SCADA Security - Why is it so hard? presented at Security B-Sides 2011

by Amol Sarwate,

Tags: Security

Summary : This talk will help those implementing security measures for SCADA systems. It will present the technical challenges faced by organizations that have SCADA or control systems installations, provide examples of security controls for SCADA systems, and offer an open-source tool to help identify and inventory SCADA systems. It will begin by introducing SCADA systems under the hood and will go into depth about SCADA protocols like MODBUS and DNP3 at the packet level. The second half of the talk will focus on real world examples of successful and not-so-successful implementations of security controls with SCADA systems. This will include examples of what some large organizations have done, and a discussion about why SCADA security cannot be deciphered just by tools or technical solution. The presenter will also announce an open source tool whic is due to be released later in October that will help identify SCADA systems.This session should be helpful for anyone who has tried to implement security measures for their SCADA systems. It should also be helpful for security vendors and SCADA vendors who are all part of SCADA security..