Stuxnet and Aurora are not traditional network vulnerabilities and cannot be found or mitigated by using traditional IT security techniques. The Smart Grid NISTR-7628 and NERC do not identify design features that can be exploited. There is a disconnect between what the electric industry is trying to protect and what...
I will be delivering the keynote at the May 31, 2014 ECSaR 2014 Workshop on Engineering Cyber Security and Resilience at Stanford University. The agenda can be found at www.ECSaR-2014-Program.docx. Details on the overall conference can be found at http://www.scienceengineering.org/ase/conference/2014/cybersecurity/sanjose/website/138-2/.
DOE recently issued their revised report on Cyber security procurement Language for Energy Delivery Systems dated April 2014. The report is an update on the 2009 INL report. The report does a good job of addressing communication networks and traditional IT issues.
SecurityWeek acquires ICS Cybersecurity Conference series
April 1st, a federal grand jury indicted PG&E on 12 counts of knowingly and willfully violating the federal Pipeline Safety Act leading to the San Bruno pipeline rupture. As San Bruno was a control system cyber incident, the cyber security implications include the following.
I will be speaking April 1st at the Palo Alto Networks Ignite Conference on “Addressing the Most Pervasive Challenges in ICS Cyber Security”.
The March 2014 issue of ASME’s Mechanical Engineering magazine had an article entitled "The Internet of Very Big Things". The article focused on the productivity and safety benefits of connectivity, including to the Internet. The discussion on security was either not correct or misleading. This is not the first time...
Joe Weiss believes there is a significant need for a cybersecurity conference from the perspective of the control systems engineer that focuses on the impacts of electronic communications on system performance, reliability and safety.
I have been invited to give a lecture on ICS Cyber Security at the Naval Post Graduate School April 3rd in Monterey on control system cyber security. The presentation will be similar to my presentation at West Point.
I reviewed the Bipartisan Policy report and then had a chance to meet with one of the project leads to discuss some of my concerns. The concern about cyber security of the electric grid is grid reliability.