Control system cyber incidents are different from network cyber incidents because you can’t hide their impact: plane, trains, and ships crash, pipeline rupture, power and water are lost, etc. What is not identified is that many of these incidents have been cyber-related, and this failure to recognize them is because of a lack of appropriate cyber forensics and training. In 2024, there have been almost 150,000 malicious and unintentional control system incidents in water, automotive, ships, aircraft, rail, electric, manufacturing, building controls, etc. that were not identified as being cyber-related, but which caused physical impacts. This experience in identifying control system cyber incidents led to training I developed that is now available as a service from Applied Control Solutions, LLC. As control system field devices are common to multiple critical infrastructure sectors globally, this information is of relevance to every sector.
