I Understand (Score: 1) by venkman@pipedot.org on 2015-01-13 04:12 (#2WPT) I understand how these control systems end up connected to the Internet. A few years ago in my process engineering job, I had the ability to VPN in and access our plant's control system. When someone calls at 2 in the morning, you don't want to come in to work to troubleshoot. Re: I Understand (Score: 1) by tanuki64@pipedot.org on 2015-01-13 09:14 (#2WPW) You understand? I don't. Yes, it is understandable that no one wants to come to work at 2am t troubleshoot. But you also mentioned one solution: VPN. It is (or should be) a well known fact that embedded devices and industrial systems often suck at security. But this does not matter, if they are isolated behind a proper firewall/gateway. It may not be possible to upgrade the machinery, but the access to and from those systems should be under total control of the operating company.
Re: I Understand (Score: 1) by tanuki64@pipedot.org on 2015-01-13 09:14 (#2WPW) You understand? I don't. Yes, it is understandable that no one wants to come to work at 2am t troubleshoot. But you also mentioned one solution: VPN. It is (or should be) a well known fact that embedded devices and industrial systems often suck at security. But this does not matter, if they are isolated behind a proper firewall/gateway. It may not be possible to upgrade the machinery, but the access to and from those systems should be under total control of the operating company.