By George Hulme
Mar 4, 2008
In a world concerned with terrorism, is providing the capability to
monitor factory and plant information from a handheld device really a
A recent story  in U.K.-based magazine Drives & Controls explains
that a German software maker, Schad, has made available a remote access
SCADA tool, dubbed the Extend 7000, that runs from a BlackBerry.
In case you're not familiar with SCADA, it's an acronym for Supervisory
Control And Data Acquisition. SCADA systems are used to manage
factories, manufacturing plants, and power utilities. Over the years,
I've interviewed many experts on the topic, and most agreed that SCADA
systems were never designed with security in mind, and that the systems
are vulnerable to attack.
That said, there have been very few documented cases, at least
publically, of SCADA systems being successfully hacked.
Nonetheless, I don't think it's a good idea to provide access to
critical factory assets from a wireless device. According to the news
story, the Schad system can control and monitor industrial processes
using some systems from Siemens. Some of the features include being able
to monitor machine speeds, temperatures, and pressures, and even get
alerts if something is going awry.
But it's the part about "accessing plans and instructions for
maintenance purposes" that I find concerning.
Do we really want to make plans and equipment information in certain
industries so easily accessible? I don't think so. Hopefully, these are
used on private networks, and not connected to the Internet.
And hopefully, the system remains a monitoring tool, and the
"Supervisory Control" aspect of SCADA isn't added to any wireless
device. But I suspect, over time, the temptation to do so, for sheer
convenience and time savings, will be too great.
Subscribe to InfoSec News