SP99-- who are those guys?

July 24, 2007
Ken Anderson will be speaking on security issues with Wireless applications. I don't know what happened, but this was supposed to be given by Bryan Singer... Anderson works for an oilsands company. What I want to talk about is where SP99 is, and what we're doing there. Components included based on function performed, not industry, type of control or other limited views SCADA, etc. We go from Level 0,1,and2 and a little of Level 3 of the purdue model. IT security is an established disciplin...
Ken Anderson will be speaking on security issues with Wireless applications. I don't know what happened, but this was supposed to be given by Bryan Singer... Anderson works for an oilsands company. What I want to talk about is where SP99 is, and what we're doing there. Components included based on function performed, not industry, type of control or other limited views SCADA, etc. We go from Level 0,1,and2 and a little of Level 3 of the purdue model. IT security is an established discipline, but its application in industrial control systems is a challenge. It is necessary to add domain expertise to provide workable, practical solutions for control systems without screwing them up. Effective automation security is a function of appropriate technology, specialized expertise and domain expertise. Anderson described the SP99 working groups. TR1 has already been released, and will be released in a revised format soon. There are 260 members from 220 companies from a wide number of industry verticals and sectors. SP99 is developing the ANSI standards. ANSI/ISA-TR99.00.01-2004 revision has been issued for voting. ANSI/ISA-d99.00.01 Terminology, concepts and models: estimated publication 3Q 2007 d99.00.02 Establishing an Industrial Automation and Control Ssytems SEcurity program. 400 comments received, analysis is in progress. Major themes are organization of information and ease of use, consistency with other standards, process complexity, for release in late 2007 There are other documents available: master glossary, guide to the standards. d99.00.03: Operating an industrial automation and control ssytems security program. work will commense after completion of part 2. d99.00.04 Technical security requirements, working group active. Newly started. DHS Security catalog will be available-- great document. Working group 6, concerned with Patch Management, has been formed in conjunction with MS-MUG. We are increasing awareness of and coordination between SP99 and other automation systems security activities and standards bodies. Here's the begging part: None of these standards will get done without volunteer help, folks. Priorities: Complete Part 1 and Part 2 Standards Complete the revised TR-1 Support working groups SP99 needs your participation.

Sponsored Recommendations

Municipalities are utilizing inline total solids measurements to enhance sludge thickening, lower polymer usage and cut operational expenses.
Carbon dioxide is increasingly recognized as a vital resource with significant economic potential. While the conversion of carbon dioxide into products is still in its infancy...
Discover our wide range of temperature transmitters that convert sensor signals from RTDs and thermocouples into stable and standardized output signals!
An innovative amine absorption-based carbon capture process enables retrofitting of existing industrial facilities to reduce emissions in hard-to-abate sectors, with advanced ...