Know Everything!

stock-vector-jack-king-queen-of-spades-vector-28951519When I was doing my undergraduate I was used to be regularly questioned by my friends on my interests in information technologies being a Chemical Engineer. I used to reply back stating that I am trying to find a link between the two. Though at that time my interests were not really based on what I claimed, I found my job requiring skills in both the areas and hence helping me perform better.

Today I find knowledge of ‘finance’, ‘history’, ‘psychology’ and ‘economics’ are essential to move up. Many technical people want to stay focused in their areas of interest which are mostly very narrow and expect to gain expertise in that field. But the whole idea can be challenged. Lack of knowledge in subject areas which seem totally unrelated can be a hurdle to professional growth even on technical areas of focus.

Knowledge of ‘history’ and ‘culture’ is very important to understand why your counterpart in an overseas affiliate behaves differently, knowledge of ‘finance’ is very essential to understand why and how top management decisions are made, knowing ‘psychology’ can help handle your sub ordinates better. Applying technical judgments in business world will fail miserably. Many technical people feel decisions are forced upon them because they fail to understand business needs and in a globalized environment they feel deserted when they fail to understand the history, culture and psychology of their colleagues.

Even technically many people want to ‘focus’ their expertise only on certain technical areas. Either they consider other areas not as challenging as their areas of expertise or they feel even their focus area is too much for their lifetime. And even to reason this behavior, knowledge of Indian culture and psychology is important. In Indian society ‘engineering’ enjoys higher status as compared to basic sciences, literature… And if you apply some ‘statistics’ you will find that this is purely linked to the higher average pay engineering graduates enjoy. Whether the JOBS really do any ‘engineering’ is a BIG QUESTION! I personally felt science more challenging and difficult than engineering. And today when I read the ‘history’ of ‘science’ itself it is difficult to make judgments on the validity of engineering we are doing now which are again based on science.

From childhood this idea has been drummed into us again and again: stay focused, jack of all trade makes king of none etc.. It might be true if our objectives are broader considering our lifespan on earth. Pathetically these objectives are too narrow or too ‘technical’ that it prevents achieve these objectives. Most of the seemingly unrelated subjects are highly correlated and technologies have very small lifespan. Hence to be successful it is essential to ‘KNOW EVRYTHING’

Note: The word ‘technical’ is not used with the right meaning in this blog. Even I was stamped non-technical by few people. To them technical is IT and rest of the world is non-technical 🙂

Share

More on Stuxnet – Some Views

 

Stunxnet is beyond imagination. Bloggers claim its targets are beyond process, power and nuclear plants. Siemens systems are also being used in Space as well as Traffic control systems like railways. If you have seen Die Hard 4.0 you can have your imagination rolling!  Now its clear why hackers targeted Siemens systems. But still I have my doubts.

One of the blogs claim it could have even attacked India’s INSAT-4B satellite. Jeffery Carr on his blog says “On July 7, 2010, a power glitch in the solar panels of India’s INSAT-4B satellite resulted in 12 of its 24 transponders shutting down. As a result, an estimated 70% of India’s Direct-To-Home (DTH) companies’ customers were without service. India’s DTH operators include Sun TV and state-run Doordarshan and data services of Tata VSNL.

What does this have to do with the Stuxnet worm that’s infected thousands of systems, mostly in India and Iran? India’s Space Research Organization is a Siemens customer. According to the resumes of two former engineers who worked at the ISRO’s Liquid Propulsion Systems Centre, the Siemens software in use is Siemens S7-400 PLC and SIMATIC WinCC, both of which will activate the Stuxnet worm.”

The blogger has indicated that the PLC’s were used in Liquid Propulsion Systems Centre. Might be that these PLC’s were used as safety systems for gas handling. Whether these PLC’s were used to control satellites is a real question.

 

And there has been lot of talk about SIL. SIL only represents reliability of the system and not security.

 

What is a SIL? (ref: http://www.dyadem.com/services/additional-engineering-services/sil/)

A SIL is a statistical representation of the reliability of the SIS when a process demand occurs. It is used in both ANSI/ISA-S84.01 and IEC 61508 to measure the reliability of SIS. Both ISA and IEC have agreed that there are three categories: SILs 1, 2 and 3. IEC also includes an additional level, SIL 4, that ISA does not. The higher the SIL is, the more reliable or effective the system is.

SILs are correlated to the probability of failure of demand (PFD), which is equivalent to the unavailability of a system at the time of a process demand.

 

There has also a lot of SIL4 discussed on these blogs.

What is SIL 4? (ref: http://www.gmigasandflame.com/sil_faqs.html#SIL4)

SIL 4 is the highest level of risk reduction that can be obtained through a Safety Instrumented System. However, in the process industry this is not a realistic level and currently there are few, if any, products / systems that support this safety integrity level.
SIL 4 systems are typically so complex and costly that they are not economically beneficial to implement. Additionally, if a process includes so much risk that a SIL 4 system is required to bring it to a safe state, then fundamentally there is a problem in the process design which needs to be addressed by a process change or other non-instrumented method.

Quotes one of my Colleagues who is Safety Systems professional “To attain SIL 4 the system has to be non micro processor based and hence more secure. It is true that it is more secure as there is no software involved. However practically SIL4 are not used currently”

This discussion on Siemens website supports it (http://www.automation.siemens.com/WW/forum/guests/PostShow.aspx?PageIndex=1&PostID=181715&Language=en)

However there has been some work on SIL using Linux (Ref: SIL4LINUX). And some claims on Software supporting SIL 4 (www.firmafrance.com/Documents_Produits/Produit3396.pdf)

 

To conclude the SIL standards really do not ensure how secure the system should be from hacking attempts.

 

One more question! How come Windows in Iran. Noted this on Microsoft’s Website (http://www.microsoft.com/exporting/faq.htm)

Are there certain countries you cannot ship Microsoft products to?

Yes.  In general, Microsoft products may not be exported to Cuba, Iran, North Korea, Sudan, or Syria.

 

For automation professionals who would like to know more on the infection process read Symantec’s Exploring Stuxnet’s PLC Infection Process

Share