Another mainstream IT security vendor has added a bit of SCADA intelligence to their product. This time it is a product aimed at the vendors for testing their implementation of SCADA protocols much like the Wurldtech Achilles product. 

Mu Security has added a DNP3 fuzzer capability to their MU-4000 Security Analyzer. This walks through the DNP3 protocol and systematically tests all the fields with incorrect data. The systematic nature is the key here. They are considering adding other SCADA protocols in the future.

Equally important is the standard IT protocol testing of http(s), ftp, the TCP/IP stack, Telnet, … available in this tool. These are protocols widely used and all too often SCADA vendors have taken shortcuts and not used reliable protocol stacks.

The MU-4000 is not cheap. It runs $40K - $250K depending on your configuration. An average configuration for testing a PLC is about $150K. The price is one reason why this is appropriate for the vendors, not the asset owners. The other reason is this type of testing should be part of vendor QA and not be a burden on the asset owner.

A large vendor can afford this type of tool, but the small and medium-sized vendors may not be able to swing this. It leads me to believe that a test lab business model for Achilles / MU-4000 may be the end result for the SCADA community.

PNL has been using this product in the lab and had some interesting results that are only semi-public at this time. Stay tuned.