nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: First real-world SCADA attack in US

From: Jay Ashworth <jra () baylink com>
Date: Tue, 22 Nov 2011 18:14:54 -0500 (EST)
----- Original Message -----

From: "Matthew Kaufman" <matthew () matthew at>



Indeed. All solid-state controllers, microprocessor or not, are required
to have a completely independent conflict monitor that watches the
actual HV outputs to the lamps and, in the event of a fault, uses
electromechanical relays to disconnect the controller and connect the
reds to a separate flasher circuit.

The people building these things and writing the requirements do
understand the consequences of failure.


If you mean "an independent conflict monitor which, *in the event there is
NO discernable fault*, *connects* the controller to the lamp outputs... so 
that in the event the monitor itself fails, gravity or springs will return
those outputs to the flasher circuit", than I'll accept that latter assertion.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA      http://photo.imageinc.us             +1 727 647 1274
Previous By Date Next
Previous By Thread Next

Current thread: