Monthly Archives: January 2014

ICS security and regulatory requirements

In North America, ICS security, as regards the electricity grid, is regulated by NERC, which provides and enforces, among other things, the Critical Infrastructure Protection (CIP) standards. In this post, I’ll provide a quick overview of those standards, provisions slightly … Continue reading

Posted in Industrial Automation, Software Engineering | Tagged , , , | Comments Off on ICS security and regulatory requirements

The Crain-Sistrunk vulnerabilities

In the two previous posts, I’ve shown that industrial control systems — ICSs — are becoming more pervasive, and that they rely on security through obscurity. Now, let’s make the link with current events.

Posted in Industrial Automation, Software Engineering | Tagged , , | Comments Off on The Crain-Sistrunk vulnerabilities