Dale Peterson

The Byres/Peterson Live Debate at S4x14

Dale Peterson and I have been debating ICS security in our blog posts for over a year now. This January, we took our debate live at the S4x14 conference in Miami, Florida. While Dale refers to me as a SCADA Apologist, I believe I am more of a SCADA Realist.

“Rip and Replace” Approach to SCADA Security is Unrealistic

As a reader of this blog you likely don’t need to be convinced that SCADA and ICS Security need to be greatly improved. There are several ways to go about accomplishing that, and I am glad that there is a healthy dialogue underway on this topic within the industrial security community. This includes the back and forth between myself and Dale Peterson of Digital Bond, that continues with this article.

Digital Bond Testing Proves Tofino Hardens Vulnerable SCADA Protocols

The SCADA Security Scientific Symposium (S4), put on by Digital Bond every year, is an event I look forward to. It brings together the leading researchers and thinkers on ICS security and is always exciting.

Address SCADA Security Vulnerabilities NOW, Not Later (plus CoDeSys White Paper)

Who is responsible for fixing the thousands (some say 100,000) of vulnerabilities that exist in PLCs, DCS, RTUs and other automation devices that are in use in facilities around the world?

On the one hand, we have the position of Dale Peterson at Digital Bond. Dale ardently argues for (and takes) aggressive measures to pressure ICS vendors into making their products more secure. Through their 2012 Project Basecamp and subsequent disclosures, Digital Bond publically released vulnerability details for a large number of controllers.

S4 SCADA Security Symposium Takeaway: Time for a Revolution

 I am flying home from Digital Bond’s S4 SCADA Security Symposium as I write this (BTW this was a stellar event where, even as a security expert, I learnt an amazing amount).  After listening to two days of excellent, but scary talks, the first thing that comes to mind is “SCADA/ICS security is in worse shape than I thought”. Much worse shape…

Siemens PLC Security Vulnerabilities – It Just Gets Worse

My optimism regarding Siemens and its approach to SCADA/ICS security has just taken another big hit. There are major security problems at Siemens and they are not close to fixing them.

I am embarrassed I gave them such high marks in my previous blogs.

Blaming Vendors Doesn’t Fix Today’s SCADA Security Issues

Last week in his blog article, Fix the Problem, Stop Bailing out Vendors, Dale Peterson made an impassioned statement that the SCADA security community:

“needs to put all our efforts and emphasis in the PLC, RTU, controller space on getting vendors to add basic security features to their models available for sale today… We should not say or pretend that any other solution besides this is acceptable. Fix the problem!”

Subscribe to RSS - Dale Peterson