We have covered Insecure By Design issues in ICS repeatedly on this site and at S4, resulting in some challenges to define what would make a PLC Secure By Design. This is a much harder task, but I will present some thoughts in a series of articles beginning here. The...
Quick post on some big names making moves to new companies: Ralph Langner announced today that he is forming the Langner Group in the US, and the first hire is Perry Pederson. Perry led the DHS Control System Security Program a few years back and most recently was...
I’m Mike Toecker, Computer Engineer. I’ve been working in the Electric Power industry for about 8 years now, doing cyber security and compliance work associated with the NERC CIP regulations. I’ve worked for a major electric power consulting...
A few more updates for those interested in S4x14. Press – We do allow a limited number of press to attend the event free of charge with priority given to the press that understands and covers ICS. If that describes you, and you would like to cover S4x14, send us...
After the pauldotcom webcast there were some twitter challenges and questions on what would make a PLC Secure By Design. RT @chrissistrunk: @joshcorman ask Dale when does a controller device meet the “secure by design” stamp of approval? 🙂 <-...
DHS’s ICSJWG is next week in Rockville, MD??? I guess it is still happening, but there isn’t a published agenda for the Nov 6-7 event on the ICSJWG web site area. Click on the announcement picture and you go 404. Plus there is the added bonus of no food at...
Our weekly update on what’s new with S4x14 in the past week. Check out the agenda and register before the event sells out. Mobile App This year we will have a mobile app for S4x14 that will include the schedule, speakers, white papers, presentations, area info,...
Today I’ll be on the SCADA panel as part of pauldotcom’s 350th episode. View it live at 11:30 EDT or listen to the recorded podcast later. Other panelists are Joel Langill, Patrick Miller and Justin Searle. If you are interested in the latest on the...
The US District Court for the State of Idaho ruled that an ICS product developer’s computer could be seized without him being notified or even heard from in court primarily because he states on his web site “we like hacking things and don’t want to...
On most Mondays we will provide an update on what is new with S4x14 week. Check out the agenda and register to guarantee your spot. News on Crain/Sistrunk Session You probably saw the Wired and New York Times article on Adam Crain and Chris Sistrunk’s research...