Cyber incidents are electronic communication between systems, or between systems and people (as when users interact with displays), that can affect the traditional IT triad of C, I, or A. Cyber incidents can be unintentional or malicious. Medical device control system cyber incidents are more prevalent than has been thought.From the December 2025 issue of IEEE […]
Category: General Topic
The need for appropriate Purdue Reference Model Level 0 cybersecurity training
I expected by now there would be commercial and government organizations addressing the unique cybersecurity issues at Level 0. They are not. This disconnect highlights a fundamental problem: much of today’s OT cybersecurity training assumes a security posture at Level 0 that simply does not exist. That is, just because Level 0 devices are not […]
Cybersecurity regulations assume a security posture for Level 0 devices that do not exist
An unjustified assumption underlies the cybersecurity of manufacturing and industrial processes. You can’t be cybersecure or safe if you can’t trust your measurements. The lack of embedded cybersecurity in Level 0 devices forces a fundamental reexamination of current regulatory frameworks such as NERC CIP, ISA/IEC 62443-4-2, NIST SP 800-82, API, AWWA, NIS2, CRA, KRITIS, NEI-0809, […]
Using AI in Professional Engineering
It seems that when a new technology becomes practical, there is always a rush by self styled influencers to apply this solution to whatever problems they can think of. Those who question the applicability of this new technology are considered naysayers or even Luddites. Nevertheless, there is a history of overblown, oversold technologies. Remember Blockchains? […]
The Unaddressed Cyber Frontier: Level 0 Sensor Measurement Integrity
I was asked by Anna Ribiero from the Industrial Cyber Newsletter about the cybersecurity of Purdue Reference Model Level 0 control system field devices (process sensors, actuators, etc.). Level 0 devices are the 100% trusted input in all sectors. Yet Level 0 devices have no cybersecurity, authentication, cyber forensics, nor appropriate cybersecurity training. If you […]
[UPDATED] “Ninja Squirrels” Continue Plaguing Electric Utilities
[UPDATE 20-NOV-2025] This is an updated post from the original post ‘Did a “Ninja Squirrel” Cause the Northeast Blackout in 2003?’ (dated 17-Jul-2016). It can be found here: http://scadamag.infracritical.com/index.php/2016/07/17/did-a-ninja-squirrel-cause-the-northeast-blackout-in-2003/ Several more stories from mid/late-2025 implicating squirrels as the cause of recent power outages throughout the United States. Squirrel causes power outage for hundreds of Lafayette […]
The Truth About OT Data and What It Costs
“You can’t handle the truth!” –Col. Jessup played by Jack Nicholson in the 1992 movie “A Few Good Men“ Many think that if they could just get closer to the data that they will somehow discover something that will save the company millions and that will more than justify all the expense and hassle. I […]
Stuxnet lessons yet to be learned after 15 years
Five years ago, I wrote about the lessons yet to be learned from Stuxnet[1] and have read a recent article by an industry opinion leader on the same theme. The author states several lessons which I think are worth discussing and ends the article by asking the reader what they would add to the list[2]. […]
What have we learned since Stuxnet – when it comes to control system cyber security not much
For SCADASec Fifteen years ago, I wrote the blog – “Malicious vs unintentional cyber incidents – why it is necessary to include unintentional incidents” This blog was written weeks before Stuxnet and its impact on control systems and centrifuge damage were made public. Stuxnet demonstrated that cyberattacks could be made to look like equipment malfunctions […]
Network tabletop exercises don’t include engineering and plant operations
If engineering and operations are left out of cybersecurity training and exercises, it’s no surprise that they’d also tend to be overlooked during the pressure of an actual incident. The complexity in manufacturing and industrial control systems is not understood by network security. Simply restarting IT and OT networks from a “golden backup” is not […]