|
| Featured Articles |
Network security in the Automation world
InTech, April 2011
By Dan Schaffer
The need for cybersecurity to protect industrial networks is real and growing. While today’s control systems are increasingly complicated, protecting them from a cyber threat does not need to be.
Defense in depth: It’s more than just the technology
InTech, April 2011
By Jason Urso
There are three keys to a successful cybersecurity program for any industrial manufacturing plant: people, process, and technology. We tend to rely on technology to keep us safe, but the other two aspects are just as important.
Hyper-Secured PLC…and other curious combinations
Control Engineering, March 2011
To make life easier for automation engineers, and less costly for OEMs and end-user companies to build control systems, clever companies are converging previously separate products.
How to Prepare for a NERC CIP Audit (and Protect Yourself!)
Control, March 2011
By Phil Marasco and Jay Abshier, CISSP
Until you have actually been through a Critical Infrastructure Protection (CIP) audit at least once, there will likely be some uncertainty regarding how you should prepare. However, with some planning and focus, the process should not be as daunting as some would have you believe.
Ethernet Infrastructure - Is IPv6 another Y2K?
Automation.com, March 2011
ODVA is taking IPv6 seriously because it could have major implications for existing EtherNet/IP installations and product developers. This is not unique to EtherNet/IP, the change has an impact on all Ethernet devices and infrastructure including business, industrial, home, and mobile communications.
Browse more articles on the Security portal. |
| Product Announcements |
Honeywell releases Tofino Modbus Read-only Firewall
The Honeywell Modbus Read-only Firewall provides an additional layer of protection against unwanted and harmful network traffic.
Other Product Announcements
Browse more Product Announcements on the Security portal.
Search all Products by keyword, category, manufacturer or release date. |
| White Papers |
Dealing with ICONICS GENESIS SCADA Vulnerabilities
By Byres Security
A number of previously unknown security vulnerabilities in the ICONICS GENESIS32 and GENESIS64 products have been publically disclosed. The release of these vulnerabilities included proof-of-concept (PoC) exploit code. This White Paper summarizes the current known facts about these vulnerabilities. It also provides guidance regarding a number of possible mitigations and compensating controls that operators of SCADA and ICS systems can take to protect critical operations.
Protecting Water Industry Control and SCADA Systems from Cyber Attacks
By Don Dickinson, Phoenix Contact
To ensure the availability and reliability of water systems, the control systems and SCADA networks used to monitor and control plant processes must be protected against cyber attacks. It is important to understand the threats and associated risks to control systems in order to establish a plan for protecting critical systems.
Post-Stuxnet Industrial Security
By Frank Dickman, Innonimate
After Stuxnet, the threats from malware and insufficient IT security in automation networks can no longer be ignored. The real danger looming out there, however, is not from Stuxnet itself, but rather from mutations likely to be created by imitators.
Video Surveillance Integrated with SCADA
By Control Microsystems
This paper explores the growing security requirements for critical infrastructure in SCADA industries and the capability of operators to efficiently integrate video surveillance into their existing SCADA networks without hindering communications and bandwidth to the control centre.
Browse more white papers on the Security portal. |
| Company & Organizational News |
ISA99 examines standards’ strength against Stuxnet-like attacks
InTech, April 2011
By Ellen Fussell Policastro
The ISA99 standards committee on Industrial Automation and Control Systems Security formed a task group to conduct a gap analysis of the current ANSI/ISA-99 series of standards. The purpose is to determine if companies following the ISA-99 standards would have been protected from sophisticated attacks and to identify needed changes.
Cyber Attacks Victimize Oil and Gas Companies
Automation World, March 2011
By Wes Iverson
Night Dragon attacks, believed to be largely the work of Chinese hackers, have been successful in achieving their apparent objective—that of intellectual property theft from global oil and gas, energy and petrochemical companies.
ISA99 launches Cyber Threat Gap Analysis Task Group
The task force will determine if companies following the ISA99 standards would have been protected from such sophisticated attacks and to identify changes needed, if any, to the standards being developed by the ISA99 committee.
