April 2012

SCADA Security and Deep Packet Inspection – Part 2 of 2

Deep Packet Inspection (DPI) is important for the future of SCADA / ICS security - and in this article I explain why.  

DPI SCADA Security: Reviewing the Basics

In Part 1 of this series I explained DPI technology in detail. To review, the traditional IT firewall examines the TCP/IP and Ethernet headers in the network messages it sees. It then makes decisions whether to allow or block a message based on this limited information.

Why SCADA Firewalls Need to be Stateful – Part 1 of 3

Following on from Eric Byres’ discussion of Deep Packet Inspection (DPI), this article discusses a second and equally important aspect of effective firewall security referred to as “stateful inspection”.

Effective Security Requires Involved Leadership

Note from Eric Byres:  As cyber threats directed at industry become more common, it is important for top executives to become involved with their organization’s cyber security policies.  The following article by Ernie Hayden comments on the situation from an IT perspective.  My point of view is that today’s threats to operational systems merit the same degree of management attention.  Enjoy Ernie’s article and make use of the data in Verizon’s excellent report.

Why SCADA Firewalls Need to be Stateful – Part 2 of 3

In Part 1 of this series, I explained what a stateless firewall is and the hazards of stateless security.  In this article I will show you just how dangerously insecure these devices are.