Clik here to view.
Thoughts on NERC CIP V5 Unit Splits
I’ve been looking over the NERC CIP v5 lately, because of a few discussions I’ve had over the past week. Mainly, it’s been the compliance requirements for the 1500 MW Critical Generation cutoff point...
View ArticleClik here to view.
100,000 Vulnerabilities
Guest author Andrew Ginter is the Director of Industrial Security at Waterfall Security Solutions, the makers of hardware-enforced unidirectional security gateways. The popular press cites an...
View ArticleClik here to view.
Cloning Devices to meet NERC CIP, An Approach
Owners conducting a NERC Cyber Vulnerability Assessment have a requirement to annually verify ports and services. On Windows and Unix based systems, it is trivial and safe to pull a list of listening...
View ArticleClik here to view.
British Smart Meter Economics Analyzed
Ross Anderson (past S4 keynoter) and Alex Henney published a paper on the failed economics of the British smart metering project (UK). They contend that when the economic case didn’t work out. the...
View ArticleClik here to view.
Value, Risk, and Patch Testing Services
For a bit of history that we all know, ICS wasn’t originally built to be patched and updated on a regular basis. In an automation world that demanded static systems that could perform their function...
View ArticleClik here to view.
Assante Counterpoints on People, Process & Technology
Guest author Michael Assante is President and CEO of NBISE, an organization focused on improving the cybersecurity workforce. Michael’s career has included ICS security roles with an asset owner,...
View ArticleClik here to view.
Langner’s RIPE
Ralph Langner is best known for discovering how Stuxnet actually altered the logic in the Iranian’s S7 PLCs, but he has a history of great research prior to that and is a strategic thinker as well. We...
View ArticleClik here to view.
ArchC0n ’14 Report
I spoke at the inaugural ArchC0n in St. Louis this Saturday. The main reason I chose to go to this IT security event was they had Richard Bejtlich, Bruce Schneier and Charlie Miller as keynotes. Quite...
View ArticleICSage Video: Eireann Leverett on Catastronomics
Eireann Leverett of the University of Cambridge Centre for Risk Studies looks at control system related catastrophe scenarios and the economic impact of these scenarios with an eye towards how...
View ArticleWhy Invest In Complexity (Toecker)
This guest post is by Michael Toecker of Context Industrial Security and a Digital Bond Alumnus. It first appeared on the SCADASEC list. I thought it was great, and Michael kindly allowed us to post it...
View Article