Blogs

So you think Bob Adamski's nightmare is wrong? Read on!

Bob Adamski, Invensys' SIS guru, has been talking about the hacking of process safety systems for several years now. I think he's right, but we appear to be in a minority. Bob gave me his nightmare about how this could be done several years ago, and I've had it for a...

CIA says cyber attacks are real...is it FUD or not?

Several people, including a thread on the A-List at www.control.com have taken notice of the CIA disclosure at SANS last week and have been asking about the veracity of the report. I posted the following, earlier today, on the A-List.

Joe Weiss on the FERC "approval" of the NERC CIPs

Over on "Unfettered" Joe Weiss reports that FERC has played Solomon with the NERC CIPs and the recommendations from people like the SP99 committee. Solomon, you will recall, determined who the mother of a baby was by threatening to cut it in half.

A lovely thought to take into the weekend with you....not.

Maybe this should be a candidate for Letterman's "stupid people tricks" but in fact, it is not only true, but very sad. Over on Joe Weiss' blog Unfettered, he posted yesterday about home thermostats that are designed and mandated by law in California to be communicating over the Internet to...

A Demonstration Process Control Network?

He wants to create a live, working process control network as a test bed for cybersecurity. What if... The establishment of a neutral Demonstration Process Control Network (DP...

Does SANS bite?

Sorry, I couldn't resist the pun. Joe Weiss posted on Unfettered this morning a clip from the blog, SANS Bites. In it he takes issue with the editor of SANS Bites' self-serving, and industry-serving statements about how nobly the industry is trying to achieve cybersecurity nirvana. What rot.

Control systems ARE different...yes they are!

  Joe Weiss posted a great discussion of how and why they are different, and why control engineers are different and have different training and skills at Unfettered. Once again, it becomes clear that control systems, whether they are machine controllers, cell control systems, single loop control systems, DCS systems...

Joe Weiss makes an interesting point...

From Unfettered...: "Next Thursday, the NERC Critical Infrastructure Protection Committee (CIPC) will have a session on Aurora - the Idaho National Lab demonstration of destroying a diesel generator via a cyber attack. The session will include utilities and vendors.

Cybersecurity disclosures-- the game everybody can play

Joe Weiss posted an extremely thought-provoking blog entry this morning on Unfettered. He questions the hacker/cracker cultural meme of disclosing cybersecurity vulnerabilities for the sheer pleasure of doing it. I think Joe's on to something here. We have a serious problem in cybersecurity in control systems...we don't have en...

Joe posted his own notes on the Congressional cyber hearings at Unfettered

So if you want to read them, go here....