Friday News and Notes
- The next MSMUG Manufacturing Summit will be held April 2-4 at Microsoft in Redmond. Not much has come out of this group in years past, but it is a good chance to talk with Microsoft senior management. Attendance will be limited to 150.
- Interesting research model where ABB and 9 of their customers pool dollars to fund INL security research on their systems.
- Invensys has teamed with Integralis to offer managed security services. We have recommended this to other SCADA and DCS vendors. The vendor knows exactly what should be monitored in their system, and the MSSP has the monitoring infrastructure and security expertise. It is could for the asset owners and another revenue stream for the vendor.
- Those interested in NERC CIP should take a look at the FERC Proposes Collecting Information on Aurora Mitigation comments. Good, meaty comments on the value of the NERC CIP’s, particularly NERC CIP-002’s consequence assessment, and what we should look for in the next gen CIP’s.
- UPDATE - US-CERT just issued a vulnerability note for the Gesytec Easylon OPC Server. This is one of the 25 vulnerable OPC servers that Luis Mora of Neutralbit discussed in his S4 paper last January. The patches are slowly trickling out. Upgrade your Easylon to 2.3.44.
Author: Dale Peterson
Posted: December 14th, 2007 under Uncategorized.
Comments: none
Write a comment