I’m thrilled to announce Digital Bond has received a research grant from DHS to pursue our investigation of Intrusion Detection and Security Monitoring of SCADA Networks. It is a Phase I Small Business Innovation Research (SBIR) contract from the Homeland Security Advanced Research Project Agency (HSARPA).
Loyal readers of this blog know this [...]

I was talking with Holly Beum of Interface Technologies about the Control Center Protection Profile, and she raised a simple question. Do all process control industries require this high-level of security? The short answer is of course not. Here is Holly’s attempt at starting a security level matrix.
High:
Product Controlled: Critical Infrastructure, [...]

I had the honor last week to speak at the first Regional IT Security Summit put on by Jamaica’s Central IT Office (CITO). Over 250 IT professionals gathered from throughout the Caribbean, and it was a very impressive event.
My keynote topic was Securing The Critical Infrastructure From Cyber Attacks. This is a common [...]

Digital Bond is in Broward County Florida – – right in the heart of all the 2000 chads. After the 2000 fiasco, the county purchased computer based voting systems. The clerks who had been working with paper and pencil for decades, literally, were given three hours of training on the systems and were [...]

We recently reviewed the functional requirements for the SPP. These comments may give you a better understanding on what requirements are available in the Common Criteria and how they are selected. This link will take you to the comments.
Remember the SPP is an ambitious project to lead to system certification which includes products, [...]

I’m curious if anyone in the SCADA world is using or has tried host based IDS on a control server. Send me an e-mail, peterson@digitalbond.com, and let me know.
We are very wary of host based IDS. First, it has all the potential problems of impacting performance similar to what we saw with [...]

Tired of trying to read Common Criteria lingo? Well, we have now made your life easy.
- a simple 10-minute questionaire on important issues in the Control Center Protection Profile
- a Control Center Protection Profile Made Easy presentation
- a FAQ on the Protection Profile
All of these links can also be found on our Control Center Protection [...]