June 2011, This Month In Control System Security we have two great interviews.
Interview 1: Dillon Beresford, Security Analyst, and Rick Moy, CEO, of NSS Labs
Dillon has received a lot of press lately since his aborted/delayed presentation at Takedown on the Siemens Simatic S7 vulnerabilities. He has put out some information; Siemens has put out some information; and ICS-CERT has put out some information. None of the information has been satisfying in its completeness and some of it has conflicted.
In this interview with Dillon and Rick we discuss:
- the time and resources Dillon had to find the vulnerabilities
- try to clarify the details of the vulnerabilities and fixes that are public now
- describe not-yet public vulnerabilites
- determine if these vulnerabilities are something new or a vulnerable by design feature in most PLC’s
- and explore a bit their view on Siemens technical response to the NSS Labs findings
There is a lot of information and clarity in the interview, but also some short answers and information withheld for BlackHat.
It takes a major effort to track all the twists and turns in the future of NERC CIP standards. The best resource we have seen to keep up to date is the Open Letters put out by Rick and others on his [in]Security Culture Blog. They are available free of charge, put registration is required.
I talk with Rick about Version 4, Version 5, CIP-10, CIP-11, Bright Lines, High Impact BES and more. There are no guarantees his crystal ball is accurate, but it will give you a likely outcome and the major factors affecting decisions about the future shape of the NERC CIP standards.
This Month in Control System Security is brought to you by:
Image by spDuchamp