Dear %%if(%%firstname%% is empty,Colleague,%%firstname%%)%%:
To receive the latest automation information, add enews@automation.com to your address book.
Read the online version if some of the links don't work in this Security Update. |
| |
March 2008 |
Sponsor: Mu Security |
Improving the Safety and Service Assurance of Industrial Control Systems Using Mu Security
Mu’s award-winning service assurance solution improves the reliability, availability and security of the leading critical infrastructure asset owners and their global industrial control systems manufacturer suppliers. The Mu-4000 solution:
- Reveals Industrial Control Safety and Resiliency Issues
- Documents SCADA and Process Control Vulnerabilities
- Prevents the Occurrence of Zero-Day Attacks and Network Reliability Problems
- Enables 99.999% Continuity of Critical Services
Learn more on how ABB and Honeywell use Mu
.jpg)
|
Live News Feed |
RSS feed for Security.
Learn more about RSS feeds.
|
Visit our Product Portals |
| Our Product Portals organize information by various automation topics.
Each Product Portal includes articles, white papers, product announcements, application stories, company news, resources, literature, training, seminars, and events.
Plus, we search the Internet for relevant material so you don't have to search dozens of sites for information on topics of interest.
Visit our Product Portals frequently and stay current on all topics relating to automation. |
|
|
| Featured Articles |
Just Because They Haven’t, Doesn’t Mean They Won’t
Control, March 2008
By Walt Boyes
Control’s editor ponders the possibilities of cyber attacks on SCADA and control systems, and suggests we work to protect them.
Quantifying Cyber Security Risk
Control Engineering, March 2008
By Morgan Henrie, Univ of Alaska and Paul Liddell, Alyeska Pipeline Service
Basic risk analysis techniques can help you understand the cyber threats to industrial control systems and SCADA systems overseeing electric utility distribution. This step will help as you begin planning a defensive strategy.
Creating Secure OPC Architectures
By Adriel Michaud, MatrikonOPC
Technical guide on how to secure typical OPC implementations. It covers OPC DA, HDA, and A&E, securing OPC Servers from unauthorized OPC Client access, and restricting authorized OPC Clients to only the functions necessary.
Time for Plant and Corporate IT to Grow Up
Control, February 2008
By Charlie Gifford, 21st Century Manufacturing Solutions
Subject: the bloody war zone in manufacturing operations management (MOM) systems. Neither side realizes how large and complex job it is to integrate and translate between the plant and business in real-time.
Integrating Enterprise and Plant IT Functions
Control Engineering, February 2008
By Jim Ricigliano, Wyeth Pharmaceuticals, and Matthew Bauer, Rockwell Automation
When pharmaceutical manufacturing processes are automated there are many benefits, but implementation can demand difficult choices. Integration often brings enterprise IT onto the plant floor.
|
Browse these and more articles and white papers on the Security portal.
| | Resources & Literature |
Wurldtech introduces Delphi Cyber-Security Database
Vulnerability database for industrial control systems provides visibility into the reliability, safety and security of systems and networks.
Wurldtech launches Achilles Health Check Service
Service provides a rapid evaluation of the cyber-security vulnerabilities and exposure risk of SCADA and process control systems.
ISA99 Cyber Security Standard available
Part 1 focuses on key concepts, terminology and models, and will serve as a foundation for additional standards currently in development in the ISA99 series.
DHS Publishes Chemicals of Interest List for Anti-Terrorism Standards
Chemical Engineering, November 2007
BY Rebekkah Marshall
Facilities that possess chemicals of interest at or above the listed screening threshold quantities are required to complete a Top-Screen test within 60 calendar days
OPC Security Analyzer
The OPCSecurityAnalyzer helps with security permission settings related to OPC DA server access to find why the access to an OPC DA server is denied and to check if the server access is denied for all but the valid users. Local and Remote OPC servers can be browsed and accessed. It shows the Firewall settings and helps quickly make the proper settings.
|
Browse these and more resources and literature on the Security portal.
| | Application Stories |
Biometrics Harden Passwords
Control Engineering Supplement, November 2007
By Jared Pfost, BioPassword
IT manager Jim Krochmal at Polysius Corp and his staff worried about insecurities of usernames and passwords that were standing between the bad guys and Polysius’ intellectual property. He knew that a simple case of credential sharing or password theft could compromise it all. Here’s what they did.
Making cyber security work in the refinery
Intech, October 2007
By Eric Byres and Nicholas Sheble
The control system team at a refinery in Texas focused on the various communications pathways and networks that connected the control systems and the corporate network and based their design on the concept of “defense-in-depth” security.
Government Security & Intelligence
By Objectivity
Northrup-Grumman had a need for a complex, mission-critical interactive analysis involving billions of objects. What’s more, there was no existing methodology for this complex analysis, so any tool developed would have to be able to change on the fly as the methodology was fine tuned.
|
Browse these and more application stories on the Security portal.
| | Featured Training |
Web Seminar: Cyber Security Risk Assessment for Automation Systems
April 3, 2008 2-3:30pm Eastern
This seminar introduces you to the concepts of Risk Analysis and how they are applied to industrial manufacturing and control systems. This seminar is also valuable for IT professionals who wish to learn the special considerations of automation systems in performing Risk Analysis.
