Another acquisition by Industrial Defender. This time it is Teltone and their Gauntlet dial-up security solution for substations and other field sites. No numbers in the press release so hard to determine if this is a buy out or bail out. The IT security industry is littered with companies that tried to roll up a [...]

Since we just can’t seem to stop talking about naming issues related to the Bandolier project (Audit File vs. Template, Categories, Severity Ratings), here’s one more: Tenable is changing their Nessus DirectFeed product to ProfessionalFeed.  This annual subscription service is a prerequisite for using the Bandolier audit files. Among other things, it also gives you [...]

I am creating a catalog of standard allowed connections from control system LANs, through the firewall and onto a DMZ or corporate environment. Examples of such connections would be: OSI Pi on port 5450, and GE Fanuc Proficy historian on port 14000. I believe the new “Hacking Scada” book by Clint Bodungen has such a list, but as [...]

One of the fun things about working for Digital Bond is that we get to share some of our back-end conversations and thought processes here on the blog when we feel they will be of benefit. We recently had one of those discussions regarding terminology for the Bandolier project.  It started something like this:
Dale: So [...]

Vulnerabilities were announced in Ruby during the last week.  Details are still limited, but they’re starting to seep out as people start analyzing the patches/source tree.   These vulnerabilities, and others like it in Python/Perl/etc are interesting for a lot of reasons but mostly because too many people point to using these languages as a safe [...]

You may have noticed a few changes to our web content last week. Here’s a run down of the changes.

The most important change is not obvious. We have significantly reorganized the content. There was an inconsistency and overlap on what went under resources, research and in the SCADApedia. We have solved that problem. The team [...]

EPRI is soliciting funding for a DNP Security Development, Evaluation and Testing Project. The project will develop the key management spec for Secure DNP3, test Secure DNP3 implementations and include a few other minor efforts. It is $25K for electric utilities to participate. [hat tip: Grant Gilchrist]
The IEEE Power and Power and Energy Systems Society [...]

We’ve talked occasionally about using the Bandolier audit templates to help with various standards compliance efforts. There is now a SCADApedia article that more formally describes how and where Bandolier links to the NERC CIP requirements.
Earlier this week I presented on our DoE projects to the SPP CIPWG, a group particularly concerned with NERC CIP. [...]

An interesting tech segment on Pauldotcom podcast, episode 110 at 21:00. They compare the design and engineering priorities for an inline IPS and IDS.
Inline IPS Priorities

1. Stability – at all costs stay up and don’t take down the network
2. Performance – don’t slow down the network traffic
3. No false positives – don’t block legitimate network [...]

Digital Bond’s third annual SCADA Security Scientific Symposium [S4] is now looking for leading/bleeding edge, innovative research papers for the January 21-22, 2009 event in beautiful Miami Beach. Read the official Call for Papers.
Every event claims to be best, but I believe we have really targeted S4 at the thought leader and researcher, purposely avoided [...]