Hi Andreas, I took the liberty of bringing that to the list as I understood it that it was your intention to do so.
First off all: Emerson DeltaV will definitely not give you any permission to publish anything. When I asked them for the Specs I was officially threatened to be sued by them if I was to continue my attempts. However the European Union law explicitly allows the reverse engineering I did for that. So they don't want us to do that, but they don't have any legal means for preventing us to do what we are doing. https://de.wikipedia.org/wiki/Reverse_Engineering So if you are looking for consent by Emerson, you will definitely not get it from them. If you want consent from me, I definitely give it to you happily. And I would be super-happy if you could provide us with some additional information on things you found, that we might be missing. I guarantee that we're missing quite a bit. However we couldn't take that information from the Wireshark dissector as this is GPL licensed. We could run packet captures through the dissector and take some information Wireshark displays from that, but having a look at the code would be prohibited. But it would make our life a lot easier, if you submitted PRs for PLC4X (Code or Documentation or just information via Email). You as the author of this information are the only one that could re-license the information. Chris Am 12.07.19, 09:16 schrieb "Erdrich, Andreas" <[email protected]>: Sorry Chris, what a bad start from my side - encrypting the email to myself instead of just signing... Here again my last email in plain: ------------------------ Dear Sir or Madam, I'm paying all due attention to your project PLC4X for a while. I'm actually writing a master thesis about applying the Consequence-driven Cyber-informed Engineering (CCE) method on a facility for a successful attack and counter measures. In this (demonstrative) facility a PLS DeltaV from Emerson controls the core-process which the attack is applied to. The main goal of future work is to develop counter meassures against advanced attacks on industrial protocols. In my work I referenced your findings from https://plc4x.apache.org/protocols/delta-v/ and built a LUA Wireshark dissector to further reverse engineer to DeltaV protocol. First, I'd like to know if there are any agreements with Emerson that allow the publication of the reverse engineered protocol (since we plan a publication on a conference, too)? Second, I'd like to share my findings on DeltaV protocol back to the PLC4X project community. Are you interested in reviewing the Wireshark dissector? Kind regards -- Mit freundlichen Grüßen Andreas Erdrich ____________________________________________________ Referat TK 15 - Industrielle Steuerungs- und Automatisierungssysteme Bundesamt für Sicherheit in der Informationstechnik Godesberger Allee 185 -189 53175 Bonn Telefon: +49 228 99 9582-6347 Fax: +49 228 99 10 9582-6347 E-Mail: [email protected] Internet: www.bsi.bund.de www.bsi.bund.de/ics www.bsi-fuer-buerger.de -----Ursprüngliche Nachricht----- Von: Christofer Dutz <[email protected]> Gesendet: Donnerstag, 11. Juli 2019 17:04 An: [email protected] Cc: Erdrich, Andreas <[email protected]> Betreff: Re: ***UNCHECKED*** PLC4X project Ok ... so I guess this was empty after all ... I got the moderation email and thought "BSI" and GPG signed email sounded valid, was just expecting the Apache Moderation tooling to not be able to process this ... @Andreas: We are interested in what you have to say to us ... please however sign up to the mailing list first as the Moderation software seems to have problems with signed emails. You can sign up by sending an empty email to [email protected] Looking forward to your posts, Chris Am 11.07.19, 16:58 schrieb "Erdrich, Andreas" <[email protected]>:
