August 22nd, the DHS Cyber Security Division held the Transition to Practice Technology Demonstration for Investors, Integrators and IT Companies in San Jose. To great fanfare (it was on local radio and TV) there were 8 cybersecurity technologies being showcased. NONE were directly relevant to control systems! I was told there are several control system cybersecurity technologies being developed that should be ready by next year. (I know about Sophia and LOGIIC and was surprised they weren't there). One will be developing a backplane for PLCs to identify what is happening at the control system logic level. This will be valuable only it is a bit late. The ICS R&D plan I developed in 2001 addressed the need to address PLC and other control system issues. PLC logic issues were publicly identified by INL in 2008 and used in Stuxnet (found in the 2010 timeframe). At the ICS Cyber Security Conference in October, both Siemens and Rockwell will be demonstrating how they are already securing their automation platforms. Isn't DHS a bit late?
I should also mention that when I told the different labs and DHS about the utility ICS cybersecurity test bed they all perked up. Everyone I talked to said they need a place to demonstrate the technologies in a real end-user environment and they haven't been able to find one.
