Learn More
I n making the case against complacency about control system security, this report summarises the incident information collected in the Industrial Security Incident Database (ISID). It describes a number of events that have directly affected process control systems indicating that the number of cyber incidents against SCADA and control systems worldwide has(More)
The use of firewalls between business and process control networks is often suggested as an ideal solution for plant floor cyber security. But research shows that few firewalls are properly configured and that many control system security incidents bypass the firewall. If firewalls are to be effective, guidance on how to deploy them in industrial settings(More)
Delphi is a database designed to centralize and distribute current industrial automation vulnerability information. Over the past two years, with the aid of many of the world's largest equipment vendors and operators, we have populated this databse through extensive testing of industrial control devices. Delphi stores over 500 vulnerabilities on 31 popular(More)
Supervisory Control and Data Acquisition and industrial control systems, with their traditional reliance on proprietary networks and hardware, have long been considered immune to the cyber attacks suffered by corporate information systems. Unfortunately, both academic research and in-the-field experience indicate misplaced confidence.The move to open(More)
  • 1