• Joe Weiss is now a contributor to Walt Boyes blog.
• Speaking of Control, a fantastic and comprehensive insert from Rockwell Automation was included with the April edition that I’m just getting to now. It is a separate magazine all in itself, about double the size of the Control issue, and covers the product line in some detail. Obviously a promotion, but very helpful for those that need to keep track of RA’s offerings.

Some more examples of the mainstream IT Security press hopping on SCADA security this week. The OPC vulnerabilities continue to get picked up with the same story and quotes repeated. In most cases there is nothing new worth reading, but it is worth noting the increased attention in a wider audience.

• CSO Magazine picked up Aaron Turner’s (INL) Congressional Testimony
• Bruce Schneier’s popular blog mentioned the OPC vulnerability and got 29 comments of widely varying knowledge and sanity and also sparked a discussion on an Australian listserv.

A number of upcoming control system security events and standards meetings coming up:

• The Platts 5th Annual Cyber Security for Utilities Conference in Houston next week was new to me, but it has an impressive list USG and NERC presence. Appears to be at the executive / policy level.
• ISA’s SP99 Working Group 4 will have a working meeting in Scottsdale, AZ June 25 - 27. This WG is writing SP99 Part 4 which is where the meat of that standard will be - - the normative statements with musts and shalls.
• Coincidentally, the OPC Foundation’s UA Devcon 2007 will be held in Scottsdale, AZ at the same time. Security is only a small portion of this event.