Some perspective on the complexities of a control system.
A neat article with some great photos of the operator’s consoles, HMIs and plant facilities of the largest nuclear power facility in Russia can be seen here. The article also contains some descriptions of the physical security including; a 30 km security perimeter filled with sensors, bio [...]

Joining me in the April ‘09 Edition of This Month In Control System Security:

Thomas Maufer, Director of Technical Marketing with Mu Dynamics
Jonathan Pollet, Founder and Principal Consultant of Red Tiger Security
Ernie Rakaczky, Principal Security Architect with Invensys Process Systems

This month’s topics are:

The US Senate looks to regulate the critical infrastructure, public and private, with [...]

 

 Standard Podcast [61:01m]: Play Now | Play in Popup | Download

Portaledge is Digital Bond’s control system security research project funded by the US Department of Energy. We recently issued the first release and are nearing the second, so this is a good time to discuss with practical examples, what Portaledge is, how it works, and how asset owners can implement it to detect cyber attacks [...]

It’s been a little while since we’ve had a Quickdraw update, and I wanted to fill everyone in on how we’re doing and the approach we’re using.

As we’ve described before we’re basing the project on the snort 2.8.x tree, and we could do much of the processing and alerting using only the snort rule language [...]

Many of us in the Control System community feel pretty secure in the belief that our critical networks are not directly connected to the internet, and as such are insulated from attack. Apparently (and as oft has been stated) this is not sufficient protection, if the control systems communicates with a network that does have [...]

As Dale and I were discussing Bandolier on the recent podcast, we identified an important concept that we haven’t completely covered here in the blog or SCADApedia–extending Bandolier with additional Nessus credential checks. Example: the Bandolier security audit files can audit services but not open ports. Not on their own anyway, but once you’ve configured [...]

Here is a bonus podcast this month focusing on the Department of Energy funded Bandolier project. This project creates security audit files that will determine if your control system workstations and servers are in their optimal security configuration.
Direct link to the podcast.

 

 Standard Podcast [60:35m]: Play Now | Play in Popup | Download

Bandolier Security Audit Files for Subscribers
Bandolier Two-Page Overview
Main Documentation Page

Podcast Info:
We [...]

The coding side of the first round of enumeration events for the Portaledge project is winding down and I am quite pleased with the results. Given that we can not perform deep packet inspection, but rather must examine the nature of the session it is still possible to detect some common/key enumeration techniques such as [...]

I’m presenting on Bandolier at the MatrikonOPC North America User Group in Houston today. In case you missed it, we just released Bandolier security audit files for the Security Gateway / Tunneller servers and hope to  have files for additional MatrikonOPC applications and other OPC servers soon.
Sean Leonard (MatrikonOPC VP) just gave a security overview [...]

More security audit files are now available from Bandolier, a Digital Bond project funded by the US Department of Energy. We are excited to announce a beta release package for MatrikonOPC Security Gateway/Tunneler servers. Asset owners and integrators will now be able to audit the security settings of this control system application component–both at the time [...]