The AGA-12 effort was very concerned about the performance impact of crypto since they were in a low bandwidth, low processing power environment. So they spent some time developing a tool to calculate the impact. The tool requires you to enter about 20 parameters, i.e. number of header bytes, transmission rate, block length, and time [...]

The US House Committee on Homeland Security held a hearing on SCADA security on Tuesday. All of the testimony is available, see SCADA and the Terrorist Threat: Protecting the Nation’s Critical Control Systems. (hat tip: Mike Torppey).
A few comments on the testimony:
Andy Purdy, Acting Director of NCSD at DHS, gave a good overview of the [...]

Read Part 1
Read Part 2
While the need for management and question of market demand are by far the most important issues, there were a few other issues worthy of comment.
- The mode we would most likely recommend, a strong authentication-only mode is not defined. Most control systems prioritize the security goals as 1) availability, 2) [...]

Read AGA 12 Review - Part 1
1) Management (continued)

While the key management discussed in Part 1 has technical solutions to eliminate the requirement for a sophisticated management solution, there is no simple technical solution for managing the address table.
The address table maps SCADA addresses to a SCADA Cryptographic Module (SCM), or encryptor, that protects the [...]

The AGA 12 standard specifies a serial link encryption and authentication protocol for SCADA field communications. Why is this protocol different than other security protocols? This protocol must address low latency requirements in SCADA field communications; it must be SCADA protocol aware to extract and use the SCADA address; and it must pass modem commands [...]

The Gas Technology Institute (GTI) recently awarded a contract to Mykrotronx to develop an encryptor for SCADA serial links that meets the AGA 12 standard. GTI was hired years ago by the American Gas Association (AGA) to lead the effort to develop this standard. This contract is an important step to bring a commercial product [...]

I reviewed the AGA 12 cyber security documents in an earlier blog entry, and I haven’t tracked progress closely because I’m not a big proponent of encryption as the communication security solution.
A presentation at Distributech peaked my interest again, and there have been some changes and new developments.
First, prototype AGA 12 bump-in-the-line encryptors have been [...]