Friday News and Notes
- ISA SP99 Part 2 is out for ballot a second time with comments after addressing the first ballot comments.
- An opportunity for control system security research funding has opened in Europe. The EU will spend at least 20 million euro on this Critical Infrastructure Protection Research. Good news for our European researcher friends.
- Ron Gula from Tenable Network Security, the vendor that develops Nessus, blogged on our .audit file for OPC servers.
- Matt Franz has an interesting idea and project named PeerTab to use P2P to share threat information.
- Bryan Singer posted his review of Wurldtech’s Achilles QA Test Tool and Certification.
- ABB’s AC 800M controller has achieved Mu Security MUSIC certification. This is the second product that has achieved this certification.
- I’m sure you have heard about the DHS video and piece that CNN did. The full video is effective for gaining attention to various government officials and C-level executive. This video probably is no new news for regular blog readers. Two minor tidbits:”Can you say right now that this vulnerability has been eliminated” says Jean Meserve. “No. I can’t say it has been eliminated, but I can say a lot of risk has been taken off the table” answers Robert Jamison (DHS). Really?The focus on the meager Federal budget as the reason these vulnerabilities exist seems to be overplayed a bit both on CNN and other reporters chasing the story. Sure the government can do more to provide tools and guidance if the budget was larger, but most control systems are run by non-governmental organizations. They are the ones that need to take this seriously and allocate the money and other resources.
Author: Dale Peterson
Posted: September 28th, 2007 under Uncategorized.
Comments: none
Write a comment