Increasing the security awareness in the water sector is a choice of color - Will you take the blue pill or the red pill?
2009 (English)In: Water Security Congress 2009, 2009, 403-417 p.Conference paper (Refereed)
This paper is based upon experiences from security assessments of SCADA-systems, including assessment performed at one of Sweden's larger water facility. The paper highlights findings and examines state-of-the-practice control system models. These models are commonly employed in the water sector and provide an abstract representation of the system architecture. These kinds of models are indeed a powerful tool for the facility owners and other stakeholders that needs to understand the system configuration. However, these abstract representations are seldom aligned with the reality. They are more like a choice of blissful ignorance. This paper is like a "red pill" for your organization since it point out the sometimes painful truth about reality. It takes a closer look on some abstract representations and reveals some cases where they actually makes the world look "nicer" than it is from a security perspective. It looks nicer merely because the deficient abstract representations don't really show system weaknesses that could have critical consequences. The overall consequence is that the operator of a water facility can be deceived to believe that the security level is far better than it is in reality, simply because details of the system are not scrutinized enough in his models.
Place, publisher, year, edition, pages
2009. 403-417 p.
Abstract representation, Control system models, Facility owners, Security assessment, Security awareness, Security level, System architectures, System configurations, Water facility, Water sector, SCADA systems, Water supply
IdentifiersURN: urn:nbn:se:kth:diva-152017ScopusID: 2-s2.0-84873353124ISBN: 978-161567237-0OAI: oai:DiVA.org:kth-152017DiVA: diva2:749068
Water Security Congress 2009, 8 April 2009 through 10 April 2009, Washington, DC, United States
QC 201409232014-09-232014-09-232014-09-23Bibliographically approved