Charles and I are currently working on adding modules into the Portaledge code base that help asset owners and operators to meet NERC CIP logging requirements (for more specifics on Portaledge and NERC CIP requirements see this previous blog post and the...
Yesterday, the Director of the NSA, Lt. Gen. Keith Alexander, now the Presidential nominee to head the new Cyber Command, stated that we should be allowed to counter cyber attacks if we can determine the attacker. Alexander mentioned the US has already responded to...
[I want to try to coin a new term that could be very useful: Control System IT. The discussions on “Operations vs. IT” or “control systems are different than business networks and applications” are legion. And like most long running arguments there is some truth in...
NERC issued an advisory on Rockwell Automation PLC/PAC vulnerabilities. It is odd in many ways. 1. There is no new information. This is all old news. 2. So many field devices used in this electric sector have these same or equally important security deficiencies. Are...
After reading the announcements and hearing the presentation from Wurldtech and Shell at ICSJWG, I was eager to read the WIB document Process Control Domain Security Requirements for Vendors. My understanding going in was this document was going to provide Vendors...
After 6 years considering security for control systems I have came to the conclusion that there is very little security in control systems. Sure we can take measures to tighten up the security of the PCs and devices that compose the system, but given the number of...
We do a lot more work in the generation and transmission side of the electric sector so Distributech is always a welcome show to learn more about the distribution side. And of course this year Smart Grid dominated the show. One very clear positive result from the NERC...
As I have started the code for using Portaledge to meet NERC CIP requirements some other security benefits from this process have become apparent. These benefits help to improve security by; creating data redundancy, and by leveraging the log data through the...
I have always admired the comments of Michael Toecker on our site and elsewhere, and offered him the opportunity to write an occasional blog entry here when he has something to say. Here is the first of hopefully many from Michael. Many asset owners in the energy...
Charles and I have generated a set of functions, scripts and documents for producing normalized Security Event Monitor (SEM) output and integrating the output with SEMs. Our target for this release was Tenable’s Security Center but the concepts and output will...
