Home -> Library

Library of Resources for
Industrial Control System Cyber Security

= New/Updated Content Q1-2014
= New/Updated Content Q3-2014

ICS Vulnerabilities

Incident Response Summary Report - 2009-2011 ICS-CERT pdf
Common Control System Vulnerabilities (2005) DHS pdf
Common Cybersecurity Vulnerabilities Observed in ICS (2009) DHS pdf
Common Cybersecurity Vulnerabilities in ICS (2011) DHS pdf
Common Cybersecurity Vulnerabilities Observed in Control Systems (2008) DoE pdf
Leveraging Ethernet Card Vulnerabilities in Field Devices DigitalBond pdf   
Hacking Embedded Devices   pdf   
Safety vs Security (2006) INL pdf
Caution: Malware Ahead - An analysis of emerging risks in automotive system security Wind River pdf   
Top 10 Vulnerabilities of Control Systems and their Mitigations (2007) NERC pdf
SCADA & PLC Vulnerabilities in Correctional Facilties   pdf   
     
    TOP

Standards

Cryptographic Protection of SCADA Communications - 12 Part1 AGA pdf
BSI-100-1 - Information Security Management Systems BSI pdf   
BSI-100-2 - IT-Grundschutz Methodology BSI pdf   
BSI-100-3 - Risk Analysis Based on IT-Grundschutz BSI pdf   
BSI-100-4 - Business Continuity Management BSI pdf   
Mapping Between the Requirements of ISO/27001:2005 and 27001:2013 BSI pdf   
Comparison of Oil and Gas Segment Cyber Security Standards DHS pdf
Chemical Facility Anti-Terrorism Standards (CFATS)   html
CFATS - Risk-based Performance Standard Guidance DHS pdf
Comparison of SCADA Security Standards IEEE pdf
A Comparison of Cross-Sector Cyber Security Standards INL pdf
ISA 99 / 62443 - Work Products - DRAFT Versions ISA html
Comparing ISO/27001:2005 to ISO/27001:2013 itGovernance pdf   
NERC - CIP (rev2) NERC pdf
NERC - CIP (rev3) NERC pdf
NERC - CIP (rev4) NERC pdf
NERC - CIP (rev5-draft) NERC pdf
NERC - Glossary of Terms NERC pdf   
SP800-18 - Guide for Developing Security Plans for Information Systems NIST pdf
SP800-30 (Rev 1) - Risk Management Guide for IT Systems NIST pdf   
SP800-30 (Rev 0) - Risk Management Guide for IT Systems NIST pdf
SP800-39 - Managing Information Security Risk NIST pdf   
SP800-40 - Creating a Patch and Vulnerability Management Program NIST pdf
SP800-41 - Guidelines on Firewalls and Firewall Policies NIST pdf
SP800-42D - Guideline on Network Security Testing NIST pdf
SP800-48R1 - Guide to Securing Legacy 802.11 Wireless Networks NIST pdf
SP800-50 - Building an Information Technology Security Awareness and Training Program NIST pdf
SP800-53 (Rev 4) - Document Summary NIST pdf   
SP800-53 (Rev 4) - Security and Privacy Controls for Federal Information Systems and Organizations NIST pdf   
SP800-53 (Rev 4) - Security and Privacy Controls for Federal Information Systems and Organizations NIST docx
SP800-53 Controls Catalog NIST xml   
SP800-53 - R3 to R4 Appendix Table D-2 Markup NIST pdf
SP800-53 - R3 to R4 Appendix F Markup NIST pdf
SP800-53 - R3 to R4 Appendix G Markup NIST pdf
SP800-53 (Rev 3) - (deprecated) Recommended Security Controls for Information Systems (incl ICS) NIST pdf
SP800-53A - Guide for Assessing Security Controls in Information Systems NIST pdf
SP800-53A (Rev 4) - Guide for Assessing Security Controls in Information Systems DRAFT NIST pdf   
SP800-61 - Computer Security Incident Handling Guide NIST pdf
SP800-82 (Rev 1) - Guide to Industrial Control Systems Security NIST pdf
SP800-82 - (deprecated) Guide to Industrial Control Systems Security NIST pdf
SP800-94 - Guide to Intrusion Detection and Prevention Systems NIST pdf
SP800-97 - Establishing Wireless Robust Security Networks NIST pdf
SP800-115 - Technical Guide to Information Security Testing and Assessment NIST pdf
SP800-120 - Recommendation for EAP Methods Used in Wireless Network Access Authentication NIST pdf
SP800-127 - Guide to Securing WiMAX Wireless Communications NIST pdf
NIST - System Protection Profile Industrial Control Systems NIST pdf
Regulatory Guide 5.71 - Cyber Security Programs for Nuclear Facilities NRC pdf   
National (Qatar) ICS Security Standard QCERT pdf
Process Control Domain Security Requirements for Vendors WIB pdf
     
