After a long and successful struggle to bring an industrial firewall to market, Eric Byres is leaving Belden and Tofino behind. We shouldn’t call it retirement because I expect that Eric will be contributing in a number of different ways in the next ten years. I...
I enjoyed last week in Detroit at ESCAR (Embedded Security in Cars). I went there to present on the topic of vehicle security and how remote access and third party devices impact the threat landscape. Many researchers have published about the security concerns of...
The team at Digital Bond Labs has published their ICS Security Research newsletter for the 2nd quarter. I suggest you subscribe to the newsletter, but if you want to view this issue directly, it is available at this link. The issue includes: the latest on...
We are pleased to announce a return to Tokyo for the S4xJapan event on Friday, November 6th. S4xJapan will be held again at Academy Hills on the 49th Floor of the Roppongi Hills Mori Building. There will be a fun and novel social event (last year was the Kaspersky...
While progress on adding basic security to PLC/RTU/Controllers, Level 1 of the Purdue Model, continues to be excruciatingly slow, there is much good news from vendors that make the applications that reside at Level 2. Vendors offering HMI, Engineering...
This is a great session for power engineers and those involved in substations to watch. It is an extremely technical session by Dr. Chee-Wooi Ten of Michigan Technological University. The key point is actually easy to understand. The most critical substations to...
In my talk way back at S4x15 I briefly mentioned a few techniques at identifying interesting parts of an application for reverse engineers. A lot of times we as reverse engineers load up a firmware or DLL or executable. We want to get hunting for bugs as quickly...
We generally do not allow product presentations at S4, but occasionally there is a technology that is novel or potentially important that we make an exception. For example, we had Kaspersky present on their ICS operating system at S4x15. A second exception was made...
Billy Rios of Laconicly joined me on the Unsolicited Response Podcast to discuss two topics: WhiteScope – an online ICS/SCADA whitelist that is trying to solve the last mile supply chain problem until vendors start signing their code. The WhiteScope data...
In part 1 we looked at what CAN is and what the difference between CAN and OBDII traffic is on a vehicle network. In this part we’re going to look at simple reverse engineering techniques to determine which CAN IDs are of interest to us. For this exercise, we’d like...
