ICS Vendor Security Strategies – Security Development Lifecycle

A major difference in ICS vendor’s security strategies is how much effort they are putting on security throughout the product lifecycle, or their Security Development Lifecycle (SDL). Put another way, how secure is their own code from common programming mistakes that...

Believe It or Not: Stuxnet Advisories Are Lacking

Stuxnet continues to be in the news: control system, infosec and general. It is widely covered with fact, theory, analogies and crazy conjecture, with the recent articles comparing the WellinTech vuln to Stuxnet being the latest foolish article and the NYT research...

Scoring The 2006 Energy Sector Security Roadmap

Roadmap to Secure Energy Delivery was published for comment. It is a revision of the 2006 Energy Sector Security Roadmap that has subsequently been highly leveraged/copied by other sectors. Before diving into the revised Roadmap, let’s take a quick look at how...

ICS Vendor Security Strategies

A recent ARC Advisory Group analysis of the ABB / Industrial Defender security partnership has me thinking about the different ICS vendor security strategies. I can think of at least four different strategies and will blog on them this week. Let’s start with the...

Automating Security Perimeter Monitoring/CIP-5

We are back on the Portaledge project, and if our loyal readers remember this year’s tasks are to develop the capability for the PI Server to perform the automated security monitoring for CIP-5 and CIP-7. These modules, as will a NERC CIP approach, will work for...

Characterizing Disclosed ICS Vulns

The activity of disclosed ICS vulnerabilities has increased gradually over the years and significantly since Stuxnet. A quick look at the last five products with published vulns on ICSCERT leads to two easy conclusions: The security community is locating free trial...

Stuxnet Hints to the Future of Next Gen Vuln Platform?

The initial focus of Stuxnet was the Windows 0days and impact on the PC’s. Slowly people started to focus on the impact to the PLC’s and process. But I hadn’t heard much about Stuxnet as a new vulnerability exploit platform approach until the...