Archive for September, 2011

ISA99 and IEC62443 – Security for Industrial Automation and Control Systems: System Security Requirements and Security Assurance

The chairs of the ISA99 committee on Industrial Automation and Control Systems Security have completed a draft copy of the following document and is releasing it for review and approval by the voting members of the committee. The title of the standard …

ICS-CERT has released an Advisory "ICSA-11-273-01 – ICONICS GENESIS32 Multiple Memory Corruption Vulns" (PDF)

This Advisory details eight memory corruption vulnerabilities affecting the ICONICS GENESIS32 product.

ICS-CERT has released an Advisory "ICSA-11-273-02 – InduSoft ISSymbol ActiveX Control Buffer Overflow" (PDF)

This Advisory details ActiveX control buffer overflow vulnerabilities with proof-of-concept exploit code affecting the InduSoft ISSymbol product.

ICS-CERT has released an Advisory "ICSA-11-273-03 – Rockwell RSLogix Denial of Service Vulnerability" (PDF)

This Advisory is a follow-up to Alert “ICS-ALERT-11-256-05A – Rockwell RSLogix Overflow Vulnerability”, published September 13, 2011.

Anwar al-Awlaki said to be dead

According to several news outlets, Anwar al-Awlaki, the New Mexico born evangelist of terrorism, was killed in an attack on his convoy traveling through the interior of Yemen.    This news is breaking between 0600 and 0800 (Eastern Time).  More here…

Happy new (fiscal) year!

Today concludes the federal fiscal year.  The new year begins tomorrow.  The United States finishes the current year deep in debt. We do not yet have a budget for the new year. The Senate has adopted a continuing resolution to provide funding through…

Your September @Control Digital Issue is Ready for Viewing! #pauto #automation #mfg #manufacturing


read more

ICS-CERT has released an ALERT "ICS-ALERT-11-271-01 – PcVue HMI/SCADA Multiple ActiveX Vulnerabilities" (PDF)

This ALERT warns of a public exploit release for multiple vulnerabilities affecting the PcVue HMI/SCADA product.

ACS 2011 Conference Summary – September 22

The final agenda can be found at There are several unique hallmarks of the conference:

Discussions of actual control system cyber impacts
The significant amount of discussion makes keeping a schedule almost impossible
Many of the p…

Living Lively, Living Well

Even in the relatively staid emergency management sector, which has become rather doctrinaire in recent years as we have attempted to consolidate the lessons of 9/11 and the investments in response capabilities made possible through federal grants, som…