10 May 2010 | 2010
John Saunders with the National Defense University has been one of the most active participants in the control system security education and workforce development area. After seeing him again working on these issues at ICSJWG I wanted to get his view on the best way...
6 May 2010 | 2010
Byres Security and Invensys have announced a Tofino Firewall module for the Triconex Safety System. It looks an industrial device and has similar environmental specs, -40 to 70C, Class I Div 2 and Zone 2 approved. What is new about this product is OPC application...
5 May 2010 | 2010
Last week the ISCI, after quite a long delay, published draft requirements documents for 2 of the 3 legs of the Embedded Device Security Assurance [EDSA] certification. The Software Development Security Assessment and Functional Security Assessment documents are now...
29 Apr 2010 | 2010
In integrating IDS events into Portalegde one question becomes paramount. Namely: “Which events do we include?” As Portaledge will perform correlation and aggregation on all of the events “fed” to it, choosing a set of events that provides...
29 Apr 2010 | 2010
I’ve really been enjoying PJ Coyle’s Chemical Facility Security News blog the last few months. An entry this week on the Chemical Security Board’s Inherently Safer Technology tied into one of my entries earlier this week on MTTR. Here are the key...
28 Apr 2010 | 2010
The anti-virus update problem provides yet another education and awareness opportunity. Maybe you were skilled or lucky enough that this did not affect your control system at all, or only a portion of the system because of staggered av updates. But if it did, how long...
23 Apr 2010 | 2010
The first potentially successful effort in the US to have a control system security standard that had must and shall requirements and an audit plan was NERC CIP for the electric sector. The standards were first written broadly with general security requirements that...
22 Apr 2010 | 2010
Updating anti-virus signatures is important, and we have yet to see an owner/operator consistently and effectively apply the updates manually. So most are now pushing the signature updates out on a periodic and automated basis. [Note the automation is typically...
17 Apr 2010 | 2010
If a control system is hacked and there are no mechanisms in place to forensically trace the attack, you have no idea how the attack occurred and no clues on what to do to close/remediate the attack pathway. This lack of forensics leaves the system open and vulnerable...
15 Apr 2010 | 2010
The community is very hungry for threat data. So little is available than we crave and devour any bit. Last year saw the resurrection of the BCIT incident database, or some facsimile of it, into the Repository of Industrial Security Incidents [RISI]. This is one of...
