Starting Down the SCADA Rabbit Hole

A week or so ago, a tweet by Chris Sistrunk piqued my interest. It made me realize that while SCADA is a pretty important technology, I didn't really have much of an understanding of what went into it, or more importantly, what some of the security challenges that SCADA faces are. So I reached out to Chris and one of the other crazy smart dudes that I know who know SCADA: James Arlen.

Between the two of them, I've got a pretty good little starting point for research. The information isn't all in one place, but that's part of the fun. I've decided to pull together the info that they passed over in case others wanted a quick starting point.

First up, James' talk from Defcon 18.

DEF CON 18 - SCADA and ICS for Security Experts: Avoiding Cyberdouchery from James Arlen

I found that talk was a really great summation of some of the definitions and challenges. For more definition type stuff, the SCADA Wikipedia page is actually really quite useful, especially the references.

Additionally, there's a ton of great content on blogs and mailing lists. Some of the ones that were pointed out to me were the SCADASEC Mailing List, EnergySec, Control Engineering Magazine, and Digital Bond. I'll be honest, I haven't gotten a chance to even scratch the surface on most of these sites, but even a cursory glance showed me that there was lots of good info there.

There is also a huge SCADA security community on Twitter. I might finally create a Twitter list just to see what I can learn there, too. When I mentioned that I was looking into SCADA stuff on Twitter, @recrudesce pointed me at SamuraiSTFU, which looks like an awesome tool.

Now I'm not going to pretend that this is a comprehensive list of places to learn, but this is the jumping off point that I'm using to kickstart my knowledge of SCADA. Hopefully these links help other folks. And if anyone has any more recommendations, hit me up on Twitter.