Home > Critical Infrastructure Security, SCADA Security, SMART GRID > Security Audit and Attack Detection Toolkit

Security Audit and Attack Detection Toolkit

Department of Energy (DOE) is funding a project known as the (Cyber Security Audit and Attack Detection Toolkit) along with security companies like Digital Bond,tenable security and others, with the aim of releasing SCADA audit templates to be used with security scanners like Nessus, NetIQ and many others ( The templates are issued in OVAL format) see below. to compare security settings in the operating system and applications, including control system applications, to an optimal security configuration developed by the control system vendors like Areva and Emerson, participating companies and asset owners. The audit files will be made available as a paid subscription service.

– Comments:

1. I really think that the audit files “that can check your systems compatibility to NERC for instance” should be open source, free and available to the public. Specially that its a government funded program, at least available to researchers and SMEs who can add, review ,contribute and validate the compatibility checks. I believe this makes more sense than making the actual vulnerabilities and exploits available “check my previous post on nessus and Core Impact” to amateurs. on the other hand The project has a second phase and it includes releasing a tool to aggregate security events from a variety of data sources on the control system network and then correlates the security events to identify cyber attacks. I can see and understand that this is an extra mile and can be a paid service.

2. Using OVAL “Open Source” as the Audit files format is a wise choice, see the list of applicable/compatible products HERE

3. The project is a good indication that vendors are starting to be more involved in cleaning the mess.

More on the project / A fact Sheet ( Cyber Security Audit and Attack Detection Toolkit )

You can see below a list of the currently available Audit files (Source – SCADApedia)

List of Audit files

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: