Practical SCADA Security

Control System Security Threats, Security / Reliability Incidents, Useful Industrial Cyber Security Tips

Using Tofino Security to Control Stuxnet - New Application Note
submitted by: Eric Byres
on: Mon, 2010-11-08 09:35

One of the three pathways Stuxnet uses to infect other computers is via the Local Area Network communications inside the control system (the other two are via infected USB drives and via infected Siemens project files).

This blog post addresses how to restrict network-driven infections using the Tofino Industrial Security Solution as the example product for mitigation. Tofino is our own product, so you know where my bias is.  However, no matter what technology is deployed, the concepts I will talk about are the same.

Read more

Controlling Stuxnet – No More Flat Networks PLEASE. Let's Embrace "Security Zones".
submitted by: Eric Byres
on: Thu, 2010-11-04 12:38

In last week’s post, I mentioned that Eric Cornelius gave a very interesting talk at last week’s ICSJWG meetings. Cornelius works for INL (Idaho National Labs) and they are doing Stuxnet research for the US Government.

I want to highlight some of Cornelius’ comments, as well as other themes that came up that are important for the average SCADA / ICS system engineer or manager.

Read more

ICSJWG – recharging industrial cyber security
submitted by: Eric Byres
on: Thu, 2010-10-28 15:42

The Industrial Control Systems Joint Working Group (ICSWJG) Fall 2010 Conference just wrapped up today. For the first time, I was glad I attended. It was three days well spent.

If you haven’t heard of ICSJWG, you are not alone. It is a US-Department of Homeland Security initiative to give vendors, researchers and end-users a chance to network and explore the issues that make securing SCADA and industrial control systems difficult.

Read more

Stuxnet Mitigation Matrix Updated
submitted by: Eric Byres
on: Mon, 2010-10-25 11:27
Stuxnet Mitigation Matrix Updated
 
This is a short note to let you know that we have updated our Stuxnet Mitigation Matrix to version 1.1, based on feedback from our readers.
 
The new version addresses the need to test and/or confirm all mitigations, including firewalling the Remote Procedure Call (RPC) protocol.
Read more

Invensys OpsManage '10, Stuxnet and USB Keys
submitted by: Eric Byres
on: Fri, 2010-10-22 15:36

Just flying back from OpsManage '10, the Invensys Users Group meetings that have been going on all week in Florida. I missed a few days, so I can’t comment on some of the early presentations, but three things did catch my eye.

Read more

Eric Byres

The opinions expressed here are the personal opinions of the Contributors. Content published here does not necessarily represent the views and opinions of Tofino Security

© Tofino Security 2013

All Rights Reserved.