Feeds

NIST wants better SCADA security

Preparing the way for a test lab

Choosing a cloud hosting partner with confidence

America's National Institute of Standards and Technology (NIST) wants to take a hand in addressing the SCADA industry's chronic insecurity, by building a test bed for industrial control systems.

The Reconfigurable Industrial Control Systems Cybersecurity Testbed is only in its earliest stages. According to this RFI, the organisation first wants to conduct research that will let it lay out the specs for the testbed.

“The goal of this system is to measure the performance of industrial control systems when instrumented with cyber-security protections in accordance with best practices prescribed by national and international standards and guidelines,” the RFI states.

Industrial automation a big driver of Internet of Things spending, running well ahead of their security.

As SCADA (supervisory control and data acquisition) systems have hit the Internet, their poor security has become clear. Everything from traffic management systems to power stations and airports, to pretty much everything (for a given definition of “everything”) is up for grabs, with the famous Shodan search engine lending a helping hand to find vulnerable systems.

NIST says its testbed will run a variety of industrial control scenarios, starting with simulating a chemical process called the Tennessee-Eastman problem.

“The TE problem is an ideal candidate for cyber-security investigation because it is an open-loop unstable process that requires closed-loop supervision to maintain process stability and optimize operating costs,” the RFI says. ®

Remote control for virtualized desktops

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
New hybrid storage solutions
Tackling data challenges through emerging hybrid storage solutions that enable optimum database performance whilst managing costs and increasingly large data stores.
Website security in corporate America
Find out how you rank among other IT managers testing your website's vulnerabilities.