ICS Security Requires an Overall Perspective

Posted by Eric Byres on 28/02/2013

Editor’s Note: this is an excerpt from the Pike Research Blog.

The story goes that a group of business people were stranded on a desert island with a bountiful supply of canned and therefore imperishable food, but no way to open the cans. As the group struggled to find a solution the lone economist in the group piped up, “Assume a can opener…”

Sometimes it seems that’s how we approach industrial control systems (ICS) security. “Assume a secure perimeter…” It’s not fair to expect any single product or any single vendor to provide complete security for ICS networks, and yet we seem stuck in a world of point-solution purchases and security without any overriding architecture. It’s as if we’re saying, “If I can just get me some [insert technology of the week], then I’ll be secure.” Read more »

“Rip and Replace” is Not How SCADA Security will Improve

Posted by Eric Byres on 13/02/2013

As a reader of this blog you likely don’t need to be convinced that SCADA and ICS Security need to be greatly improved. There are several ways to go about accomplishing that, and I am glad that there is a healthy dialogue underway on this topic within the industrial security community. This includes the back and forth between myself and Dale Peterson of Digital Bond, that continues with this article.

When I attended Digital Bond’s S4 Conference earlier this month I heard Dale talking about “SCADA apologists”; however, I didn’t think he was referring to me. Then, in a blog article posted yesterday, he says “I’m disappointed that Eric went the SCADA apologist route”.

I am writing today to restate my position on what I believe needs to happen to improve SCADA and ICS security. I will also clarify where our own Tofino Security products fit in. Read more »

Posted in Industrial Security
Tags: ICS Security, SCADA Security
2 Comments

SCADA Security in 2012: Eric Byres Evaluates his Predictions

Posted by Eric Byres on 31/12/2012

Editor’s Note: This article was contributed by Laura Mattson, marketing specialist.

Early in 2012 Eric Byres wrote a blog article predicting what he thought would happen in 2012 with regards to SCADA and ICS security. I went back to his blog and highlighted the four main predictions he made. Then I asked him to rate himself on each one. Read more »

Posted in Industrial Security
Tags: Flame, ICS Security, Industrial Security, Shamoon Malware
Leave a comment

SCADA Security Basics: Integrity Trumps Availability

Posted by Eric Byres on 14/11/2012

In last week’s blog, Heather wrote an excellent summary of Mark Cooksley’s network security presentation regarding “Why Industrial Networks are Different than IT Networks“. In it she noted that the number one goal of ICS security is based on the concern for safety. This is spot-on in my opinion. However, there is more to consider when it comes to industrial security priorities… Read more »

Posted in Industrial Security
Tags: ICS Security
Leave a comment

Understanding SCADA Jargon

Posted by Eric Byres on 12/09/2012

Recently I saw a posting on LinkedIn asking “What’s the difference between a SCADA system and an ICS system, and if there is no difference, then why do we have two different names?”

This is a good question, because unless you have worked in the industrial automation field for a few decades, the terminology can seem very confusing. Not only do we have SCADA versus ICS, we also have terms like Process Control, Discrete Control, Industrial Automation, Manufacturing Automation Systems, Distributed Control Systems, Energy Management Systems and so on.

The Quick Answer

Now the quick answer is that Supervisory Control and Data Acquisition (SCADA) is a subset of Industrial Control Systems (ICS).

SCADA generally refers to control systems that span a large geographic area, such as a gas pipeline, power transmission system or water distribution system. I use both terms together because SCADA is often better known by the press, government officials and the public, but ICS is probably the technically correct term to use if you are referring to industrial automation of all types. Read more »

Posted in Industrial Security
Tags: DCS, ICS Security, Industrial Network Security, MTU, RTU
Leave a comment

SCADA Security Improves with ISASecure Certifications

Posted by Eric Byres on 06/09/2012

Editor’s Note: This is an updated version of this article, which was first published the Tofino Security Blog on June 14, 2011.

Honeywell and the ISA Security Compliance Institute last week announced that two more Honeywell products, the Experion® C300 DCS controller and the Experion fieldbus interface module (FIM) joined the Honeywell Safety Manager in achieving its pioneering ISASecure Level 1 certification. Following this announcement Dale Peterson questioned the value of some aspects of ISASecure certification.

Here is why I believe, as I did in June 2011, that ISASecure certification is valuable. Read more »

Posted in Industrial Security
Tags: Honeywell, ICS Security, Industrial Networking Security, ISASecure
Leave a comment

Are you a good fit for this job? District Sales Manager in Cleveland, OH http://t.co/sIzgMA1SbT #job about 2 hours ago
Air Gaps Won’t Protect Your Operations | Automation World http://t.co/QK5BPufqi3 about 18 hours ago
Account Manager in Clayton, MO http://t.co/Vah9ZCgwIS #job about 23 hours ago
Now Hiring: Account Manager in Milwaukee, WI http://t.co/sQEmZdOqKG #job 17:53:19 May 16, 2013
There are no standards for VFD cable - make sure you know the traits that protect equipment & uptime http://t.co/XsKn1FsGmV 00:05:54 May 16, 2013

beldensolutions.com

Featured Bloggers

Popular Tags

Post navigation