Every year the percentage of international attendees has increased at S4. We are pleased that the event is pulling in the top researchers from around the world. There just isn’t another venue with detailed technical meat that focuses on control system security. This year a full 1/3 of the physical attendees are from outside the [...]

I recently added an article into SCADApedia that maps Portaledge functionality into NERC CIP requirements. As Portaledge leverages OSI Soft’s PI product, which has huge presence in the electrical segment, deploying Portaledge to assist in meeting compliance for some of the NERC standards is an easy decision.
NERC CIP Requirements that Portaledge can assist in [...]

In the spring of this year we released the first Portaledge Module: the Availability Module. The Availability Module offers some powerful elements for detecting intrusion by monitoring performance and resource metrics on both systems and on the network itself. This post will discuss some of the “classes” of events in the Availability package and how [...]

One of the true benefits of the recently released Portaledge Enumeration module is that it allows administrators to really see and understand what is communicating on their control systems. In talking with one of our early adopters, they noted that they had many more machines talking than what they previously thought. They used the alerts [...]

I wanted to give everybody a quick update regarding the Portaledge project. We have been working on a number of items to improve the quality of packages we have already released while we are working on the next sections of the project. Here is an overview of the improvements we have made:

We added [...]

Tenable announced today that Nessus now has database auditing functionality. This means that a session can be established with a database to run SQL queries and report the results just like the other policy compliance plugins. We see a lot of control system applications that use an MS-SQL or Oracle database, for storing both historical [...]

Based on the reviews from early adopters, the Bandolier security audit files exceeded many expectations in 2008, including my own. We have received some very encouraging feedback from vendors, asset owners, consultants, and even our own assessment teams.
With each new Bandolier release, though, we have a challenge. How do we appropriately communicate the effectiveness of [...]

Typically when I am referring to “permission” I am advising my students or audience to seek permission before performing any sort of security testing. This week I have been looking at permission in a different light, as it relates to the file systems, services, and programs on Windows systems. As a defender it [...]

Big news for Bandolier… last week at the PCSF Annual Meeting (now called the Process Control Systems Industry Conference), we presented on the project and unveiled an updated list of audit files. Newcomers include the AREVA eTerra and Emerson Ovation applications among others. Check out the complete list in the presentation or over at the [...]

Digital Bond is still hiring security researchers to help with Bandolier, Portaledge and Quickdraw. We have one need that is proving difficult to find: a controller wizard.
Various aspects of the projects require us to have multiple PLC’s, RTU’s and IED’s from different vendors in our lab. We have Rockwell Automation, DirectLogic and SEL in the [...]