Sonntag, 3. Februar 2013

Japan and Remote Control Stations, how Secure will they be to Cyber Attacks?

An fellow blogger had asked me about my opinion about Japan and Security issues that could be a threat arising from the newly planned remote control stations.  Because I think that this is a very interesting question, I would like to post my answer her, perhaps this is a good subject for discussion and and research.  

"This is a very important issue. In my projects where I am responsible for the cyber security, I do not allow remote control rooms outside the plant. This should be a requirement for all safety, non safety and operational I&C systems (all systems within the cyber security Zone model) to not have a network or internet connection to the outside). The reason is, that I see a lot of problems with a remote control or maintenance station unless, it fulfills very specific cyber security requirements. Let me give you a scenario. Usually, remote control stations do not have the same physical security measures’ as the plant has. They are not occupied all the time, so it is very easy to gain access. I do not know what the Japanese plans are, but let me include a picture of a remote control station from the US .

( I can not find that picture to save my life, but it shows a regular family home in the suburbs. This is supposed to disguised the fact, that this was a remote controlled substation)
That being said, it is the weakest and easiest access point for intruders or malicious indented people. Even though the Japanese are perhaps planning on using wired connections, they want to have the remote station to be able to control the systems, meaning one way communication via hard wire to the systems, meaning you can control the plant and the I&C systems from outside the plant. And what about hardening? Are they going to close non needed ports and vulnerabilities that could be exploited from a remote station? What if they do not use a hardwired connection, can you come and connect a laptop to the hub and gain access, do a traffic analysis and see packages and assign yourself an IP address and gain access to the network and see other remote stations on the grid? As you see, there are too many questions. I would definitely have strict requirements such as:
  • Physical protection and security at all times
  • Occupation of the station with personal at all times
  • Risk analysis
  • Cyber security requirements (I am unclear on what regulations they would use as a basis)
  • Us hardened systems and perhaps a data diode if necessary for one way data exchange (monitoring purposes)
  • Design safety I&C in that manner that you can send via hard wire commands to ignore all other system interactions and commands and execute the emergency action.
  • Or only allow a connections to the hard wired emergency back up systems
 I mean, they should defiantly be required to do a cyber security not safety but security detailed analysis with different attack way scenarios to get a clear picture of the requirements and controls needed.
 Manolya Rowe


  1. This is an excellent Post and I have never come across such mindblowing ideas. Thanks for focusing on the topic in a great way.
    Bodyguard Services

  2. Security is the one of the best thing which always give you a sense of Ultra security and protection against the internal as well as external factor
    home security service
    home security solution

  3. Hello,

    I frequently visit your site, and I am very impressed by your site’s quality content. I commend you on this, and I wish you further success in your activities.

    My name is Alec Mwali and I work at the marketing department at VPN4ALL ltd.
    VPN4ALL is a personal VPN service that encrypts all your data transmitted over the internet and tunnels your online communications through one of our secure server locations. It changes your visibility to the World IP address and protects you against online snoopers and intruders. All in one click!

    Since your website already caters to the traffic that is also immediately relevant to VPN4ALL services, I wanted to take a moment to reach out regarding an opportunity for us to partner together, whereby you’d be earning commission on sales your referrals make referred through an affiliate link in your website.

    The commission earnings start from 25 percent and go up depending on your performance with our affiliate program, plus you get to receive a,
    •A sign up bonus of $9.95 loaded into your Affiliate account once you sign up with us.
    •Enjoy Recurring commissions on every renewals your referrals make
    •Enjoy our VPN Client by becoming our VPN active member.

    Special offer: The first three orders you refer to us will qualify you for a $5 cash bonus (money deposited into your account on top of your regular commission) + a $10 gift certificate from VPN4ALL ltd to purchase any of our packages.

    To join (or learn more about) our program you may fill out the application here
    If you’re not ready to join the affiliate program right away, I would still love to hear back from you: to see how/if we can still work together. I’m very much looking forward to your reply.

    Best Regards,
    Alec/Affiliate Manager,

  4. This blog provides the ultimatum information regarding power system safety regulation.
    power system safety regulation

  5. Hello,

    My name is Alec and I work for the marketing department at VPN4ALL ltd.
    We provide a VPN service that encrypts all data transmitted over the internet and tunnels online communications through one of our secure server locations. It changes ones visibility to the World IP address and protects a browser against online snoopers and intruders. All in one click!

    I contacted you a few days ago with a partnership proposal in my mind. I didn’t receive your reply and I thought that maybe you had never received my email.

    I wanted to take a moment to reach out regarding an opportunity for us to partner together, whereby you’d be earning commissions on sales your referrals make referred through an affiliate link in your website.
    Or are you new to Affiliate Marketing?

