The Open Information Security Foundation

EnergySec and the OISF announce new SCADA Research!

Print
PDF

Lafayette, Indiana - August 29, 2011 - The Energy Sector Security Consortium (EnergySec)  and the Open Information Security Foundation (OISF) are working together to make SCADA safer by funding upgrades and improvements to the Digital Bond Quickdraw SCADA Preprocessors for Snort and Suricata.  Snort and Suricata are open source network intrusion prevention and detection systems (IDS/IPS).  This work is funded through the National Electric Sector Cybersecurity Organization (NESCO), an EnergySec program partially funded by the Department of Energy.

 

“It's great to see EnergySec and OISF take on this project. The updates have been requested by many owner/operators. There are opportunities to enhance the attack detection capabilities in the current preprocessors and similar modules are urgently needed for other control system protocols,” said Dale Peterson, CEO of Digital Bond, Inc.

 

These SCADA protocol preprocessors will be updated to work with the latest version of Snort, and adapted for integration with Suricata, the next-generation IDS engine.  The enhancement of intrusion detection capabilities for communication protocols used by systems such as SCADA protocol preprocessors is big step toward helping the owners and operators improve their security posture.

 

"We look forward to working with EnergySec to provide this important functionality," Matt Jonkman, OISF President said.  "This effort will significantly enhance Suricata and Snort's ability to protect SCADA systems deployed within critical infrastructure environments."

 

"This is an important and relevant activity," added Steven Parker, Vice President, Technical Research and Projects for EnergySec. “The NESCO program is focused on encouraging and helping the development of improvements in cybersecurity that will directly benefit the North American power grid. This project will help do just that.” 

 

Learn more in person about the proposed method, protocols to be covered, and technical hurdles at the next OISF Brainstorming meeting at the RAID Symposium, September 19, 2011. Your input is necessary! Register below to attend or listen in:

http://conta.cc/oisfraid2011

 

About EnergySec

 

The Energy Sector Security Consortium is a private forum of information security, physical security, audit, disaster recovery and business continuity professionals from energy industry asset owners. Participation is national, including all regions through North America, with members from most states and provinces. In addition to its primary website, the group hosts a secure information exchange portal and meets on a regular basis to discuss current security issues, events, tactics and strategies relevant to the energy sector. EnergySec is incorporated as a non-profit organization and is a registered 501(c)(3) public charity. http://www.energysec.org

 

About OISF

 

The Open Information Security Foundation (OISF) is a non-profit foundation organized to build a next generation IDS/IPS engine.  The OISF has formed a multi-national group of the leading developers and manufacturers in the security industry to build an open and leading edge IDS/IPS tool. Funding for the OISF comes from the US Department of Homeland Security (DHS) and a number of private companies that form the OISF Consortium. The OISF is a non-profit organization and is a registered 501(c)(3) public charity.  http://www.openinfosecfoundation.org

 

About NESCO

 

The National Electric Sector Cybersecurity Organization (NESCO) is the first public-private partnership of its kind in the electric sector. NESCO serves as a focal point bringing together utilities, federal agencies, regulators, researchers and academics. This group, along with domestic and international experts, developers, and users helps to focus cybersecurity research and development priorities, to identify and disseminate effective common practices, and organize the collection, analysis and dissemination of infrastructure vulnerabilities and threats. NESCO works to identify and support efforts to enhance cybersecurity of the electric infrastructure. This program is being partially funded by the Department of Energy. http://www.energysec.org/nesco

 

Media Contacts

Stacy Bresler, Vice President of Vendor and Industry Outreach, EnergySec,503-789-5515

 

Matthew Jonkman, President, Open Information Security Foundation (OISF), 866-504-2523 x110


Attend the OISF Brainstorming Session! In Person or Remotely!

Print
PDF
Don't forget to register for the OISF Brainstorming Meeting at RAID 2011 in Menlo Park California on the beautiful SRI Campus. September 19, 2011. Lunch at noon, session starts at 1pm and goes till 5 or later.
 
We've set up a conference line to allow folks to attend and participate remotely. Dial in information will be sent directly when you register. This will allow us to make sure the line has the required capacity.
 
 
We will try a Google+ hangout as well on the day of, we'll post a link here and to the lists the day of the event.  
 
If you've never attended an OISF Brainstorming Session expect to be challenged, and expect to participate. We outline where we are, how the development roadmap looks, and then we throw everything up for discussion. We go through lists of other ideas submitted and suggested, debate the value and technical challenges, and at the end of the day we've rewritten and reprioritized our development roadmap. 
 
This is your chance to REALLY get a say in where your IDS engine should go!
 
If you're attending RAID this is a must see session! We are on the afternoon prior to the main conference in the same facility. 


We look forward to seeing you!
 

Register for the OISF Brainstorming Session at RAID 2011 in San Francisco

Print
PDF
Attend the OISF Brainstorming Meeting at RAID 2011 in Menlo Park California on the beautiful SRI Campus. September 19, 2011. Lunch at noon, session starts at 1pm and goes till 5 or later.
 
If you've never attended an OISF Brainstorming Session expect to be challenged, and expect to participate. We outline where we are, how the development roadmap looks, and then we throw everything up for discussion. We go through lists of other ideas submitted and suggested, debate the value and technical challenges, and at the end of the day we've rewritten and reprioritized our development roadmap. 
 
This is your chance to REALLY get a say in where your IDS engine should go!
 
If you're attending RAID this is a must see session! We are on the afternoon prior to the main conference in the same facility. We look forward to seeing you!
 
Free Lunch!
 
*************** Please Register! ***************
 
A few sponsorship opportunities are still available. Please contact This e-mail address is being protected from spambots. You need JavaScript enabled to view it for information!
 

Catch the OISF at Mil-OSS

Print
PDF
If you've not attended a Mil-OSS Conference you want to, we guarantee it! Whether you're military related or not, this is a spectacular conference to catch up on what's new in open source!

The OISF will be there to update on the state of Suricata, where we're going and what we've got done. As always it'll be a place to air new ideas and new potential features.
 
August 30th through September 1st in Atlanta Georgia.
 
We hope to see you there!!
 

OISF Brainstorming Session at RAID 2011 in San Francisco

Print
PDF

We have the next OISF Brainstorming session scheduled to happen at RAID 2011! More information on the conference here:

http://www.raid2011.org/

The Brainstorming session will be held the day prior or after the Conference likely, we will announce details once logistics are worked out. Our gratitude to SRI International for hosting the session! 

There will be a great panel as well, Victor Julien of Suricata fame, Seth Hall from Bro, and Martin Roesch of Snort fame will discuss the Future of Open Source IDS. It'll be a great discussion!

September 20-21 at SRI in Menlo Park California, just outside San Francisco. We hope to see you there!

 

 

More Articles...