Eric J. Byres

Eric Byres, CTO and co-founder of Tofino Industrial Security - portrait image for Tofinosecurity biography.Chief Technology Officer
Tofino Security
eric.byres(at)belden.com
Tel. +1-250-390-1333

PDF Eric Byres Introduction

SCADA Security Expert

Recognized as one of the world's leading experts in the field of SCADA security, and with a background as a process controls engineer, Eric Byres brings a unique combination of deep technical knowledge plus practical field experience to his role as CTO and VP Engineering for Tofino Security at Belden Inc.

Technical Visionary

Eric’s vision for cyber security includes two key pillars: robust security tailored for industrial requirements, and simple deployment. This vision is engineered into every aspect of the award winning Tofino Industrial Security Solution.

Stuxnet Expert

Eric has researched and written extensively about Stuxnet, the malware discovered in the summer of 2010 that has been a game changer in the world of industrial cyber security. Visit Stuxnet Central for a list of materials that Eric has contributed to understanding and assessing Stuxnet.

ISA Fellow

Eric has been responsible for numerous standards and best practices for data communications and controls systems security in industrial environments. This was formally recognized in October 2009 when the International Society of Automation (ISA) awarded him the very rare honour of ISA Fellow for his outstanding achievements in science and engineering.

Critical Infrastructure Security Researcher

Before starting Byres Security, Eric founded the British Columbia Institute of Technology (BCIT) Critical Infrastructure Security Centre. He shaped it into one of North America's leading academic facilities in the field of SCADA cyber-security, culminating in a SANS Institute Security Leadership Award in 2006.

Contributor to Industry Standards

Eric has contributed greatly to industry standards. Eric has been:

  • Chair of the ISA99 Security Technologies Working Group, which is responsible for the standardization of technologies for Industrial Automation and Control System cyber security
  • Chair of the ISA99 Cyber Threat Gap Analysis Task Group, which is responsible for conducting a gap analysis of the current ISA/IEC 62443 standards with respect to the rapidly evolving threat landscape, as demonstrated by the higly publicized Stuxnet malware.
  • Canadian representative for IEC TC65/WG13, a standards effort focusing on an international framework for the protection of process facilities from cyber attack

Author and Blogger

The SCADA security community has benefited from the large number of articles, white papers and Practical SCADA Security blog posts contributed by Eric.

Downloadable list in PDF format of over 60 publications by Eric Byres Download a list of over 80 of Eric's publications (including his writing awards)

Speaker

“I went to your presentation and found it very informative. This was the best security presentation I have listened to in a long time.”
Mike M., Process Systems Specialist, Major Petroleum Refining Company, June 2011

Eric has spoken at many industry events, and he is known for his down-to-earth and informative speaking style.

Eric's upcoming speaking commitments

Eric's Recent Speaking Engagements

Year

Event Presentation Topic

2011

AIIC - Seminar on Cyber Security

SCADA Control System Security in CIP in a Post-Stuxnet World

2011

Power Connect 2011

Power plant control security in a post-stuxnet world

2011

Cyber Security for Energy Delivery Conference

Securing Past, Present and Future SCADA and Smart Grid Technologies

2011

NSA Trusted Computing Conference

Protecting Critical Infrastructure from Malware, Hackers and Stupidity

 

2011

Belden/Hirschmann 2011 Mission Critical Network Design Seminar

Mission Critical Security in a Post-Stuxnet World

Presentation page

Related Presentation - What does Stuxnet mean for ICS?

2011

2011 Siemens Automation Summit

How Stuxnet Spreads – A Study of Infection Paths In Best Practice Systems

News Coverage of this topic

White Paper - How Stuxnet Spreads

Presentation - What does Stuxnet mean for ICS?

2011

2011 Honeywell Users Group Americas Symposium

How Stuxnet Spreads – A Study of Infection Paths In Best Practice Systems

News Coverage of this topic

White Paper - How Stuxnet Spreads

Presentation - What does Stuxnet mean for ICS?

2011

2011 AusCERT Information Security Conference

Who turned out the lights?

News coverage of Eric's talk

2011

Live Webinar: OPC Security you can Bank on - in a Post-Stuxnet World

OPC Security you can Bank on - in a Post-Stuxnet World

White Paper - Effective OPC Security for Control Systems

Eric Byres' first related blog article

Eric Byres' second related blog article

John Cusimano's related blog article

2011

2011 Control Systems Security Workshop

Protecting Canada's Critical Infrastructure

2011

I4: International Information Integrity Institute

The Way Ahead - What Does it Mean for Process Control Systems?

2010

2010 International Concept Development and Experimentation Conference

Cyberspace Defense of Critical Infrastructure

2010

Maintaining Healthy and Secure Systems - Live Webinar

Maintaining Healthy and Secure Systems

2010

ICSJWG Fall 2010 Conference

SCADA and Control Systems Security: New Standards Protecting Old Technology

Eric's blog about the conference

2010

Invensys North America OpsManage'10 Conference

Triconex / Tofino Firewall and Embedded OPC Testing

News Coverage of this topic

2010

Information Security Solutions Europe (ISSE) 2010

SCADA and Control System Security: New Standards Protecting Old Technology

2010

2010 Belden Mission-Critical Network Design Seminar

The Good, Bad, and the Ugly Futures of Control System Security

PowerPoint presentation of this topic

2010

ABB Automation & Power World 2010

WCS-186-1 Tricks for making remote access to SCADA systems both easy and secure

2010

ICSJWG Spring 2010 Conference

Fingers Burned and Lessons Learned: Securing Modbus TCP and OPC with Deep Packet Inspection Technologies

Professional Achievements:

Year

Professional Achievement

Description

2013

ISA Excellence in Leadership 

Awarded by the International Society of Automation (ISA), this award recognizes Eric for his leadership in developing numerous innovations, industry standards, and best practices in industrial cyber security.

2009

ISA Fellow

Awarded by the International Society of Automation (ISA), this prestigious honor acknowledges Eric's outstanding achievements in scientific and engineering fields, as recognized by his ISA peers.

2006

SANS Institute Security Leadership Award

Awarded for industry-leading innovation in making effective security easier for users.

2004

ISA Donald P. Eckman Education Award
 

ISA Standards and Practices Award


BCIT Applied Research Award

Recognition for an outstanding contribution(s) toward education and training in the science, engineering and technology of instrumentation, systems, and automation.

Presented to recognize and stimulate individual accomplishments and contributions to Standards and Practices in instrumentation, systems, and automation.

Awarded for contributions to security research.

2003

Congressional Witness:
U.S. House of Representatives

Eric provided testimony to the U.S. Congress on the “Security of Industrial Control Systems in National Critical Infrastructures”.

2002

Advanced Systems Institute (ASI) Fellowship

Awarded fellowship for industrial network security research

2001

Founder of BCIT Critical Infrastructure Security Centre

Eric shaped this centre into one of North America 's leading academic facilities in the field of SCADA cyber security.

Qualifications

Eric has a Bachelor of Applied Science degree and is a Professional Engineer (P. Eng.).

Additional photos:

Click image thumbnail for high resolution image

Eric Byres - presenting threats on Industrial Security at a conferanceEric Byres - Accepting ISA Fellow for work pioneering industrial and SCADA security.Eric Byres - portrait in industrial plant setting