• Skip to main content
  • Skip to primary sidebar

Spitzer and Boyes, LLC

Technical Services And Strategic Consulting For Technology Companies

  • Home
  • Services
    • For Suppliers, Manufacturers, And Representatives
    • For End-User Companies And OEMs
    • For Foreign Companies
    • For Lawyers
  • Products
  • Seminars
  • Downloads
  • Clients
  • About

From the OOPS Department…and a darn good idea

July 5, 2005 by Walt Boyes

Security expert Eric Byres sets the record straight (see the blog entry for 6/28/2005):
“Actually, it is me who needs to apologize. Honeywell (and you in turn) had me quoted correctly. Honeywell and I had quite a few quotes going back and forth prior to the HUG and I forgot I even said this one. However looking back on my notes I definitely did say to Honeywell, “The C300 and Control Firewall is the most secure control device combination that BCIT has tested to date. It is the only system that we were unable to disable in some manner.” Obviously I need to keep track my quotes better .
“But either way, I think you hit the nail on the head. Vendors do need to start testing their systems for their communications security and robustness. I’m sure some already do good testing, but it appears that most of the units we have checked out have seen little security testing before we got to them.
“Even on this I don’t fault the vendors – proper security testing is a whole new field and all of us are still finding our way through the mine field. However the world is moving forward in this area and the need for well engineered security test strategies is a reality. It doesn’t matter if vendors use the BCIT Achilles tool or another tool – they just need to be clear that they have done the testing and exactly how they did the tests. In the long run my dream is that we can have IEC, IEEE or ISA defined test standards for security, just like we do for every other safety-critical factor. That way customers will be able to compare apples to apples when it comes to the security and reliability of their PLC, DCS or SCADA system components.”

Filed Under: Walt Boyes' Blog

Primary Sidebar


Contact Us Using the Form Below or by Phone at:

  • +1.845.623.1830 (NY)
  • +1.630.639.7090 (WA)
  • +55 (21) 3958.1283 (Brasil)

Subscribe to David W Spitzer’s E-Zine and the Industrial Automation INSIDER

  • This field is for validation purposes and should be left unchanged.

Spitzer and Boyes is a proud member of the Measurement, Control and Automation Association

Follow Us on Social Media

  • LinkedIn
  • Twitter
  • YouTube

Copyright © 2023 · Magazine Pro on Genesis Framework · WordPress · Log in