We are pleased to announce the beta release of some Quickdraw software components today. Quickdraw is a Digital Bond research project funded by the US Department of Homeland Security (DHS). This beta release is the first three SCADA IDS preprocessors that were the crux of the Quickdraw project. They are:

DNP3
Ethernet Industrial Protocol (EtherNet/IP and [...]

It’s been a little while since we’ve had a Quickdraw update, and I wanted to fill everyone in on how we’re doing and the approach we’re using.

As we’ve described before we’re basing the project on the snort 2.8.x tree, and we could do much of the processing and alerting using only the snort rule language [...]

During our application assessment of the OPC UA SDK, it was very clear that vendors creating OPC UA clients and servers are going to make a number of choices that affect security of their offerings. All OPC UA servers will not be created equal from a security perspective.
When the fixes from our assessment are completed, [...]

Or: “A Few Simple Suggestions for Improving Core Control System Security”
The core precepts of IT security are confidentiality, integrity and authentication, precepts not present in the design of most control systems, but there are some simple changes whose implementation would serve to greatly improve the security of control systems. Changes which could be readily and [...]

In the OPC UA SDK assessment, Digital Bond analyzed the OPC UA source code and binaries from the SDK. It should be noted that the source code will be unavailable to most OPC Foundation members.
As mentioned in Part 1 the overall code quality was quite good, but there were a small number of important [...]

As discussed in Part 3, mandating that an OPC UA server validate X.509 certificates prior to using them to create secure channels is essential. It is the foundation that all OPC UA security measures are built upon. Of course whenever you mention certificates and public key infrastructure [PKI] it makes people nervous. Understandably because PKI [...]

OPC UA is a complex, interleaved 12-part specification. To understand OPC UA security one has to read multiple parts of the specification, but we have provided an overview in an OPC UA SCADApedia page that continues to be developed.
The specification analysis portion of our assessment report had many findings at the Exposure, Concern and Observation [...]

Security assessments by their nature focus on negative findings that could lead to vulnerabilities, and the preponderance of our report focused on what Digital Bond viewed as security deficiencies in the OPC UA specification and SDK code. That said, there are numerous examples of positive findings and text in the report. In fact, there is [...]

Digital Bond has just completed a security assessment report on the OPC Unified Architecture [UA] protocol, and we will be issuing a series of blog posts supported with SCADApedia content on the results.
The assessment included both a paper security review of the multi-part OPC UA specification and an application assessment of the OPC Foundation’s Software [...]

There are a number of Japanese manufacturers who develop control system applications and devices. This is not news to people who attend control system events because they are quite active around the world. What was new to me was the protocols developed in Japan, dominant in Japan, widely used in Asia and beginning to get [...]