    An Affiliate program is an online referral system, where through an affiliate account in our Affiliate program you can get your own individual “referral link” to promote our products.

    The commission earnings start from 25 percent for each sale and go up depending on your performance with our affiliate program.
    It’s fast, easy and 100% FREE to sign up. To join or learn more about our affiliate program, please visit our affiliate page through this link

    If you’re not ready to promote our product right away, I would still love to hear back from you: to see how/if we can still work together. I am open for any reciprocal promotion, if you have anything in mind just let me know.
    I’m very much looking forward to your reply.

    Best Regards,
    Alec/marketing department,

  6. All articles for your safety Nuclear Cyber ​​Security
    It is very valuable and should trouble us would especially like to personally thank you for the high level of the Articles. συστήματα συναγερμού σπιτιών και καταστημάτων

  7. If nuclear facilities copied what cyber security procedures NORAD does for its Cheyenne mountain station they can can save a lot of time and re-inventing the wheel.

    James Greenidge
    Queens NY

  8. Great Blog!! That was amazing. Your thought processing is wonderful. The way you tell the thing is awesome. You are really a master.
    it security program

  9. Nice,
    Thanks for your greatful informations, working in, ASIAN AFFAIRS MAGAZINE.
    Try to post best informations like this always

    Nuclear options: Threats and proliferation

  10. There is no escaping social networking sites; MySpace, LinkedIn, Facebook and Twitter are not only a great way to keep in touch with loved ones and update others on our day to day activities,but they can also be used by organizations as a way of marketing, building contacts and promoting themselves to a wider audience.
    computer security courses

  11. Thank you everybody for your kind comments and words. I will soon post new articles and content, stay tunes and thank you for following.

  12. It's not my very first time to visit this blog; I’m visiting this daily and acquire superb info from here day by day.Big Data and Bigger Breaches With Alex Pentland of Monument Capital Group

  13. The vital information in this blogs has allured me.freedomcashlenders

  14. Thank you so much guys for giving such kind of information. This will assist me a lot.
    advanced loans

  15. The blog has increased me in knowledge in a great way. I’ll surely come again here at this source. vehicle insurance

  16. Cybercrime on a rise in Japan

    According to a report by the Japan Times, the Japanese Police have been consulted 54,103 times for complaints against cybercrimes during the six month period (from January to June). The report suggests that the number has gone up by 37.3% from what it was during the same period last year.

    If that wasn’t enough to convince you, we don’t know what will. Oh wait, we actually do. According to the Japan Times report, an astounding amount of ¥1.852 million has already been transferred from the bank accounts of victims this year, who aren’t even aware of it. But there’s more. The amount has already surpassed ¥1.406 million, the annual record for last year.

  17. This text may be value everyone’s attention. How will I learn more?life insurance

  18. This is quite helpful suggestion I will surely apply this into my life, thanks for imparting great knowledge. roof repair Sugar Land TX

  19. You create sense out of the foremost complex day loans

  20. I never ever saw such type of blog in my life; it has incredible things to give knowledge to others. ipv d2

  21. I actually spend my little time to read the websites but this blog is quite different from others, this has helped me a lot in my work. Thanks Bathroom remodel Lakeville

  22. This blog post is really great; the standard stuff of the post is genuinely amazing.MacFarlane Group

  23. I don’t waste my free time that’s why I read the informative things when I got this blog I really enjoyed reading payday loan

  24. Thanks for sharing a nice post, looks like good; I will give it a try to utilize in my personal life as well. online payday loans

  25. The information you have given in the blog really marvelous and more interesting. niche profit full control bonus

  26. Excellent effort to make this blog more wonderful and attractive. life insurance rates

  27. I will definitely come back to your site to see more splendid posts like this one. advanced loans

  28. Cheers! You have really allured me; I have no words to explain my feelings about your post. Water Solutions HQ

  29. I'd like to take the power of thanking you for that specialized guidance I've constantly enjoyed viewing your blog.forklift trainer

  30. This post has really made sense as compared to others. Special thanks for this. Medical Malpractice lawyer new York city

  31. Hi Dear, have you been certainly visiting this site daily, if that's the case you then will certainly get good knowledge. Vine Vine Skin Care

  32. Great details here, better yet to discover out your blog which is fantastic. Nicely done!!! Vine Vine Skin Care

  33. I am truly inspired from your write-up and sharing this too with my friends and colleagues. life insurance and antidepressants

  34. The quality of your blogs and conjointly the articles and price appreciating. vehicle wraps

  35. This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value. Im glad to have found this post as its such an interesting one! I am always on the lookout for quality posts and articles so i suppose im lucky to have found this! I hope you will be adding more in the future…
    make money online