Tofino Security article: SCADA Cyber Security Problems

Oct. 12, 2011

SCADA Cyber Security Problems - Just How Common are the Programming Errors?

The discovery of SCADA-security issues by Luigi Auriemma and Siemens PLC weaknesses by NSSLabs this year is interesting from a software-engineering point of view. Having been active in the development of industrial controllers, embedded devices, PLCs and machines, I have experienced the other end of the cyber security problem - not how vulnerabilities must be stopped, but the ease with how they are created.

SCADA Cyber Security Problems - Just How Common are the Programming Errors?

The discovery of SCADA-security issues by Luigi Auriemma and Siemens PLC weaknesses by NSSLabs this year is interesting from a software-engineering point of view. Having been active in the development of industrial controllers, embedded devices, PLCs and machines, I have experienced the other end of the cyber security problem - not how vulnerabilities must be stopped, but the ease with how they are created.

Auriemma has tried to find the source of the SCADA leaks by disassembling the code and finding the root cause of all 34 leaks. It is interesting to read that the “Buffer Overflow” error is one of the most common. It is so common that it is listed as #3 in the “Mitre TOP-25 most dangerous programming errors” list (No. 1 and 2 are website programming errors).

Read the entire article by Rob Hulsebos on the Practical SCADA Security blog http://www.tofinosecurity.com/blog/scada-cyber-security-problems-%E2%80%93-just-how-common-are-programming-errors

Sponsored Recommendations

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...
Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...
Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...
Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...