MAPPINGS BETWEEN STANDARDS    
Mapping between NIST 800-53 and ISO/IEC 27001 NIST pdf
Mapping between DHS Catalog of Control Systems Security and Various Standards DHS pdf
Mapping between NISTIR-7628 (Smnart Grid) and SP800-53, DHS, and NERC-CIP-2 NIST pdf
     
    TOP

ACHILLES COMMUNICATIONS CERTIFICATION    
Achilles Certification Level 1 Requirements - Embedded Device Wurldtech pdf   
Achilles Certification Level 1 Requirements - Gateway (Network Device) Wurldtech pdf   
Achilles Certification Level 1 Requirements - Host Based Device Wurldtech pdf   
Achilles Certification Level 2 Requirements - Embedded Device Wurldtech pdf   
Achilles Certified Products   html 
     
ISA SECURITY COMPLIANCE INSTITUTE
EMBEDDED DEVICE SECURITY ASSURANCE (EDSA)
ASCI Policies and Procedures ASCI pdf   
EDSA Certification Scheme Description    
EDSA-100 - ISASecure Certification Scheme ASCI pdf   
EDSA-102 - Errata for EDSA Specifications ASCI pdf   
Lab Accreditation Requirements & Tool Recognition Requirements    
EDSA-200 - EDSA Chartered Laboratory Operations and Accreditation ASCI pdf   
EDSA-201 - Recognition Process for CRT Tools ASCI pdf   
EDSA-202 - Chartered Lab Application and Contract ASCI pdf   
EDSA-204 - Use of Symbol and Certificates ASCI pdf   
ASCI Chartered Test Lab 2009 Approval Process ASCI pdf   
ISASecure Transition to ISO/IEC 17065 ASCI pdf   
Initial Certification & Maintenance of Certification Policies & Criteria    
EDSA-300 - ISASecure Certification Requirements ASCI pdf   
EDSA-301 - Maintenance of ISASecure Certification ASCI pdf   
Certification Requirements Specifications    
EDSA-310 - Common Robustness Test Specification ASCI pdf   
EDSA-311 - Functional Security Assessment ASCI pdf   
EDSA-312 - Common Reqts for Comm Robustness Testing of IP-based Protocol Implementations ASCI pdf   
CRT Test Requirements for Protocols in EDSA Certification    
EDSA-401 - Common Ethernet Protocol Robustness ASCI pdf   
EDSA-402 - ARP Protocol over IPv4 Robustness ASCI pdf   
EDSA-403 - IPv4 Network Protocol Robustness ASCI pdf   
EDSA-404 - ICMPv4 Network Protocol Robustness ASCI pdf   
EDSA-405 - UDP Transport Protocol over IPv4 or IPv6 Robustness ASCI pdf   
EDSA-406 - TCP Transport Protocol over IPv4 or IPv6 Robustness ASCI pdf   
     
ISASecure Embedded Device Security Assurance Certification - March-2010.pdf ASCI pdf   
ISASecure Certified Device List   html 
     
ISA SECURITY COMPLIANCE INSTITUTE
SYSTEM SECURITY ASSURANCE (SSA)
SSA Certification Scheme Description    
SSA-100 - ISASecure Certification Scheme ASCI pdf   
SDLA Certification Specification    
SDLA-100 - ISASecure Certification Scheme ASCI pdf   
SSA Lab Acreditation Requirements    
SSA-200 - Chartered Lab Operations and Accreditation ASCI pdf   
SSA-204 - Use of Symbols and Certificates ASCI pdf   
ASCI Chartered Test Lab 2009 Approval Process ASCI pdf   
ISASecure Transition to ISO/IEC 17065 ASCI pdf   
Initial Certification & Maintenance of Certification Policies & Criteria    
SSA-300 - ISASecure Certification Requirements ASCI pdf   
SSA-301 - Maintainence of ISASecure Certification ASCI pdf   
SSA Certification Requirements    
SSA-310 - Requirements for System Robustnest Testing (SRT) ASCI pdf   
SSA-311 - Functional Security Assessment for Systems (FSA-S) ASCI pdf   
SSA-312 - Security Development Artifacts for Systems (SDA-S) ASCI pdf   
SDLA-312 - Security Development Lifecycle Assessment (SDLA) ASCI pdf   
SSA-420 - Vulnerability Identification Test (VIT) Policy Specification ASCI pdf   
     
