Italian researcher Luigi Auriemma has released another set of vulnerability advisories and proof of concept exploit code for a variety of ICS products. He is finding overflows on the proprietary services the vendors are writing. You hear often in ICS,...
Dave Teumim’s Industrial Network Security, published by ISA, is a very basic, very short book that does a good job of introducing cyber security to an ICS manager with zero security experience. This “book” really is more of a pamphlet....
RLast week I introduced our Project Basecamp – Hacking PLC’s. This will be the Digital Bond paper at S4. There have been a number of questions of what we are doing, why we are doing it, what disclosure process we will follow … I’ll start with...
Eric Knapp’s book Industrial Network Security shipped this month and is also available for the Kindle. It is a tough book to review because the quality and accuracy was very uneven. As compared to other ICS Security books available today, grading on a curve, it...
ICS specific security sales are still a very small market, but today probably the biggest player in that niche, Byres Security, was purchased by Belden. Byres’ Tofino firewall and related security technology will most likely reside in the German based Hirschmann...
After reminding everyone of the Sept 18th deadline for the S4 Call For Papers earlier today, I thought it would be a good time to provide some details on the Digital Bond paper that will be presented at S4. We are calling Project Basecamp. The Basecamp presentation...
Utility Investment reports that a new Pike Research study, Industrial Control System Security, estimates the ICS Security market to total $4.1B between 2011-2018. Hooray, we are all going to be rich. The article nor the Pike Research site provides detail on how this...
Save your money and don’t buy this book. We won’t even link to a page where you could buy it. The reason for the worst, 1-star rating is this book is not about SCADA Security. It is a collection of general purpose IT security chapters written by a...
Siemens is a marketing genius (evil genius?). At Black Hat, the mistreated researcher actually thanks Siemens, praises Siemens and lets “Siemens” speak about how much they care about security. I hear rumbling through the crowd that isn’t it great that Siemens is here...
It would have been easy for Ralph Langner to write a first hand book on the twists and turns of the Stuxnet story. Instead, he goes in a completely different direction by writing essentially an engineering practices book, Robust Control System Networks. And it is one...
