Thank you for explaining it to me.
Not that I am in love with Microsoft, but Excel has added quite a few "minor" functions since 2000 that dramatically increase usability.
For example, Excel 2007 introduced filtering and sorting by colors. And formats. Coupled with the existing conditional formatting, it significantly improved the ability of the software to sort based on any criteria, without using extra columns.
Going back a bit further, a key feature introduced in Excel 2003 was the ability to import xml datasets, and to set up templates quite easily which automatically imported data from xml files into preset columns. This can be done using macros, sure, but it's a lot easier to use the built in functionality.
Without disagreeing with you, the point I was trying to make was that SIS or safety systems are hard wired and so are not physically capable of being connected to the internet, but (at least on the plants I've worked on) DCS data is available remotely via the company VPN. It is always possible to do financial damage by entering incorrect DCS setpoints, but it shouldn't be possible to compromise the plant safety (in a perfect world, anyway).
Obviously, my experience is in refining and chemicals, not nuclear, so the way control rooms are managed is probably different. I also suspect there is a difference in terminology, as I wouldn't class someone without a four year degree an engineer, but that's another discussion entirely.
There's a lot of misconceptions on slashdot about how these "critical infrastructure" plants actually run. I've spent a lot of time working in chemical plants, and these plants are heavily instrumented, with all parameters recorded. These are accessible in real time to the plant engineers, who typically don't sit in the control room, and often aren't in the same state (there's a very limited pool of people available who are "experts" at some of these processes, and when a serious problem occurs companies want the best person to look at the data ASAP).
The guys who sit in the control room are not engineers. They're plant operators, and their job is to keep the plant running as smoothly as possible, and escalate the issue to an engineer if there's a non-standard problem. Most plants these days are so heavily automated that for normal, stable operation only two operators are required on site per say $100 million of plant (as a guesstimate - more during the day when scheduled maintenance is occurring).
The engineers at these sites are actually classed as management. That's because they have ultimate responsibility for the plant when problems happen, although they don't control the day to day operation of the site. Most of an engineer's day on a chemical plant should be spent looking at whether the plant is configured optimally, and trying to troubleshoot longer term problems which require a more theoretical viewpoint. However, they do have to get out of bed at three in the morning if something's gone wrong. They also have to manage the operators, and have a promotion path to "real" management - refinery managers (for example) are usually engineers.
However, what the article totally missed is that these sites already have two layers of control system - the Distributed Control System (DCS), and the Safety Instrumented System (SIS). The wikipedia contains a lot more detail, but essentially these SIS's are hard wired systems that aren't programmable at all, so they are intrinsically resistant to an internet or software based attack. However, they're very expensive (every trip needs to be built as a dedicated circuit), so these systems are only used to ensure that the plant fails in a safe manner, not continued operation. Priority is given to safety of people in the vicinity over integrity of the plant equipment - these systems wouldn't typically be used a stop a pump or centrifuge (for example) from running too fast, unless that could cause some consequential (human) damage.
Finally, an analog system would be a big step backwards from a safety viewpoint because it wouldn't allow the plants to automatically shut down safely when a problem occurs. Plant shutdowns are typically a multiple step process, and in a refinery (for example), large quantities of high temperature, high pressure flammable gases need to be disposed of, which would simply not be possible to safely "program" in an analog environment. Before digital systems came along, plant trips were "all hands on deck" incidents, with operators frantically adjusting adjusting setpoints on dials to bring the plants down. Of course, the risk of operator error was high, so automated shutdowns were a big step forwards in plant safety.
The Shuttle is now going five times the sound of speed. -- Dan Rather, first landing of Columbia