Practical SCADA Security

Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips

Monday, November 25, 2013

You may have heard some buzz in the press (both US and International) about the release of the Cybersecurity Framework Draft from the US National Institute of Standards and Technology (NIST). However, you may not know much about its background. And you probably don’t know what it may mean to you as a control or security professional. This blog post will give you a high level overview of the genesis of this document and some handy points of reference.

The Executive Order That Gets It all Rollin’

Regardless of where one lives in the world, we all know that our country’s national...

50,905 reads
Eric Byres
Tuesday, November 12, 2013

In last week’s Practical SCADA Security blog, I discussed how the new vulnerabilities discovered in DNP3 SCADA masters are carving big holes in the NERC’s concept of the Electronic Security Perimeter (ESP). Dale Peterson started the ball rolling in his blog “Why the Crain/Sistrunk Vulnerabilities are a Big Deal...

20,468 reads
Eric Byres
Thursday, November 7, 2013

If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way. Even the New York Times and...

12,145 reads
Heather MacKenzie
Monday, November 4, 2013

Today I am glad to be writing about a good news story. That story is that Belden's Eric Byres is being awarded the ISA (International Society of Automation) Excellence in Leadership award for his contributions to the automation industry in the area of industrial security.


This award must be particularly exciting for Eric because it is ISA's most prestigious award and is awarded by his peers, that is, members of ISA.


ISA President Terrence G. Ives remarked:


"When considering nominations, we look for someone whose vision has fostered a paradigm shift, whose leadership has profoundly impacted the...

8,082 reads
Eric Byres
Thursday, September 19, 2013

Eric Byres: One of the statements I continue to hear as I talk to executives, managers and engineers is "None of our SCADA or ICS equipment is accessible from the Internet." So this week’s blog contributor, Bob Radvanovsky, of, explains Project SHINE – his effort to determine if this statement is fact or fiction.

Shining a Light on a Big Problem

By Bob Radvanovsky:



Project SHINE (SHINE meaning SHodan...

16,511 reads