Smart Tanks

There is an interesting article over at EnvironmentalLeader.com about how the so-called ‘Smart’ technology will not just be limited to the electrical grid. The author, Rebecca Sternberg, makes the point that running real time inventory and process data is not only valuable for maximizing manufacturing efficiency, but that the increasing environmental regulatory load will make that real time data invaluable for ‘tweaking’ processes to minimize their environmental impacts. One point that Ms Sternberg completely ignores in this valuable discussion is the issue of process security. The increasing integration of process and inventory control systems with enterprise software only makes it more likely that there will be new avenues opened to allow access to the critical process systems by outsiders with a variety of nefarious intents ranging from industrial espionage, industrial sabotage and potentially including terrorist attacks. System developers need to take this into account when designing the interfaces between these systems. While ensuring that process commands cannot be sourced through the ERP side of the system will go a long way to preventing the use of that linkage in a terrorist attack, it will do little to prevent industrial espionage or industrial sabotage. As companies expand their integration of ERP and ICS systems they need to become more cognizant of the cyber security implications of that networking. The problem is even greater with older ICS systems because they were developed without significant security applications. They were originally intended to be isolated from outside connectivity so security protocols were not included in the design of the systems.