunneling communication channel that uses the internet for transport. Vendors will tell us all this is perfectly secure as there is no way for anyone to get into the datastream.... As long as you assume the encryption implementation is perfect.. "whops".
Another issue is that even with dedicated connections that are not "internet" connections.. most if not all providers of such networks have a management network on top of it.. If this network is compromised the separation of your expensively bought "private" network is well and throughly fucked.
If you hear a simple solution to a complex problem it is usually wrong :p
And that is why most of these critical systems are "on the internet".
Most if not all oil rigs in the north sea are connected to land-based systems over fiber and a microwave link (for redundancy).
These land based systems need to be connected to the location where the engineers do their work on said systems.
To be able to do that work, you need live data from the plant both for analysis and logging.
The easiest way to do that is to have a restrictive firewall between the land-based system and the engineering network.
As the engineers need to have access to a myriad of documentation databases the workstations are connected to a corporate network... Said corporate network is of course connected to all kinds of gateways... including the internet.
Boom, you're on the internet. And usually this is no big deal.
You still have to get through 5-6 layers of networks, all of em highly monitored and restricted as much as possible without compromising the ability to do actual work... It is not a simple job at all, and it relies on there being bugs in software on all levels of firewalling to work. Fairly unlikely.
And... finally...
Lets say you manage to get into the control system of an oil rig in the north sea. What exactly are you going to try to do?
Cause an explosion? How are you going to do that?
Overload equipment? Well, the controllers will go bonkers with alarms if that condition were to even get close..
Going to screw with the emergency shutdown system? Sorry, you cant write to those controllers without going out into the field and flipping/turning a physical switch.
Cause process upset and cost the company money? Sure, you could do that.
Cause release of process material or damage to the plant? Bloody hard to do even with full source code access to the plant (which I happen to have for some of the rigs..).
Even with all that information I would still be hard pressed to do anything that the system wouldnt catch as an issue.. Alarms go off if you change anything while the system is running. Operators would be all over the issue before anything serious could happen.
Oh... and did I mention the hardwired safety system which will go to a safe state if you cut power? Yeah... In case of a major control system crash or attack you cut power to the whole fucker and it blows off pressure and resets to a safe state.
This is required by law and is checked at least annually over here. It is a major PITA but I wouldnt have it any other way.
Oh... you get bright orange stickers the size of a license plate here that are to be placed where the license plate would be.
Like this:
http://media.photobucket.com/image/pr%2525C3%2525B8veskilt/AtleNorsteb/Diverse/21052009350.jpg
1. Create regular full backup of production system.
2. Verify that the backups are ok. Preferably by multiple people and/or external personnel.
3. Ship said backup on physical media to an off-site location where admin staff has no access.
Now... Tell me just how the lone rogue admin is going to fuck up this system?
Read again.
Having the keys matters not. You still cant destroy the backup that is no longer in your possession. You -can- however release the information in the backup if you release the keys.
A fairly simple and common procedure is to have a sealed envelope with master encryption keys in a safe somewhere that the admins do not have access to.
Hell, in my previous job I didnt have access to the physical location where backup tapes were stored. I could ship stuff there, but not retrieve without a process of filing a request through S@P to be approved by my senior.
While I dont fully agree with those claiming this is completely "off topic" it doesnt really answer the question at all.
The issue might be that the admins work in an organization with shitty leadership but that is not really something an admin can reasonably be expected to 'fix'.
What can be done though is to set up systems that mitigate the risk and damage of someone going batty. That is the question presented, not how to fix bad management!
That depends a lot on your use of facebook.
My account has only people I want seeing my personal stuff. I am fully aware that the "security" of facebook privacy etc is bunk but it does give me a place to have day-to-day drivel without having to deal with the trolling asshats on most blogging sites.
I make my money building control systems for oil rigs and find it challenging and interesting. I have no need to drive traffic to my blog :p
You can legally drive on the road without plates?.......
I have no clue how one could study history without having knowledge of the major religions of the world. So many of the historical events that shaped the world were motivated at least partially by religious faith...
Yeah, but that would require people to have a grip on reality and we cant have that ;)
A lot of people will make the choice of being offended by something just to be offended!
There is no amount of logic or reason that will work on those short of a 'final solution' type thing which I think we can all agree is not really a solution worth even considering :p (Not that it isnt amusing to troll for reactions from people with the phrase though... :p)
"It's ridiculous, but science is being bullied in the US..."
There fixed that for ya.
Here in Norway... if a teacher were to teach creationism in a biology class they would most likely be fired...
Religious theories and differing views like creationism and FSM (flying spaggeti monster) would most likely be covered in a class covering religion.
Before everyone goes batshit:
The classes covering religion and alternate belief systems are structured around facts about said groups. Like pillars of faith, holy texts and history about the origins of the religions. It has been decided long ago here that it is essential for our population to at least have a minimum of information about such issues as it makes society a whole lot less ignorant and hateful.
Both my parents are teachers and teach sciences. There is the occational student with anal parents making demands but they usually shut up after being introduced to the actual content of the lessons... If they continue and disrupt the education more likely than not a "letter of concern" would be sent to child services. (Routine thing in schools here, to help discover unhealthy home environments and abuse etc).
Amusingly my father has a muslim student and he attended the Advent christian protestant ceremony before christmas. He was given a letter to be signed by his parents if they wanted him excused from it but their reply was simply "It doesnt matter, he has his own belief and experiencing the christian ceremony wont harm and might be useful for him". The kid had no issue and put it more bluntly "I dont believe in any of it anyway so why make a fuss?".
Less BS and more common sense please!