Counterfeit exida safety certifications discovered
Counterfeit certificates claim exida certification to Safety Integrity Level (SIL) 3 capability of IEC 61508. Safety practitioners are advised to consult the Safety Automation Equipment List to verify certifications.
Industrial Video and Control Acquires Longwatch
Longwatch is a developer of video management software for industrial automation and process control applications. IVC will maintain the Longwatch brand and operate the company as a division of IVC.
Browse more company and organizational news on the Security portal. |
| Featured Training |
OPC Security
June 2, 2011 - June 3, 2011
Location: Toronto, Canada
Students learn how to secure their OPC implementation by configuring their firewall, Data Execution Prevention, Windows Authentication, Access Control Lists (ACL), Windows Services, Demilitarized Zone (DMZ) implementation, and how to continuously monitor the health of their real-time communication system. This enables plants to comply with IT, industrial, and federal regulations.
Industrial Wireless Systems (IC85C)
June 9, 2011
Location: Concord, NC, USA
Held in conjunction with ISA's POWID Symposium. Wireless systems and wireless technologies have advanced to the point where stable, robust, and secure networks are ready for deployment in industrial settings.
Introduction to Industrial Automation Security and the ANSI/ISA99 Standards (IC32C)
June 10, 2011
Location: Concord, NC, USA
Held in conjunction with ISA's POWID Symposium. Understanding how to secure factory automation, process control, and Supervisory Control and Data Acquisition (SCADA) networks is critical if you want to protect them from viruses, hackers, spies, and saboteurs.
The Complexities of Substation Cyber Security
June 15, 2011
The functionality of traditional substation devices coupled with the introduction of NERC CIP-007 R5 is leaving many utilities uncertain about how to effectively manage substation cyber security solutions. This webinar will showcase how one top 10 Fortune 500 electrical utility assessed and addressed the complexities of managing substation device passwords.
Using the ANSI/ISA99 to Secure Your Control System (IC32)
August 17, 2011 - August 18, 2011
Location: Research Triangle Park, NC, USA
The move to using open standards such as Ethernet, TCP/IP, and web technologies in supervisory control and data acquisition (SCADA) and process control networks has begun to expose these systems to the same cyber attacks that have wrecked so much havoc on corporate information systems.
Browse more training and seminar opportunities on the Security portal. |
| Featured Events |
Managing SCADA Security Risks 2011
May 25, 2011 - May 26, 2011
Location: San Francisco, CA, USA
Real world examples of how companies using industrial control systems are identifying vulnerabilities and threat professionals will discuss the reality of SCADA risks and potential implications for your business.
Honeywell Users Group Americas Symposium 2011
June 12, 2011 - June 16, 2011
Location: Phoenix, AZ, USA
Hundreds of automation users and industry experts gather to explore the latest industry trends and technology developments each year. The event features hands-on demonstrations of the latest technology, one-to-one interaction with products experts, and group discussion with other Honeywell users. The robust technical conference provides invaluable education and insight.
Remote Monitoring and Control 2011
September 19, 2011 - September 21, 2011
Location: Nashville, TN, USA
Remote Monitoring and Control 2011 will focus on the leading advancements for the monitoring and management of distributed equipment and facilities, remote assets, infrastructure, automated process & system controls and device networks.
Cyber Security for Energy Delivery
September 27, 2011 - September 28, 2011
Location: San Jose, CA, USA
Develop strategies to protect your cyber assets, achieve economic compliance and implement technological solutions. Join 100 key decision makers from across NAmerica receiving business critical strategy ensuring your critical cyber assets are protected and comply with NERC guidelines. Get vital inside knowledge on future changes from those in the know.
ISA Automation Week 2011
October 17, 2011 - October 20, 2011
Location: Mobile, AL, USA
This world-class conference will cover seven technical tracks in depth and will be designed with information critical to several identified automation and control career paths. ISA Automation Week provides you with the opportunity to get the best unbiased knowledge available to help you in your jobs and your future.
Browse more industry events on the Security portal.
Add an event to our calendar. |
|
