BP leads security initiative

Achilles Project seeks to block attacks on UK’s critical national infrastructure

Written by Daniel Thomas

Computing, 21 Sep 2005

Energy giant BP is leading a global initiative to plug security holes in engineering systems that control large parts of the UK’s critical national infrastructure (CNI).

BP’s Achilles Project is testing for security flaws on supervisory control and data acquisition (Scada) systems which automate operational processes at its energy plants and pipelines in more than 450 sites across the world. Scada systems are often internet-connected and can be vulnerable to computer hackers.

Working with the British Columbia Institute of Technology (BCIT), BP plans to extend the scheme in the hope that it will be used by other parts of the CNI that use Scada systems, such as power stations, train networks and sewage treatment plans.

‘We need to move to a stage where there is a proper security certification for engineering systems,’ said Paul Dorey, chief information security officer at BP.

‘The next plan for us and the BCIT is to spread the capability of this to other test laboratories in the world.’

The project could help reduce the risk of hackers taking control of parts of the CNI, by using sophisticated systems to test Scada appliances against all known security flaws before they are installed in engineering plants.

Research from PA Consulting and BCIT suggests that there has been a tenfold increase in the number of successful attacks on Scada systems since 2000. The report also estimates that between 100 and 500 unreported industrial cyber attacks occur each year (Computing, 21 April).

The UK is believed to have avoided major electronic attacks on its critical infrastructure, but other countries have been less fortunate.

In 1999, hackers seized control of a major Russian gas pipeline for more than 24 hours. And in April 2000, millions of tonnes of sludge were released into rivers and parks when a former employee hacked into the systems of an Australian sewage treatment centre and took control of 300 Scada systems.

‘It is important that organisations which use Scada and other process control systems are aware of the risks associated with using the internet in this way,’ said a spokesman for the government’s National Infrastructure Security Co-ordination Centre, which works to minimise electronic attacks in the UK.

‘Organisations need to take proper steps to protect themselves and the processes they control using these techniques.’

Tags:

reader comments

related articles

 
Global Research Technologies

Could dry ice help make carbon scrubbing a reality?

Firm behind high profile carbon scrubbing technology plans to shun carbon credits in favour of selling captured CO2 for use in everything from dry ice to fizzy drinks 05 Jun 2008

Australia delivers carbon capture first

Warrnambool geosequestration facility to store up to 100,000 tonnes of carbon dioxide 04 Apr 2008

Carbon Emissions

Researchers claim CO2-absorbing rock could trap Gulf's emissions

Geologists claim peridotite offers "low-cost, safe and permanent method to capture and store atmospheric CO2" 10 Nov 2008

related whitepapers

today's top stories

Security

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

The Industry View

Got the Knowledge?

Last week the civil service published a new strategy to help government seize the opportunities and meet the challenges of managing knowledge... 01 Dec 2008

Communications

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

Management

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

Talking Outsourcing

India will remain open for business - but that's not the real story

One of the duties I have to fulfil as a director of the National Outsourcing Association is to talk to the media... 28 Nov 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Advertisement

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

IT Salary Checker

  • Are you being paid what you are worth?
Check salary here

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Will the terrorist attacks in Mumbai affect your offshoring plans?

Will the terrorist attacks in Mumbai affect your offshoring plans?

Is India becoming a risky destination?

Previous poll results

> More polls

Latest audio and video articles

Padlocked CDVideo

Technology and privacy

Watch part one of a two-part Computing roundtable debate on the importance of putting data privacy issues at the heart of your IT plans 01 Dec 2008

Podcast imageAudio

Computing podcast - Standard Life's offshoring plans; and the prospects for government IT

The insurance giant outlines its new outsourcing strategy; and we ask if the government's economic bailout will affect its IT plans 28 Nov 2008

> More audio and video

Latest in-depth articles

ntl:Telewest's Stephen BeynonAnalysis

Q&A - ntl:Telewest Business managing director Stephen Beynon

The cable provider's chief talks about the future of next-generation broadband access in the UK 28 Nov 2008

cowboyFeatures

Guns for hire

David Neal explores the world of interim CIOs and discovers why more firms are turning to them to spur on IT-led change 27 Nov 2008

> More in depth articles

Advertisement

Primary Navigation