SCADA Security Friday

Today I’ll be on the SCADA panel as part of pauldotcom’s 350th episode. View it live at 11:30 EDT or listen to the recorded podcast later. Other panelists are Joel Langill, Patrick Miller and Justin Searle.

If you are interested in the latest on the Battelle v. Southfork legal action, and many of you are based on traffic, you can see the public files on the Southfork Security litigation page. Southfork has an Indiegogo campaign to raise money for their legal defense. While I don’t have any info on whether Battelle’s claims are legitimate or not, it is odd that they did not show evidence how the Visdom source code on GitHub was the same or extracted from the Sophia code when they requested the temporary restraining order. Did they not look at the GitHub code? Or did they feel the case would be less compelling with the comparison?

NIST published the Preliminary Cybersecurity Framework. This Framework was one of the items required in President Obama’s Executive Order earlier in the year. I need to work up the enthusiasm to read and write about the 44-page document.

IEEE Security & Privacy magazine is working on a special issue on Control Systems Security for the Energy Sector. Consider submitting an article if you have something to say. Abstracts are due on January 1st.

Waterfall Security is best known for their unidirectional gateways. This week they introduced the FLIP and a smaller form factor. The idea behind the FLIP is for owner/operators that can live with one-way 99.99% of the time, but once a day or so they need to bring data into the control center. For example pipeline scheduling information or other daily production information. The one-way is temporarily flipped, based on a command from the secure, control center side, to let the information in. It will be interesting to see if this idea gets traction for those owner/operators who can almost live with one-way.

Tweet of the Week

Added late, after the pauldotcom podcast:

@SCADAhacker@ErrataRob@digitalbond these legacy gaps/reasons stay permanent gaps/excuses when phased plans aren’t driven.

— Joshua Corman (@joshcorman) October 25, 2013

Worth Reading Articles

  • Reid Wightman’s Introducing the Modbus VCR

Critical Intelligence’s ICS Security Event Calendar Updates

Critical Intelligence provides reports and other information products on  Cyber Situational Awareness and Threat Intelligence services for Industrial Control System Owner/Operators, Vendors and Government stakeholders.

Image by chrisinplymouth