By Darian Slywka
Water and wastewater system owners and operators have challenges associated with control systems. Legacy mechanical equipment is being replaced by electronic controllers and telemetry devices. Utilities want the benefits of data displayed to operators, owners, and even customers — accessible anywhere, at any time. Remote control, support, and operation are vital to efficiently managing water infrastructure. However, vulnerabilities exist that need to be addressed.
I have been asked repeatedly about the top vulnerabilities within any water system. Listed below are the top six industrial control system vulnerabilities associated with water systems infrastructure.*
* This list is compiled from professional experience in addition to, but not limited to, the following sources: ANSI/ AWWA G430-09, Security Practices for Operations and Management (G430 standard); AWWA Cyber Security Guide; NIST 800-82, the NIST (National Institute of Standards and Technology) Guide to Industrial Control Systems Security (ICS); NIST Framework for Improving Critical Infrastructure Cyber Security; and ISA/ IEC 62443-2-4: A Baseline Security Standard for Industrial Automation Control Systems.
About the author: Darian Slywka is currently the Western Channel Manager for eWON, a Belgium-based industrial remote connectivity company providing secure solutions to OEMs, integrators, and infrastructure projects. His background and education includes environmental engineering and water infrastructure, cybersecurity, IT, and business development. He is licensed in water treatment, water distribution and holds certifications in technology, networking, and more. Find him at http://darians.info.