Eric Knapp’s book Industrial Network Security shipped this month and is also available for the Kindle. It is a tough book to review because the quality and accuracy was very uneven. As compared to other ICS Security books available today, grading on a curve, it...
ICS specific security sales are still a very small market, but today probably the biggest player in that niche, Byres Security, was purchased by Belden. Byres’ Tofino firewall and related security technology will most likely reside in the German based Hirschmann...
After reminding everyone of the Sept 18th deadline for the S4 Call For Papers earlier today, I thought it would be a good time to provide some details on the Digital Bond paper that will be presented at S4. We are calling Project Basecamp. The Basecamp presentation...
Utility Investment reports that a new Pike Research study, Industrial Control System Security, estimates the ICS Security market to total $4.1B between 2011-2018. Hooray, we are all going to be rich. The article nor the Pike Research site provides detail on how this...
Save your money and don’t buy this book. We won’t even link to a page where you could buy it. The reason for the worst, 1-star rating is this book is not about SCADA Security. It is a collection of general purpose IT security chapters written by a...
Siemens is a marketing genius (evil genius?). At Black Hat, the mistreated researcher actually thanks Siemens, praises Siemens and lets “Siemens” speak about how much they care about security. I hear rumbling through the crowd that isn’t it great that Siemens is here...
It would have been easy for Ralph Langner to write a first hand book on the twists and turns of the Stuxnet story. Instead, he goes in a completely different direction by writing essentially an engineering practices book, Robust Control System Networks. And it is one...
Back in June, Honeywell’s Safety Manager was the first product to achieve ISASecure’s Embedded Device Security Assurance (EDSA) certification. It was certified to meet Level 1, the basic level. Level 1 is a significant accomplishment most PLC’s and...
ICS-CERT may be relieved the spotlight has been focusing on Siemens as their performance and information provided in the Stuxnet and Beresford vulnerabilities has been consistently late and of little or no added value. This makes no sense given the quantity and...
Dillon Beresford of NSS Labs finally went on stage to discuss the multiple vulnerabilities he has found in the Siemens S7 PLC’s. In Part 1 of the report, I’ll go into the details of the attacks as I understand them. Note that Siemens customers are still...
