[prev in list] [next in list] [prev in thread] [next in thread]
List: cryptography
Subject: Re: [Cryptography] Smart electricity meters can be dangerously insecure, warns expert
From: Arnold Reinhold <agr () me ! com>
Date: 2017-01-16 13:06:54
Message-ID: 57FC9984-389B-49CF-9472-3080C02582F5 () me ! com
[Download RAW message or body]
> On Jan 14, 2017, at 4:05 PM, Ian G <iang@iang.org> wrote:
>
>
>
> On 04/01/2017 16:41, Arnold Reinhold wrote:
> > Late last century I had a gig at Foxboro Corporation, a well-respected \
> > manufacturer of industrial instrumentation and control systems. The stuff I was \
> > working on was electronic and computer based, but they had been in business since \
> > 1908 and had developed many intricate, mechanical and pneumatic sensors and \
> > control systems, which they still supported. After the Iran-Iraq war, Foxboro got \
> > a flood or orders for the older, non-electronic devices from refineries and \
> > chemical plants in the Middle East because they had proved more resilient in war \
> > time than the newer electronic systems. We need to heed that lesson in the \
> > context of cyberwar.
>
> Were the failures due to electrical failures? Or was there a specific cyber attack \
> element that was taking out the gear?
As far as I know there was no cybersecurity in industrial controls back then, hence \
the effectiveness of Stuxnet. And it wasn't just electrical failures, it was overall \
robustness in situations where refineries and the like came under conventional attack \
(bombs, shelling). The mechanical stuff was more likely to keet working and could be \
more easily repaired after an attack.
> > More to the point, however:
> >
> > > So ... I think the power guys are just out of their depths here. It'll take a \
> > > while for them to develop the necessary expertise to integrate modern \
> > > processors properly.
> > One skill essential to any good engineer is knowing when you are out of your \
> > depth and finding engineering resources with the necessary skills. So in this \
> > regard the power guys are likely in better shape than the vast majority of \
> > commercial, government and non-profit enterprises, who have few if any \
> > traditional engineers on the payroll, and probably none in management. (I'm not \
> > counting the IT department, which every enterprise has.) The problem I see is \
> > where does our power engineer go to to get reliable advice on a security design? \
> > There is so much snake-oil security out there. Vendors have their products to \
> > sell, right or wrong, government security agencies want to protect their \
> > offensive capabilities, standards bodies are not specialized in computer security \
> > and treat it as one more chapter in stove-piped specs. Who would you recommend?
>
> I recommend the good engineer acquire the necessary skills and do it herself.
>
> Because of the issues you (and Peter and Jerry) list, the success rate of \
> outsourcing to experts isn't high, so can a good engineer learn enough to leap a \
> rather low bar? Typically, yes. Is it state of the art? No. Is state of the art \
> available? No.
> Is the alternate a secure system, or a standards system that delivers too late and \
> too little, or nothing?
> What's the compromise? Typically, it takes a couple of good engineers to put \
> together a cheap & cheerful security protocol for a narrow use case. Or it takes \
> an industry to make a standard that's over generalised and introduces security \
> impedance mismatches so it typically can't also ever meet state of the art. Clear \
> economics point to "do it yourself."
I've seen too many bad security products designed by people who thought they knew \
enough, but didn't, to accept telling engineers to "do it yourself" as the answer to \
the question I posed. Your right that industry standards tend to be too late and too \
bloated, (and possibly sabotaged by state actors). I think we need some sort of \
professional organization to develop lighter weight standards that can become \
components in engineered systems. NaCl is a start. But why not develop a few simple \
use cases, e.g. simple machine to machine message passing, and designing solutions \
around them?
Arnold Reinhold
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic