I mentioned this back in March — Another hacker conference SCADA presentation. The presentation is now available for download. A quick review doesn’t show anything too groundbreaking but it was interesting to learn about an Italian project called CrISTAL (Critical Infrastructures Security Testing and Analysis Lab). From the website:
CrISTAL aims to develop security methodologies for […]

Stephan Beirer from GAI Netconsult in Berlin sent in this report from the Hannover Messe, a huge event in Europe.
Last year the IT security topic was a bit more prominent at the fair, with several discussion rounds and IT/SCADA security vendors exhibiting. This year the subject is a bit more hidden. Except for Industrial Defender […]

The RSA Conference is happening here in San Francisco, CA. A penetration tester by the name of Ira Winkler gave a talk at the conference stating that he was able to take control of a power grid. The article states Winkler and his team were told to stop within hours of the attack […]

The third day of the conference began with a presentation of a research work carried out by Dr. Jeffrey Hunker of the Carnegie Mellon University, and Mr. Robert Hutchinson of Sandia National Labs. This research investigates approaches to attribution of attacks on process control systems, namely characterization of attacks, identification of attacking machines, identification of […]

The second day of the conference began with a key note lecture given by Paul Kurtz, Partner and Chief Operating Officer, Good Harbor Consulting LLC. Mr. Kurtz provided substantial insight into practical concepts of cyber espionage at the present time. He also talked about a large cyber security initiative taken by prominent companies in the […]

The conference was organized by Dr. Mauricio Papa, Assistant Professor of Computer Science at the University of Tulsa, Dr. Sujeet Shenoi, F.P. Walter Professor of Computer Science at the University of Tulsa, and Eric Goetz, Associate Director for Research at I3P, and was supported by the Institute for Information Infrastructure Protection (I3P). The program committee […]

Raoul Chiesa, founder of the Italian security consulting firm mediaservice.net and the hacker site blackhats.it, will present on SCADA security next month at HITBSecConf Dubai. His presentation is titled “Penetration Testing SCADA and National Critical Infrastructure: Real-Life Experiences and Case Studies“. This is a continuation of a trend that Dale pointed out last year in […]

Over in Japan this week for a variety of reasons including participation and presentation at the FIRST Technical Colloquium. It is great to see FIRST and the coordination centers around the world gearing up for what we are certain will be an increasing number of control system vulnerabilities as these systems come under scrutiny.
One […]

I attended OSIsoft’s DevCon 2008 this week. While parts of the conference seemed to be more marketing than technology, there was some good information that I will be able to use for the Portaledge project. The most interesting talk was from Shane Hansen and Ken Rohde of Idaho National Laboratory (INL).
The presentation started […]

The 2nd annual IFIP Working Group 11.10 International Conference on Critical Infrastructure Protection is taking place at George Mason University, Washington D.C., from 17th March to 19th March. I’m attending this conference in person and will blog about its technical contributions. The conference program reflects research on a variety of CIP areas ranging from critical […]