The outing of a simple crash bug has caused public soul-searching in an industry that has historically been closed-mouthed about its vulnerabilities. The flaw, in a particular vendor’s implementation of the Inter-Control Center Communications Protocol (ICCP), could have allowed an attacker the ability to crash a server. Yet, unlike corporate servers that handle groupware applications or Web sites, the vulnerable server software–from process-control application maker LiveData–monitors and controls real-time devices in electric power utilities and healthcare settings. The best known types of devices are supervisory control and data acquisition (SCADA) devices and distributed control system (DCS) devices. A crash becomes a more serious event in those applications, said Dale Peterson, CEO of Digital Bond, the infrastructure security firm that found the flaw.