New Vulnerability in OLE reported by CIAC-- most considered "critical"

See the report:  The questions are: Does this vulnerability carry over into OPC-UA? And when do we GET OPC-UA?...

Homeland Security pronounces on control system security

The US Department of Homeland Security released its Catalog of Control Systems Requirements (Draft) July 2007  today. It is interesting reading. According to several commentators, it contains warnings about spam and social media-- things not entirely commonly associated with control syst...

What's this? A bogus security survey?

Jake Brodsky noticed this on the Industrial Defender website:

The Hidden Costs of Successful Safety

It's not easy to keep process applications safe, but it can be even harder to find help to do it right. In this environment, safety depends on asking the right questions. In his "SIL 201" presentation on July 17 at the 2007 North American Foxboro User Group conference in Boston,...

Joe Weiss reports on NERC CIP and Electric Utility Safety

How Secure are the Electric Utilities if They Implement the NERC CIP Standards? The NERC CIP standards were developed in a consensus fashion with representation from the smallest to the largest utility organizations. In order to obtain consensus, the NERC CIP standards are ambiguous and at best provide a "minimum bar".

Discrete and process safety systems: why not integrate?

I was talking yesterday about the convergence between digital safety networks that were originally developed for discrete environments and process safety instrumented systems. Today the current issue of Industrial Networking landed on my desk with the cover story, by Dan Hebert, about that very thing.

Dan McDougall on how Shell does process security

Dan McDougall on Process Control Security - Shell Upstream  How Shell EP is responding to Global Threats  "If you aren't aware that this is...

Lessons from Texas City

Safety requires passionate and effective leadership, says MIT professor Nancy Leveson, a member of the Baker Commission that investigated the accident at BP Texas City. Managing and Controlling Safety needs clear definition of expectation, and we have to continue to adapt to changing conditions.

Guidelines for Safe and Reliable Instrumented Protective Systems

Angela Summers, recent inductee into the Process Automation Hall of Fame, sent me a copy of her new book  Guidelines for Safe and Reliable Instrumented Protective Systems, which you can buy on

And what did Rockwell neglect to tell us?

Why that the busy little beavers were after buying ICS-Triplex, of course.