Control Systems

Are you sure you don’t have a control system on your network?

by Ron Gula on July 22, 2013

This blog entry describes many of the recent advances Tenable has made with active and passive detection of SCADA and ICS devices on networks. There has been a dramatic increase in devices and applications that control power, industrial processes, and even our homes. With almost 600 public SCADA vulnerabilities, 214 of them disclosed in 2012, Tenable has kept pace with these advances by developing new forms of detection for Nessus and the Passive Vulnerability Scanner.

New SCADA Plugins for Nessus and Tenable PVS

by Paul Asadoorian on January 31, 2012

Assessing the security of SCADA devices has always been a challenging task. SCADA devices are used in several critical infrastructure industries, including power plants, manufacturing, chemical processing, and nuclear reactors. Thus, the high availability and security of these devices are of the utmost importance. The challenge lies in assessing the security of SCADA devices without causing any adverse effects. The special purpose-built systems often operate within a limited scope and use protocols that are specific to the tasks being performed, such as Modbus, OPC, and DNP3. In 2006, Tenable Network Security released the first Nessus® vulnerability scanner and Tenable Passive Vulnerability Scanner (PVS) SCADA plugins (you can read the original release notes for PVS in a post titled " SCADA Network Monitoring " and the original release for Nessus titled " SCADA Checks For Nessus 3 "). In April 2011, a new round of SCADA plugins were released for Nessus (covering devices from Movicon, 7-Technologies, and more). Tenable is now pleased to announce the availability of additional SCADA plugins for Nessus ProfessionalFeed, Tenable SecurityCenter, and PVS users. Tenable's research team worked alongside SCADA experts from Digital Bond to test and identify a wide variety of common SCADA devices. The plugins were announced at Digital Bond’s S4 Conference on SCADA security held on January 19, 2012. Note: Digital Bond’s Dale Peterson joined us on the Tenable Network Security podcast episode 110 and spoke about the new plugins and SCADA security. Below is a sample of some of the new SCADA plugins:

Project Bandolier Update - Alpha Audit Files Available

by Ron Gula on July 18, 2008

Previously, I've blogged about Digital Bond 's effort (project Bandolier ) to produce Nessus audit polices for a wide variety of control system devices and applications. Digital Bond recently published alpha releases of audit files for Siemens Spectrum Power and Televent OASyS DNA systems. These audit polices are available to Digital Bond Site Subscription users and work with the Nessus Direct Feed or ProfessionalFeeds. Below is a screen shot of example results against an audit of an OASyS DNA system: For more information on project Bandolier and other control system security information,...

Control System Security -- Project Bandolier

by Ron Gula on June 12, 2008

Digital Bond has recently announced control system configuration audit policies that are being developed for the Nessus vulnerability scanner. These policies can be used to audit operating systems running a variety of control system applications and components. The initial list includes: Telvent OASyS DNA Realtime Server (7.5) - Windows Server 2003 Telvent OASyS DNA Historian (7.5) - Windows Server 2003 Telvent OASyS DNA XOS (7.5) - Windows XP Telvent OASys DNA Engineering Station (7.5) - Windows Server 2003 Siemens Spectrum Power TG SCADA Host (8.2) - Red Hat Linux Siemens Spectrum Power TG...

Digital Bond OPC Hardening Guide

by Ron Gula on September 21, 2007

If you are using Nessus to audit a control system network, Digital Bond has recently released a set of guidelines (part 1 , 2 and 3 ) for securing OPC servers. These guidelines include three Nessus configuration audit policies (for use with Direct Feed subscriptions) to test OPC servers running under Windows XP Pro, Windows 2000 and Windows 2003. The guidelines and audit files are available to Digital Bond content subscribers . OPC stands for "Object-linking and embedding for Process Control". This is a set of Microsoft technologies which leverages OLE, DCOM and COM for use in automation and...