We just finished a series of SCADApedia entries on security in Rockwell Automation (RA) controllers and software applications. The ControlLogix PAC (powerful PLC) is a prime example of why we are fans of the simple, little IEEE P1686 standard effort. The Logix family...
I’m not going to pick a winner this early, but two factors will determine the winner if history is any guide. 1) The better management system Check Point dominated the firewall market for a very long time primarily based on the easy of use and power of their...
I was waiting for something to inspire the March Monthly Checkup topic and the OPC Server Vulnerability Notes / Patching discussions came through just in time. Here are your check-up tasks for this month: 1) Verify management accepts the risks and approves your...
The Control System Cyber Security Self-Assessment Tool (CS2SAT) was presented at the PCSF Annual Meeting earlier this month. I had promised a review of this tool, and it takes place in two parts. The facts of the CS2SAT are in a SCADApedia entry and my comments on the...
A lot to cover here so I’ll break this into parts. Part 1 – Why Protocol Stack Testing Achilles is a black box testing platform. For those new to testing, the term black box means the tester and tools have no internal knowledge of the device being tested....
Update: Day two details have been added. Today is Solutions Day with four tracks. Nate Kube and I are presenting the Achilles Controller Certification from 10 – noon. LOGIIC First up for me is the Project LOGIIC presentation. I am lying in wait for Q & A...
We are off and running . . . I’d estimate about 150 attendees (officially 200 registrants) and a quick poll showed about 75% are first time PCSF attendees. Nice to see so many fresh faces and asset owners. This PCSF event is taking a different approach in focusing on...
Digital Bond is a small, I like to say boutique, SCADA security research and consulting practice. We try to focus on projects that will have a significant and near term positive impact on the SCADA security community. I believe we have a pretty good track record with...
There has been a fair amount of movement in some of the big names in SCADA security over the last year. To summarize: The latest is Joe Weiss leaving Kema and joining Applied Control Solutions, LLC. A friend pointed this out on the PCSF agenda. I call Joe the Paul...
No Enterprise Network / Control System Firewall Hopefully, you have implemented a firewall capability at the enterprise network / control system perimeter. Consultants use words like best practice, good practice, and recommended practice. There is another term...