-
Monday, January 25, 2010
Honeywell’s Safety Manager Is Achilles Certified
Today marks another milestone for the Achilles Certification program with the announcement of the 16th Achilles-certified control system, this time from Honeywell Process Solutions. The Experion® Safety Manager is the second control system from Honeywell to meet the Level one criteria, along with the Experion® PKS C300 Process Controller, and joins a long series of certified products that have made the Achilles Certified designation the standard for cyber security certification in the industrial automation industry. The certification was performed by exida, a global leader in functional safety and security products and services, and accredited Wurldtech certification partner. This falls on ...
Read full story
-
Sunday, January 24, 2010
Wurldtech CEO To Speak At Upcoming WIB Seminar About Emerging SCADA & Smart Grid Security Initiatives
The International Instrumentation Users Association (WIB) has invited Mr. Williams to join executives and SME’s from organizations such as NICC, Shell and McAfee to share industry experiences in the hopes of helping end-user stakeholders make more effective business decisions to improve the security & reliability of critical industrial control and smart grid infrastructure deployments. During the meeting, Mr. Williams and Ted Angevaare from Shell, will formally announce the introduction of the Achilles Cyber Security Best Practices Certification program - which we are currently piloting with selected vendors so stay tuned for more information. The seminar will be held on March ...
Read full story
-
Monday, January 18, 2010
Cyber Security As A Process: Reality Checks & Real World Examples
As we near the second year anniversary of the official launch of our Achilles industrial cyber security certification program, and prepare to launch some major new program initiatives, I thought a small polemic that attempts to: Dispel a few common misconception about cyber security certification and; Highlights a few examples of industrial stakeholders who are embracing cyber security as a functional process and providing the shoulders for the rest of the industry to stand on. would adequately stimulate the discourse in the industrial cyber security community and start the year off with some fodder for conversation. There are two common ...
Read full story
-
Monday, January 18, 2010
Certification Program Update: Achilles Certified Products
In my last post, I discussed the importance of checking the versions of the devices, systems, and applications that are being sold as Achilles Certified, as the certification designation is tied to a specific version number. Given the amount of recent requests from end-users about who is certified, and the fact that we are still a few weeks away from our new website which will contain a complete database of certified products, I thought I would show a list of the certified devices here: Embedded Controllers Vendor Device Model Version ABB AC800M Controller PM865 5.0.1001.51 ABB Plantguard TMR Safety ...
Read full story
-
Tuesday, January 12, 2010
Wurldtech’s CTO To Speak At RSA 2010
Each spring, security experts from all over the world converge on the Moscone centre in San Francisco to discuss the global cyber security zeitgeist at RSA. Although RSA is mainly focused on Enterprise/IT security, the security, reliability and resilience of the digital networks that comprise the backbone of our national/global critical infrastructures, has surfaced as one of the most important issues in cyber security today. Dr. Nate Kube has been selected, as an internationally-recognized subject matter expert on industrial cyber security and critical infrastructure protection, to present his take on the state of the industry. Dr. Kube will be co-presenting ...
Read full story
-
Saturday, January 09, 2010
Wurldtech Executive At 2010 ARC Forum To “Rethink Cyber Security For Critical Infrastructures”
Wurldtech’s president Tyler Williams starts another year of industry stewardship, at ARC’s fourteenth annual forum in Orlando Florida. Mr. Williams joins a panel of experts from around the world to discuss the business of cyber security and how a better understanding of economics can help improve the resilience of digital networks in critical infrastructure industries. Information about the forum and how to register can be found here.
Read full story
-
Thursday, January 07, 2010
The Triconex Trident 2.1.1 is Achilles Certified
The latest version of Invensys Process Systems’ (IPS) Triconex Trident has achieved Achilles Certification. The Trident has already been certified twice before, with its 2.0.1 and 2.1.0 versions previously certified. As has been discussed in blog posts past, Achilles Certification is strictly tied to a particular device version. Devices must continually be tested to ensure that they are robust and that they conform to Achilles Certification standards. Congratulations to IPS on another certified device and for continuing to demonstrate their commitment to deploying robust, certified devices.
Read full story
-
Tuesday, January 05, 2010
Tyler Williams To Kick Off 2010 With Webcast On Smart Grid Cyber Security Hosted By Energy Central
On Thursday January 07 at 9am (PST), Mr. Williams will join 3 other subject matter experts: Mike Brown, IO Active Erfan Ibrahim, EPRI Kevin Brown, EnerNex To take a holistic look at the cyber security challenges of emerging industrial wireless and smart grid technologies from a real-world perspective. Learn what utilities see as some of the actual challenges with smart meter and AMI deployments, and what steps are being taken today to reduce overall risk exposure to the bottom line. Review current best practices for ensuring Smart Grid security when viewed from an organization, people, process and technology perspective. Discover ...
Read full story
-
Friday, January 01, 2010
Replay Based Testing
I’m new to Wurldtech, but have been in the test industry for most of my career. One thing you learn in the practice of testing is that time truly is of the essence. With an insurmountable number of test cases to choose from the tester has to carefully design where he/she is going to target their valuable test time.
Consider communication replay or pcap based test schemes. Most security vulnerabilities take their birth from post-release bugs and post-release bugs are typically identified through happen-chance by the customer during execution of the software program. Consider now the Ethernet-enabled devices deployed in ...
Read full story