I've said it before and I will personally say it again: the power systems of a nation should not be on the internet. You don't need any type of SCADA to run and protect a well designed power system other than an occasional human to human phone line. And yes one can have a SCADA system isolated from the outside but still...
Well I've been out of the generating game for a few years now (but I'd happily go back, nudge,nudge )
My initial take is that the gradual integration of the major transmission substations to permit centralised control also makes them incredibly vulnerable to some miscreant gaining access to the system. In the (not so) old days any switching operation required a real live human at the substation. Now the Control Engineer at the grid's facility in Wokingham (or the spotty teenager in St. Petersburg) can control that substation. Progress has a downside. The best firewall is a locked down workstation without any connection to the outside, but patched and secured as if it were.
Someone from the security industries commented that a terrorist only has to get lucky once, the security services have to get lucky every time. Not great odds.
![[wink]](/data/assets/smilies/wink.gif "[wink] [wink]")
)