If you have been thinking ISA 100 is the future wireless standard for control systems, you must read Walt Boyes analysis that the battle is over and Wireless HART has won. The tone and tenor of presentations I have been hearing for years is that ISA 100 is ready for...
I learned via @jimcahill of Bob Huba’s presentation on a new smart firewall offering at the Emerson Delta V Global User Exchange and was eager to learn more. An article on ControlGlobal has limited details on it, but more interesting was the step back in time by...
Jason touched on the growing frustration with NERC CIP, and the realization that in many ways the CIP mandated compliance focus is actually impeding security progress. Joe Weiss has led the charge that CIP should be replaced with NIST SP800-53, but this comes as the...
Symantec posted yesterday the definitive analysis of Stuxnet to date. It’s long, detailed, easily understood and overall a fantastic piece of work. Evidently they were holding this detail for a conference on the 29th and even more detail will be available in a...
One more Stuxnet post before we move on. A few different issues and thoughts to cover so I’ll number them. 1. ICS-CERT Failed The Biggest Test Yet The community expected ICS-CERT to lead not follow far behind in informing us about control system security...
Ralph Langner has posted even more technical data on Stuxnet, breaking down the technical info so it can be more easily understood. For example, “if the return from FC1874 is ‘DEADF007″, original code is skipped”. He also theorizes the target...
This is going to be a Stuxnet week with more information and some larger issues, opinions and questions to follow. How did Ralph Langner and his team determine Stuxnet was targeted at a specific target and process? Well first of all it helps a great deal to have...
You can’t wrap fire in paper. Once the Stuxnet malware was available, it was only a matter of time before someone dug into the code and figured out what it did. Ralph Langner and his team are the best I know on the Siemens’ gear and protocol. It was fascinating to get...
People want a certain and definite solution to a problem, including security. Take these seven steps and you will be secure. Run this tool and you will find all vulns. Buy a product with this certification and you will not be compromised. Unfortunately security...
A small number of vendors are promoting unidirectional network security devices, most notably Waterfall Security Solutions from Israel. [FD: Waterfall has advertised on digitalbond.com] To their credit Waterfall has doggedly pursued the control system security space...
