We are pleased to announce the beta release of some Quickdraw software components today. Quickdraw is a Digital Bond research project funded by the US Department of Homeland Security (DHS). This beta release is the first three SCADA IDS preprocessors that were the crux of the Quickdraw project. They are:

DNP3
Ethernet Industrial Protocol (EtherNet/IP and [...]

We have been blogging about the benefits of virtualization in control systems, see the blog posts here. Asset owners have been reluctant to embrace virtualization until it was blessed by the vendor, and this is understandable. A few vendors have been working on virtualization support, and the highlight for me at the AREVA User Group [...]

Many of us in the Control System community feel pretty secure in the belief that our critical networks are not directly connected to the internet, and as such are insulated from attack. Apparently (and as oft has been stated) this is not sufficient protection, if the control systems communicates with a network that does have [...]

At S4 2009, Daniel and Kevin taught a security class.  Kevin demonstrated web attacks emanating from a browser client directed toward a server. The flip side of web server hacking uses a web server to attack the client system.  The Pwn2Own contest is a good example of the type of damage that can be done [...]

I’ll start off by saying don’t believe all the FUD that’s been going around, we all know how many members of the media area when they get hold of a story, especially one that can have a date in the future to speculate on.
That said, there are definitely some interesting things going on with the [...]

For those who were counting on war dialing being hacker passé, you may want to think again. A new tool (WarVOX) was made public this week that, using VOIP services, is able to scan a 10,000 number exchange in eight hours or less. It might be time to check those modem lines for “emergency” support [...]

I’ve talked to a few people recently who have control system security responsibility but are on a very tight or non-existent budget. Some things, like the network taps that we discussed recently, do have significant cost but there are many basic security steps that can be taken with little or no capital expense. We’ll identify [...]

Richard Bejtlich asks the question “Why Network Taps?” over at the TaoSecurity blog this week. I’m a huge fan of network taps for IDS, general monitoring and troubleshooting. It’s hard to beat the visibility a tap provides at your network entry and exit points. Bejtlich spells out several reasons why taps are a good idea [...]

Oracle released 41 security patches this week for a variety of their products. Ten of the patches were for the Oracle database – – that by the way is used in many SCADA and DCS servers.
We have seen great progress with vendors testing and certifying Microsoft patches on a timely basis. We have some progress [...]

The gist of discussion on my earlier blog on the “Relative Security of the ARM vs. x86 architectures” can be summarized in two bullets.
1.  It is interesting that at least theoretically, a proper Harvard Architecture based chip might provide a better foundation for building a secure control system than a von Neumann based chip architecture.
2.  [...]