Lafayette, Indiana – August 29, 2011
The Energy Sector Security Consortium (EnergySec) and the Open Information Security Foundation (OISF) are working together to make SCADA safer by funding upgrades and improvements to the Digital Bond Quickdraw SCADA Preprocessors for Snort and Suricata. Snort and Suricata are open source network intrusion prevention and detection systems (IDS/IPS). This work is funded through the National Electric Sector Cybersecurity Organization (NESCO), an EnergySec program partially funded by the Department of Energy.
“It’s great to see EnergySec and OISF take on this project. The updates have been requested by many owner/operators. There are opportunities to enhance the attack detection capabilities in the current preprocessors and similar modules are urgently needed for other control system protocols,” said Dale Peterson, CEO of Digital Bond, Inc.
These SCADA protocol preprocessors will be updated to work with the latest version of Snort, and adapted for integration with Suricata, the next-generation IDS engine. The enhancement of intrusion detection capabilities for communication protocols used by systems such as SCADA protocol preprocessors is big step toward helping the owners and operators improve their security posture.
“We look forward to working with EnergySec to provide this important functionality,” Matt Jonkman, OISF President said. “This effort will significantly enhance Suricata and Snort’s ability to protect SCADA systems deployed within critical infrastructure environments.”
“This is an important and relevant activity,” added Steven Parker, Vice President, Technical Research and Projects for EnergySec. “The NESCO program is focused on encouraging and helping the development of improvements in cybersecurity that will directly benefit the North American power grid. This project will help do just that.”
Learn more in person about the proposed method, protocols to be covered, and technical hurdles at the next OISF Brainstorming meeting at the RAID Symposium, September 19, 2011. Your input is necessary! Register below to attend or listen in:
The Energy Sector Security Consortium is a private forum of information security, physical security, audit, disaster recovery and business continuity professionals from energy industry asset owners. Participation is national, including all regions through North America, with members from most states and provinces. In addition to its primary website, the group hosts a secure information exchange portal and meets on a regular basis to discuss current security issues, events, tactics and strategies relevant to the energy sector. EnergySec is incorporated as a non-profit organization and is a registered 501(c)(3) public charity. http://www.energysec.org
The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine. The OISF has formed a multi-national group of the leading developers and manufacturers in the security industry to build an open and leading edge IDS/IPS tool. Funding for the OISF comes from the US Department of Homeland Security (DHS) and a number of private companies that form the OISF Consortium. The OISF is a non-profit organization and is a registered 501(c)(3) public charity. http://www.openinfosecfoundation.org
The National Electric Sector Cybersecurity Organization (NESCO) is the first public-private partnership of its kind in the electric sector. NESCO serves as a focal point bringing together utilities, federal agencies, regulators, researchers and academics. This group, along with domestic and international experts, developers, and users helps to focus cybersecurity research and development priorities, to identify and disseminate effective common practices, and organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats. NESCO works to identify and support efforts to enhance cybersecurity of the electric infrastructure. This program is being partially funded by the Department of Energy. http://www.us-nesco.org
Stacy Bresler, Vice President of Vendor and Industry Outreach, EnergySec,503-789-5515
Matthew Jonkman, President, Open Information Security Foundation (OISF), 866-504-2523 x110