We have created a SCADApedia entry on Secure DNP3 as a companion to the recent podcast with Grant Gilchrist. We should have a DNP3 entry up in the next day or so for those new to the protocol.
Also don’t forget the DNP3 IDS signatures that have been deployed in many of the commercial IDS and [...]

Our first podcast is now available.

Here is a direct link to the podcast if your reader blocked the embedded reader.
In it I talk with Grant Gilchrist of EnerNex about the Secure DNP3 protocol developed by the DNP User Group. Grant was one of the Secure DNP3 authors and explains the protocol and the reasoning behind [...]

We added two new SCADA IDS signatures for DNP3 to our SCADA IDS release package. Like the recently released Modbus TCP signature update, these two new DNP3 signatures will identify when an attacker is performing a reconnaissance scan of a DNP3 outstation (PLC, RTU, IED, etc.) The first signature will identify someone scanning for [...]

Another mainstream IT security vendor has added a bit of SCADA intelligence to their product. This time it is a product aimed at the vendors for testing their implementation of SCADA protocols much like the Wurldtech Achilles product. 
Mu Security has added a DNP3 fuzzer capability to their MU-4000 Security Analyzer. This walks through the DNP3 [...]

Most protocols (particularly SCADA protocols) and many field devices have a “magic packet” that allows them to say HERE I AM! that are great candidates for discovery algorithms in vulnerability scanners such as Nessus.
I discussed this phenomena in an ISA Talk back in 2003. See the slide on “discovery protocols.” The best way to find [...]

I had a chance to talk with Grant Gilchrist of Enernex at Distributech about the efforts to add security to DNP3. This is an effort of the DNP Forum and others through IEC TC57 WG15. The six part draft standard is 62351.

Part 5 of the standard will provide authentication and integrity at a minimum. This [...]

I’m teaching the SCADA Security class for Infosec Institute next week in Chicago and in early September in DC. We have been able to add a couple more labs thanks to kind loans by some vendors.
Triangle MicroWorks is allowing us to use their Communication Protocol Test Harness and Plantdata is sending some of their field [...]