Unfettered Blog

For the record: Citect responds to charges by Core

From the press release, verbatim: Citect reassures its customers on the security of their SCADA networks Sydney, Australia [June 12, 2008] – Citect has moved to reassure its SCADA customers they are extremely unlikely to be at risk from potential security breaches found by Core Security Technologies in Windows-based control...

Core Technologies Outs Citect to Associated Press

Thanks to Marcus Sachs for pointing me to this one---WB In my view, this raises several questions. Why, again (remember, Core accused Wonderware of dilatory response just a couple of months ago) did Citect take five months to fix the problem? Why did Core go to the Associated Press? Does...

Bandolier: Gold Standard, or Only Half Way There?

I want to specifically respond to Ralph Langer’s comments from my blog post on Severity Levels. Ralph posted, “While I agree in general that severity cannot be established without context, experience tells me that such context can hardly be established by any kind of automated software tool.

Guest Post: Jake Brodsky on the Roadmaps and what’s going wrong…

We have a problem.  We have efforts at all levels to secure industrial control systems, but there isn't much coordination.  Some efforts are falling by the wayside.  The Roadmaps for energy and water are mostly taking top-down approaches.  There are approaches in the middle such as the ISA-99, and going...

Joe Weiss makes the Washington Post– and makes sense, too!

URL: http://www.washingtonpost.com/wp-dyn/content/article/2008/06/05/AR2008060501958.html Supporting URL: http://www.gao.gov/new.items/d08526.pdf Cyber Incident Blamed for Nuclear Power Plant Shutdown By Brian Krebs washingtonpost.com Staff Writer Thursday, June 5, 2008; 1:46 PM A nuclear power plant in Georgia was recently forced into an emer...

Severity Ratings…You must consider the context!

What do severity ratings REALLY mean? I read a blog on Digital Bond’s Bandolier project (www.digitalbond.com,

So where in cyberspace is the nuclear power community?

Where is the nuclear power community? It has been a year since Congressmen Bennie Thompson and James Langevin sent a letter to Chairman Klein of the NRC with a series of questions related to the Browns Ferry 3 Nuclear Plant Broadcast Storm incident.

Cyber Week in Review: May 19-23, 2008

The Week (May 19-23) in Review I thought Dale Peterson’s weekly review was a great idea so I have decided to do my own: Two major events occurred on either side of the country the same day - Congressional hearings on cyber security of the grid and Connectivity Week (Smart...

Galvin Electricity Initiative – is it really perfect power?

Tomorrow, Kurt Yeager, the ex CEO of EPRI and current Executive Director of the non-profit Galvin Electricity Initiative will provide one of the keynotes at Connectivity Week in Santa Clara. The Galvin Electricity Initiative is focused on transforming the reliability and value of U.S.

House holds more hearings on Grid cyber vulnerabilities

There will be a hearing May 21, 2:00 PM, 311 Cannon Building in Washington DC on “Implications of Cyber Vulnerabilities on the Resiliency and Security of the Electric Grid”. Expected witnesses: Joseph Kelliher, Chairman, Federal Energy Regulatory Commission (FERC) Richard Sergel, Chief Executive Officer, North American Electric Reliability Corporation (NERC)...