People who build SCADA systems over local and wide area networks seem to have this notion that bandwidth and latency are not limiting factors, and security is a problem for someone else. Oh, if only that were true. The first thing everyone should do when working with a new RTU is to disable the services […]
In seeking international cyber norms for states, one should be careful about blowing smoke, sometimes it could start a fire.
Cyberspace by its very nature has an international dimension. Without it, there would be no possibility for the Internet to grow and function. In turn, threats that come from cyberspace also require an international response. Especially the threats to the devices used to monitor and control processes in critical infrastructure from state resourced APT’s. Threats […]
Still More Self Integrity Checks for SCADA: Tracking time and messages
I may be in the minority, but I actually try to make the most of the communications statistics features in a SCADA system. I have been tracking how many polls, replies, and timeouts are on each of the channels of our SCADA system. For some reason, nobody with any security experience seems to mention how […]
Monitoring RTU flags for SCADA Integrity
I wrote that there would be more about this subject in my earlier blog about self integrity monitoring at the Physical Layer of a SCADA system. In this discussion I will outline some things we’re doing to test for self integrity at the RTU level of a SCADA system. Some of you may know that […]
What Features Should an RTU Have?
People may not realize that the concept of the RTU is morphing. In decades past, we were merely looking for something that could report an event. But the goal-posts have moved. So what should an RTU really look like these days? Let’s look at some features: First, the RTU needs to have a clock. As […]
Uninterruptible Power Systems? HAH!
I’m ranting again. This is a recurring plague for me. Allow me to just get this out of my system right now: DELIVER ME FROM THOSE AWFUL OFFICE-GRADE UPS BOXES! I hate the damned things. Why? Because some idiot who can’t be bothered to deal with the more difficult issues just grabs one off the […]
Lessons from the film “Rogue 1” on the importance of security in the design process
Commander #1: We’ve analyzed their attack, sir, and there is a danger. Should I have your ship standing by? Gov. Tarkin: Evacuate? In our moment of triumph? I think you overestimate their chances. – Quote from the film Star Wars IV (1) The Star Wars film epic in addition to providing good entertainment raises some […]
Patching and Upgrading PLC Systems
A certain well known vendor of PLC equipment has been earning some heat from me recently. I’m not mentioning names because frankly, all of these big name vendors are facing the same problems. The issue is that even if we didn’t find sufficient reason to patch programs in a PLC, we’re finding that we have […]
The lack of comprehensive investigation and sharing of lessons from industrial control system incidents will continue to leave others as sitting ducks.
This past week news has surfaced about cyber-attacks directed against German industry. In particular about a suspected case of cyber espionage at ThyssenKrupp (1) (2). The announcement that a German steel maker was cyber attacked reminded me about the 2014 German Federal Government IT Department’s (BSI) report of a cyber-attack at an unidentified steel mill […]
Physical Layer Concerns
One of the more troublesome aspects of a control system is detecting when the I/O is broken versus a security problem of some sort. This is one of the keys between knowing that you’re being hacked versus having some sort of hardware failure. With that in mind, these are some measures I have found to […]