Archive for 'NERC CIP'
Using Bandolier and Nessus for CIP-007 R1 Testing
Testing has always been part of making changes to a control system. When a change is made (e.g. new component, upgrade, patch), we have to know if everything is still going to work. Progressive asset owners have incorporated a security element into their functional testing for a while now. Some would even argue that it’s [...]
Author: Jason Holcomb
Posted: February 19th, 2010 under Assessment Tools, Bandolier, NERC CIP.
Comments: none
NERC CIP and Application Whitelisting Redux
My recent blog post on application whitelisting, and specifically the Bouncer solution, sparked a lot of offline discussion. One of those conversations was with someone who has a significant stake in NERC CIP and agreed to let me post his comments. I try not to get too involved in hair-splitting discussions about standards compliance but [...]
Author: Jason Holcomb
Posted: October 23rd, 2009 under Anti-Virus, NERC CIP.
Comments: 9
Portaledge and NERC CIP (Updated as I forgot the CIP 5 bullet point)
I recently added an article into SCADApedia that maps Portaledge functionality into NERC CIP requirements. As Portaledge leverages OSI Soft’s PI product, which has huge presence in the electrical segment, deploying Portaledge to assist in meeting compliance for some of the NERC standards is an easy decision.
NERC CIP Requirements that Portaledge can assist in [...]
Author: Kevin Lackey
Posted: October 14th, 2009 under DoE Research Project, NERC CIP, Portaledge, Uncategorized.
Comments: 1
NERC CIP, Low Hanging Fruit and the Weak Link
The NERC CIP cyber security work in the electric sector has been fast and furious as deadlines approach, as have the comments on the value, or lack thereof, of this effort. I am very confident in the following two conclusions based on working with many of the asset owners and vendors. They are so obvious, [...]
Author: Dale Peterson
Posted: May 28th, 2009 under NERC CIP.
Comments: 5
Thompson – Lieberman House Bill
The Thompson – Lieberman Bill is a modest legislative effort designed to give FERC more authority to regulate the bulk electric system, and is in fact an amendment to the Federal Power Act. This is not a surprise because a few congressmen and women asked FERC if they needed more authority in a leading way [...]
Author: Dale Peterson
Posted: May 6th, 2009 under NERC CIP, US Government.
Comments: 6
Assante Throws Down the Gauntlet on CIP-002
NERC entities declaring no critical assets may want to take another look at their risk based assessment methodologies. Michael Assante, NERC CSO, issued a letter to industry today that challenges self certification survey results that show only 31 percent of all entities declared at least on critical asset. Only 23 percent reported having at least [...]
Author: Jason Holcomb
Posted: April 7th, 2009 under NERC CIP.
Comments: 4
Is NIST a Model We can Live With?
Tom Flowers of Flowers Control Center Solutions sent me this interesting thought which I’m posting with his approval.
—–
“The Conficker worm – a malicious computer program that already has infected as many as 15 million computers worldwide, including at least five federal agencies …”.
Everyone has seen this statement flash across the news landscape recently. While [...]
Author: Dale Peterson
Posted: April 1st, 2009 under NERC CIP, NIST.
Comments: 8
FERC and “The Gap”
Against the wishes of NEI and many operators, FERC published an order today regarding NERC CIP standard applicability in nuclear plants. To save you 32 pages of reading, I’ll attempt to summarize here.
There was an apparent gap in regulation as nuclear facilities were explicitly exempted in the CIP standards but not all cyber assets with [...]
Author: Jason Holcomb
Posted: March 19th, 2009 under NERC CIP.
Comments: 2
NERC Adds CIP Manager
If you followed the Aurora vulnerability or are involved in the nuclear energy sector, then Timothy Roxey is a name that you will certainly recognize. NERC announced this week that he will be coming on board in a newly-created role — Manager of Critical Infrastructure Protection. He’ll be working with CSO Michael Assante on CIP [...]
Author: Jason Holcomb
Posted: February 17th, 2009 under NERC CIP.
Comments: none
On the need for regulation
Joe Weiss lays out an argument for regulation in the Unfettered blog today. I mostly agree with him on this point…
One would expect that a vulnerability as significant as this with such wide-spread notification and notoriety would be addressed post-haste. WRONG! One would at least think that the information would be made available to cognizant [...]
Author: Jason Holcomb
Posted: December 18th, 2008 under Big Picture, NERC CIP.
Comments: 6