SCADA Security
7 Steps to ICS and SCADA Security
February 2012
Cyber security threats, from sophisticated malware like Stuxnet, Night Dragon and Duqu, or from the publishing of an unprecedented number of security vulnerabilities, are causing a major disruption in the industrial automation market.
If you are a process control engineer, an IT professional in a company with an automation division, or a business manager responsible for safety or security, you may be wondering how your organization can get moving on more robust cyber security practices.
Two industry veterans, Eric Byres and John Cusimano, combine industry standards, best practice materials, and their real-world experience to provide an easy-to-follow 7-step process for improved ICS and SCADA security.
AusCERT 2011: Eric Byres demonstrates SCADA protection
January 2012
AusCERT 2011: Eric Byres demonstrates SCADA protection
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
SCADA Security: New Standards Protecting Old Technology
December 2011
Article in: Electric Energy Magazine, December 2011
Supervisory Control and Data Acquisition (SCADA) systems have undergone a technological revolution over the past 20 years that has been nothing short of mind-boggling.
In this article, Scott Howard, System Architect at Byres Security Inc., explains how the integration of new technologies can subject existing SCADA systems to new stresses and threat sources that the systems were never designed to handle.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
SCADA and CIP Security in a Post-Stuxnet World
October 2011
Presentation from: Byres Security, October 2011
"SCADA and CIP Security in a Post-Stuxnet World" summarizes a lot of information about the Stuxnet malware and how it has affected SCADA and CIP security. The presentation also goes into detail about the possibilities of a Son-of-Stuxnet.
The presentation is ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Analysis of the 7-Technologies IGSS Security Vulnerabilities for Industrial Control System Professionals
March 2011
A number of previously unknown security vulnerabilities in the 7-Technologies Interactive Graphics SCADA System (IGSS) product have been publically disclosed. The release of these vulnerabilities included proof-of-concept (PoC) exploit code.
This White Paper summarizes the current known facts about these vulnerabilities. It also summarizes the actions that operators of SCADA and ICS systems can take to protect critical operations.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
Analysis of the ICONICS GENESIS Security Vulnerabilities for Industrial Control System Professionals
March 2011
A number of previously unknown security vulnerabilities in the ICONICSTM GENESIS32TM and GENESIS64TM ICS/SCADA products have been publically disclosed.
This White Paper documents the current known facts about these vulnerabilities. It then summarizes the actions that operators of SCADA and ICS systems can take to protect critical operations.
Member Login RequiredDue to the sensitive nature of this document, you must be logged in to access it.
Login Register to become a site member (free) Contact Us
What Does Stuxnet Mean for Industrial Control Systems?
March 2011
Presentation from: Byres Security, March 2011
"What Does Stuxent Mean for Industrial Control Systems - The Future of Critical Infrastructure Security" summarizes a lot of information about the Stuxnet malware and discusses what it means for the future of SCADA and ICS security.
This presentation is ideal for anyone needing a crash course on Stuxnet, or as a tool for informing management about the implications of it.
Eric Byres
