nanog mailing list archives
Re: First real-world SCADA attack in US
From: Jussi Peltola <pelzi () pelzi net>
Date: Tue, 22 Nov 2011 07:11:43 +0200
On Mon, Nov 21, 2011 at 11:16:14PM -0500, Jay Ashworth wrote:
That implies to me that it is *physically* possible to get opposing greens (which we refer to, in technical terms as "traffic fatalities") out of the controller box... in exactly the same way that it didn't used to be.
Not necessarily. Microwave ovens have an interlock system that has 3 sequentially timed microswitches. The first two cut power to the oven, and the third one shorts out the power supply in case the previous two failed, blowing a fuse. The switches are operated by 2 "fingers" placed on the door so that if the door is bent enough to not seal properly, the switches will be activated in the wrong order causing the shorting switch to operate. This can also happen if you slam the door closed too hard. This is all nice in theory, in practice the microswitches are so flimsy nowadays that I'd not be too surprised if the shorting switch did not succeed in blowing a fuse - and the other two will easily weld together even in normal use (I have seen this happen. Swap the switches and fuse and the oven works again.) The traffic lights can also have some kind of fault-detection logic that sees they are in an illegal state and latches them into a fault mode. IMHO this is stupid extra complexity when relays are obviously 100% correct and reliable for this function, but it seems to be all the rage nowadays to use some kind of "proven correct" software system for safety critical logic. It is so much sexier than mechanical or electro-mechanical interlocks. Anybody who has seen what kind of bizarre malfunctions failed electrolytics cause in consumer electronics will probably not feel very comfortable trusting traffic lights whose safety relies on software that is proven correct. OTOH, the risk is astronomically small compared to someone just running the red lights. Jussi Peltola
Current thread:
- Re: First real-world SCADA attack in US, (continued)
- Re: First real-world SCADA attack in US Michael Painter (Nov 22)
- Re: First real-world SCADA attack in US Mark Foster (Nov 21)
- Re: First real-world SCADA attack in US Jay Ashworth (Nov 21)
- Re: First real-world SCADA attack in US Mark Radabaugh (Nov 21)
- Re: First real-world SCADA attack in US Charles Mills (Nov 21)
- Re: First real-world SCADA attack in US Mark Radabaugh (Nov 21)
- RE: First real-world SCADA attack in US Jason Gurtz (Nov 21)
- Re: First real-world SCADA attack in US Christopher Morrow (Nov 21)
- Re: First real-world SCADA attack in US Jimmy Hess (Nov 21)
- Re: First real-world SCADA attack in US Jay Ashworth (Nov 21)
- Re: First real-world SCADA attack in US Jussi Peltola (Nov 21)
- Re: First real-world SCADA attack in US Valdis . Kletnieks (Nov 21)
- Re: First real-world SCADA attack in US Brett Frankenberger (Nov 22)
- Re: First real-world SCADA attack in US Jay Ashworth (Nov 22)
- Re: First real-world SCADA attack in US Brett Frankenberger (Nov 22)
- Re: First real-world SCADA attack in US Charles Mills (Nov 21)
- Re: First real-world SCADA attack in US Matthew Kaufman (Nov 22)
- Re: First real-world SCADA attack in US andrew.wallace (Nov 22)
- Re: First real-world SCADA attack in US Michael Painter (Nov 22)
- Re: First real-world SCADA attack in US Joe Hamelin (Nov 22)
- Re: First real-world SCADA attack in US Mike Andrews (Nov 23)
- Re: First real-world SCADA attack in US Valdis . Kletnieks (Nov 22)