On Tue, Oct 5, 2010 at 6:43 PM, Ian Thomas <il.tho...@iinet.net.au> wrote: > PG – I wasn’t aware of the CERT gov thing at all (ausCERT had offices all > over – I seemed to discover them down some obscure corridor in several > universities). > > I wonder what the overlap would be with the energy regulators, and power > corps like Horizon, Country Energy, etc? (there are at least 20, I believe). > > Silky – little (?nothing) in the more general ICT press from IDG is > technically useful, really. But it keeps me in touch, I guess. > > The reason that I bothered to OT-flag that article was that I do have an > interest in the overlapping areas of NBN / trans-sector usage of high-speed > data links / smart grids / smart energy / energy efficiency / technological > solutions to some of our profligate over-consumption, etc. Which is why I > don’t get too upset about the climate change / global warming hysteria (or > unmanageable emotional excess) – it’s probably good for us in the affluent > nations to respond to “GW”, since there may be some useful by-products – as > long as C-trading doesn’t become yet another unknowable and uncontrollable > financial derivative. > > On a technical tangent, some time ago Juval Lowy (IDesign) was promoting > what he termed the “next boom in software” – or the “Energynet” concept. In > a few email dialogues about 18 months ago, he told me that he had been > involved in “a few cool initiatives” in that area (using .NET), and he > reckoned the “potential is the internet revolution all over again” – > verbatim quote. I think it’s a little slow to take off, but the info I read > in the telecoms arena does display a lot of interest. > > Most of the larger iron ore and oil & gas companies used to use SCADA > systems – and like you, I had noticed one or two ComputerWorld type news > articles about security concerns, in the past couple of months. I’m out of > touch now with what’s happening there (NW of WA, oil & gas, etc), but I > suspect SCADA is still king.
Right. I really don't know much about any of that. I have no idea what "Energynet" refers to. What I found interesting on the SCADASEC list is that mostly, the "ideal" environment is to keep "core" systems totally seperate from the internet at large. Interestingly, the security proposals in that link (lots of logging, centralised access control, etc) tend to go against that model. My (non-expert) opinion is that a seperated/segregated area for core process is ideal, and takes precendence over other concerns. It also seems to me that keeping the systems on a sort of "obscure" platform is a good approach; that is could there be a "hardened" .net release, that contains only X components useful for the various purposes. Probably far more challenging and would introduce complexity such that it outweighs any real benefits. I don't know. Arguably interesting to think about. > Thanks for the couple of links. > > ________________________________ > > Ian Thomas > Victoria Park, Western Australia -- silky http://dnoondt.wordpress.com/ "Every morning when I wake up, I experience an exquisite joy — the joy of being this signature."