Web Seminar: Firewalls and Filtering Security on the Plant Floor
April 17, 2008 2-3:30pm Eastern
The network firewall is one of the most important tools in any cyber-security designer's tool box. This seminar introduces you to the world of firewall system design, focusing on how these devices can be effectively deployed on the typical plant floor.
Securing Industrial Networks: Cyber Protection for Automation, Control, and SCADA Systems
June 12, 2008 Scottsdale, AZ
Are your computerized factory automation, process control, and SCADA networks vulnerable to hackers, spies, or saboteurs? This seminar will teach you the basics of cybersecurity, and how to apply it to your industrial networks. Price: $495
Managing Information Security with the ISO 27001 Information Security Standard
June 17-18, 2008 Dublin, Irleand
The subjects covered include: overview of information security; introduction to the ISO 27001 Information Security Standard; identifying key information assets; identifying risks; strategies for mitigating and managing risk; implementing appropriate security controls; monitoring the effectiveness of security controls.
Online: Cyber Security for automation, Control & SCADA Systems
September 22 to November 14, 2008
This CyberU course runs for seven (7) weeks. Your course syllabus will guide you through the course modules, provide assignments, and the schedule for live Q & A sessions. Price: $1195.
|
Browse these and more training and seminar opportunities on Security portal.
| | Product Announcements | |
|
Browse these and more Product Announcements on the Security portal.
Search Products by keyword, category, manufacturer or release date. | | Company & Organizational News |
MU Security joins ISA Security Compliance Institute
ISA SCI is working toward establishing the ISA Secure certification designation for security compliant products and systems in the automation industry.
Kevin McCarthy joins CoroWare's board of advisors
CoroWare has added Kevin McCarthy to its ensemble of corporate advisors. McCarthy is a proven executive on Homeland and National security solutions.
ISA approves Wurldtech CS2SAT SCADA cyber security tool
The CS2SAT is an online tool that provides organizations that use SCADA and industrial control systems with a self-assessment tool for evaluating the security of the control system.
RuggedCom and Industrial Defender sign marketing agreement
The combined technology of RuggedCom and Industrial Defender deliver a comprehensive cyber security solution.
Mu Security expands Advisory Board
The addition of Byres and Shipley complements current Advisory Board members: four-star retired Army Gen. Anthony Charles Zinni, College of William and Mary; Dug Song, vice president engineering at Zattoo and former chief security architect at Arbor; and Sri Reddy, vice president of engineering for edge router software development, Alcatel.
|
Browse these and more company and organizational news on the Security portal.
| | Application News |
Matrikon to provide cyber security for industrial plant
The process control and IT network security cyber security solution is is based on industrial best practices as outlined by ISA, NERC and NPRA.
RTI to protect USAF Distributed Systems
The project, “Proactive Determination of Networked Node Vulnerability,” will seek out weaknesses in network security before and during a security intrusion event.
Invensys to provide cyber security services for Husky Energy
Invensys will provide services based on its lifecycle cyber security approach, which consists of assessment, design, implementation and real-time management of Husky's plant and production networks.
|
| Browse these and more application news on the Security portal. |
| Featured Events |
ASIS International 7th European Security Conference
April 13-16, 2008 Barcelona, Spain
This conference presents an outstanding opportunity to get up-to-date on the latest security issues and strategies, both region-specific and global, network with top professionals, and see cutting-edge products and services from a select group of exhibitors.
SecuTech Expo 2008
April 16-18, 2008 Taiwan
Visitors can see the latest innovations from a wide range of product categories, including IP surveillance, video analytics, biometrics, mobile security and hybrid solutions.
2008 ISA Safety Division Symposium
April 23-24, 2008 Calgary, Canada
Information and training in the areas of safety instrument systems, alarm management, pressure relief, and HIPPS and control systems security. This event is intended to create a forum where paper presentations and panel discussions transfer information from the leaders and experts on safety and control to industry professionals.
Interop
April 27-May 2, 2008 Las Vegas
Interop joins forces with CSI SX, which offers a focused view of enterprise security in a high-powered, interactive setting.
Control System Cyber Security Conference
August 4-7, 2008 Chicago, IL
Latest advancements and issues in securing industrial control systems including: Case studies and recent trends in control system cyber security; IT and Operations issues with securing control systems; SCADA and Control System procurement issues; End-user cyber security experience with control system architectures and technologies; and more.
|
| Browse more industry events on the Security portal.
Add an event to our calendar.
|
| I hope you enjoyed this Security update. If you have any comments or suggestions regarding the content in this e-newsletter or on Automation.com, please don't hesitate to contact me.
Rick Zabel
Vice President, Publisher
Automation.com View our Privacy Policy For editorial inquiries, please contact Rick Zabel
For advertising inquiries, please contact Karen Olson or see our Media Kit. |
|
|
_thumb.jpg){kind=small}
