CIPC met this past week in St. Louis, with a good agenda of cyber, physical, and compliance items. A bit of background for non-CIP folks, the CIPC stands for Critical Infrastructure Protection Committee, an advisory panel to NERC and the ES-ISAC “in the...
We lost three S4x14 videos due to technical difficulties at the end of the day on Wednesday. One of them was a great session from Stephen Dunlap and Jonathan Butts of the Air Force Institute of Technology entitled PLC Code Protection. The presentation slides from that...
It is close to a universal truth that vendors in all industries do not handle their first vulnerability disclosure incident well. We now know the same is true of User Groups with the DNP3 User Group as an example. The widespread DNP3 implementation vulnerabilities...
Sean McBride of Critical Intelligence asserted at an RSA session it was a contractor named NEDA that introduced Stuxnet into Natanz. Mark Clayton broke the news in this article, and here is a link to Sean’s RSA slides. Industrial Defender announced ASM support...
Last week there was an entertaining SCADASEC thread on the new SANS/GIAC Global Industrial Cyber Security Professional (GICSP) certification. To get your GICSP you take the 5-day SANS Course ICS410: ICS/SCADA Security Essentials and then get 69% or better on the...
Bryan Owen and OSIsoft have been supporters of ICS security research for almost a decade now. And Bryan had another interesting and pithy 15 minute session at S4x14. He covers 15 cyber incidents from around the world that affected their products and company …...
Patrick Coyle covers the new effort by the American Water Works Association (AWWA) to develop a Cybersecurity Guide and Cybersecurity Online Tool that attempts to follow the NIST Cybersecurity Framework. TechCrunch reports that Siemens Venture Capital “is...
A live demo often leads to a presentation disaster, but this was not enough of a challenge of Eireann. He decided to run a Red Team / Blue Team exercise live on the S4 stage. http://vimeo.com/85361869 The target was a Siemens SCALANCE switch with a known...
The idea for mining malware for evidence of targeting automation came out of reading several papers on Stuxnet that discussed the methods used to intercept calls to the S7 PLC. To summarize, Stuxnet replaced the Siemens stock s7otbxdx.dll with a new version that...
Sorry for the delay, but lot’s of news. ISASecure has launched the System Security Assurance (SSA) certification — “a system-level cybersecurity certification for industrial automation and control systems (IACS) products.” Very ambitious and...
