At Digital Bond’s website, Mike Toecker makes a case for complex control systems in that complexity often brings efficiency and performance with it.
While efficiency and performance are certainly noble goals, they’re not the only ones. If you’re in Critical Infrastructure, there is another goal that gets a higher priority than either of these two goals: Availability. While Complex systems are often more reliable, they are also usually harder to diagnose. In other words, they may not break very often, but when they do they have a longer Mean Time To Repair.
There are ways around this:
- Include integrity self-checks, just like modern cars do.
- Use intelligent devices to your advantage. In other words, devices should either be
- pre-calibrated
- pre-configured
- self-configuring
- self tuning
- Have performance specifications and diagnostic tools for each subsystem. In other words, is the unit self-tuning and producing the results you expect?
- Train people on these devices. Do not dismiss this as some simplistic notion of module-swapping. Module-Swapping alone is likely to destroy modules, waste time, and result in very unreliable performance. I have seen people waste tens of thousands of dollars of just modules, never mind the service calls and over-time, just because of one I/O problem.
- Note that this training should also include discussion of how the self-configuring and self-tuned devices figure out what they need to do and where that information comes from.
- With Complex systems there are Complex security problems. There are more parts, more subtleties, and more failure modes. Do managers understand what performance level the consultants and engineers expect, and what the staffing and supply chain looks like well enough to handle these additional problems?
Complexity can pay significant performance and efficiency dividends. But it comes at a cost. Do not ignore those costs. The question managers should ask is very basic: How Much Return on the Investment of additional complexity can be expected?
And then with that answer, ask: Is the additional exposure to potential security problems worth it? What are the backup plans in case this lovely system fails?