This document specifies requirements and gives recommendations for IT security to be fulfilled by vendors of process control and automation systems to be used in Process Control Domains (PCDs).
From the press release:
My book, Protecting Industrial Control Systems from Electronic Threats, has gone to the publisher. It is anticipated it will be published and available by the by end of April. The preorder URL is http://www.momentumpress.net/books/cyber-security-industrial-control-systems
The following was posted, among other places, on the SCADASEC listserv. Eyal Udassin, a well-known and well respected security researcher with significant experience with control system functional security has discovered a vulnerability in some of Rockwell's products, and he and Rockwell have moved quickly to fix the vulnerability.
In his blog "What do 9/11, the Detroit bomber and ICS Security have in Common," Joe Weiss makes some really good points.
Cross posted from Unfettered blog:
So when your plant blows up because you and your management have not figured out that it is cheaper and more profitable to operate safely and securely, how do you notify people without getting more people hurt or killed, and without creating panic in the streets?
Newly Formed Energy Sector Cyber Security Consortium Announces First Research Project Aimed At Improving Industrial Cyber Security Training & Education For Automation Professionals
Walt Boyes interviewed Bjorn Gudehus of Bell Canada, who is both a security analyst and an automation professional, and who has a distinctive voice and opinion on this important question.