Blogs

IT versus Control Systems…a word from a “recovering IT person”

Over on SoundOFF! Walt's posted a thought provoking piece by Wurldtech's Bryan Singer, who is also chair of SP99. Singer, who started out as an IT person, has made his bones in automation, and talks about why he agrees with Walt that process security is different. ...

Control systems ARE different

Control systems are different Control systems control the industrial infrastructure. Control system engineers are system engineers. Consequently they are conversant in control theory, electrical engineering, mechanical engineering, chemistry, physics, computer programming, and for nuclear plants, nuclear engineering.

ON the subject of Aurora…

Next Thursday, the NERC Critical Infrastructure Protection Committee (CIPC) will have a session on Aurora - the Idaho National Lab demonstration of destroying a diesel generator via a cyber attack. The session will include utilities and vendors.

Disclosures, FUD, and the need to maintain credibility

The issue of disclosure is not just of software and programming vulnerabilities, but also disclosure of events. I have been following the issue of disclosures and FUD for quite a while and generally have been silent on the discussion.

Get your answers here…

Some Congresspeople have been asking questions-- intelligent, insightful questions, that indicate that the policymakers are really going to understand and take a role in cybersecurity: Question from the Honorable Michael T. McCaul: 1. What are the principal differences between the ISA 99 standards and the NIST best practices found in Special...

Winning with NERC CIP and still losing

You can be NERC CIP compliant, and still get fined...

Educating the narod on cybersecurity…control systems ARE different

The need for education for the "vast unwashed" is still extreme. Last Thursday and Friday, DOE sponsored the GridWise Interop Conference in Albuquerque. Generally, there are few common participants between security and interoperability discussions. It is not clear if the final rule on cyber security will impact the interoperability considerations...

Some thoughts from Jake Brodsky

Walt Boyes posting here... Jake Brodsky posted this on the SCADA list: http://www.securityfocus.com/news/11494 From the article: "'This is not a tech focus; it is a Washington focus,'  [James] Lewis said. 'You always have an opportunity, when a new administration comes in, to do some quick fixes and that is what we...

Here are Joe’s notes on the Homeland Security Cyber hearings

Congressional Hearing Notes 10-17-07

More About Congressional Testimony

Live links -- including video-- to my testimony are available here....