Update: the malware is targeting specific components from Siemens, and has now spread to China. The last report I read said that it had a small footprint in Southeast Asia, but it is on the verge of being bigger in China than it is in Iran. It's also rumored that one of the filenames points to it having Israeli origins.
Sent from my iPad On Oct 1, 2010, at 8:17 AM, Luke <[email protected]> wrote: > For Instrumentation and Control Systems, the professional society is > the ISA (International Society of Automation, formerly the Instrument > Society of America), of which I am a member... just renewed, in fact! > > ISA-5.06.01 is the Functional Requirement Spec for Control Software > Applications, and one of the main governing documents for the > software. But it is more of a design spec than anything else. It's > not hard and fast "this is how to write code" but like most design > specs it describes the minimums necessary to produce a sound control > system. > > There is also ISA TR99, which is "Security Technologies for Industrial > Automation and Control Systems," but that is not a spec per-se; it's a > Technical Report, which means that you can use it as reference but not > as a specification. > > The ISA has been pushing security ("cybersecurity" is the term often > used in industry to differentiate from physical, real-world security) > a lot in the last few years. Personally I think we'll get Technical > Reports rather than a full blown spec because the nature of the > security threats is going to keep evolving, like this malworm. This > is something brand-spanking new. Sure, "regular" malware can be > devastating to individual users, but industrial malware which can take > a nuclear power plant's safety protocols offlne is the stuff of > apocalyptic science fiction! At least, it was until now! > > On Sep 30, 5:42 pm, James Peluso <[email protected]> wrote: >> Thanks for the info Luke. Does your industry have any checks and balances >> when it comes to firmware and coding? Like an ieee or iso standard? Just >> thinking on how to prevent an exploit of this nature >> On Sep 30, 2010 4:31 PM, "Luke" <[email protected]> wrote: >> >> >> >>> Die Hard 4 was about shutting down government infastructure, wasn't >>> it? So in a way, yes, because certain infastructure (a good example >>> would be traffic control) would be controlled by an automation system >>> of some kind, most likely a Distributed Control System. >> >>> This one specifically targets industrial automation systems. For >>> example, on the project I am working we have a general plant >>> automation system (let's call it SPIC) and a more stringent, safety- >>> related automation (lets call it KELS), both of which are running as >>> Distributed Control Systems, albeit each one is seperate and >>> different. We also have a general plant data network, which is all of >>> the ethernet, VOIP, and other "administrative" automation stuff. SPIC >>> and KELS would be the industrial automation stuff which a worm like >>> this might attack. >> >>> On Sep 30, 4:14 pm, James Peluso <[email protected]> wrote: >>>> I'm kind of naive to this part of the industry but, is this what Die Hard >> 4 >>>> is about? >> >>>> On Thu, Sep 30, 2010 at 4:12 PM, Luke <[email protected]> wrote: >>>>> I'm an Instrumentation & Control Systems Engineer, so industrial >>>>> automation systems like the ones Stuxnet attacks is right in my >>>>> department's wheelhouse. Needless to say we are watching this VERY >>>>> closely. Industrial automation software is very specific and very >>>>> proprietary -- so a piece of malcode which can attack it has to be >>>>> very specific and single-minded. >> >>>>> On Sep 30, 11:21 am, Cary Preston <[email protected]> wrote: >>>>>> And Iran is taking a beating: >> >>>>>> http://www.debka.com/article/9050/ >> >>>>> -- >>>>> You received this message because you are subscribed to the Google >> Groups >>>>> "The Unique Geek" group. >>>>> To post to this group, send email to [email protected]. >>>>> To unsubscribe from this group, send email to >>>>> [email protected]<theuniquegeek%2bunsubscr...@googÂlegroups.com> >> >> <theuniquegeek%2bunsubscr...@goog legroups.com>>> > . >>>>> For more options, visit this group at >>>>> http://groups.google.com/group/theuniquegeek?hl=en. >> >>>> -- >>>> Jim >> >>>> blog <http://jimpeluso.wordpress.com> >>>> "Keep moving Forward"- Hide quoted text - >> >>>> - Show quoted text - >> >>> -- >>> You received this message because you are subscribed to the Google Groups >> >> "The Unique Geek" group.> To post to this group, send email to >> [email protected]. >>> To unsubscribe from this group, send email to >> >> [email protected]<theuniquegeek%2bunsubscr...@googÂlegroups.com> >> .> For more options, visit this group at >> >> http://groups.google.com/group/theuniquegeek?hl=en. >> >> >> >> - Hide quoted text - >> >> - Show quoted text -- Hide quoted text - >> >> - Show quoted text - > > -- > You received this message because you are subscribed to the Google Groups > "The Unique Geek" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/theuniquegeek?hl=en. > -- You received this message because you are subscribed to the Google Groups "The Unique Geek" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/theuniquegeek?hl=en.