ISA SECURITY COMPLIANCE INSTITUTE
SECURITY DEVELOPMENT LIFECYCLE ASSURANCE (SDLA)
SDLA Certification Specification    
SLDA-100 - ISASecure Certification Scheme ASCI pdf   
Accreditation Documents    
SDLA-200 - Chartered Lab Operations and Accreditation ASCI pdf   
SDLA-204 - Use of Symbols and Certificates ASCI pdf   
Technical Specifications    
SDLA-300 - ISASecure Certification Requriements ASCI pdf   
SDLA-312 - Security Development Lifecycle Assessment ASCI pdf   
     
    TOP

Best Practices

Strategies to Mitigate Targeted Cyber Intrusions Au DSD pdf   
Top 4 Strategies to Mitigate Targeted Cyber Intrusions (Nov. 2012) Au DSD pdf   
Top 35 Strategies to Mitigate Targeted Cyber Intrusions (Oct. 2012) Au DSD pdf   
Cybersecurity Reference Model CIDX pdf   
Guidance for Addressing Cybersecurity in the Chemical Sector CIDX pdf   
Configuring and Managing Remote Access for Industrial Control Systems CPNI pdf   
Good Practice Guide - Process Control and SCADA Security CPNI pdf   
Good Practice Guide - Understand the Business Risk CPNI pdf   
Good Practice Guide - Implement Secure Architecture CPNI pdf   
Good Practice Guide - Establish Response Capabilities CPNI pdf   
Good Practice Guide - Improve Awareness and Skills CPNI pdf   
Good Practice Guide - Manage Third Party Risk CPNI pdf   
Good Practice Guide - Engage Projects CPNI pdf   
Good Practice Guide - Establish Ongoing Governance CPNI pdf   
Configuring and Managing Remote Access for Industrial Control Systems CPNI pdf   
Catalog of Control Systems Security DHS pdf
Cyber Security Framework and Technical Metrics DHS pdf
Cyber Security Procurement Language for ICS DHS pdf
Defense in Depth Strategies DHS pdf
Developing a Cybersecurity Incident Response Capability DHS pdf
Recommended Practice for Patch Management DHS pdf
Remote Access for ICS DHS pdf
Securing SCADA and Industrial Control Systems DHS pdf
Steps to Improve Cyber Security of SCADA Networks DoE pdf
Good Practice Guide for CERTs in the Area of Industrial Control Systems ENISA pdf   
Good Practices for an EU ICS Testing Coordination Capability ENISA pdf   
Cybersecurity Lifecycle Poster - Ver 1.19 - 01-2013 Exida pdf   
Cyber Security eGuide r1 Belden pdf
Handbook for Network Security - DRAFT RFC 0.4 IAONA pdf
7 Best Practices for Automation System Cyber Security & Compliance Ind Def pdf   
SANS 20 and ICS Considerations Ind Def pdf   
Using Operational Security to Support Cyber Security Culture INL pdf
Securing WLANs using 802.11i LLNL pdf
Implementing the Top 35 Mitigation Strategies on Windows Platform Microsoft pdf   
Guide to Increased Security in Industrial Control Systems MSB pdf   
Good Practice Guide on Firewall Deployment for Control Systems NISCC pdf
Secure Remote Access Reference NIST pdf
NISTIR-7628 - Guidelines for Smart Grid Cyber Security - Introduction NIST pdf
NISTIR-7628 - Guidelines for Smart Grid Cyber Security - Vol. 1 NIST pdf
NISTIR-7628 - Guidelines for Smart Grid Cyber Security - Vol. 2 NIST pdf
NISTIR-7628 - Guidelines for Smart Grid Cyber Security - Vol. 3 NIST pdf
Cisco Security Switch Configuration Guide NSA pdf
Mapping of NERC-CIP Ver 3-5 to 20 Critical Security Controls CoCS pdf   
Mapping of NERC-CIP Ver 3-5 to 20 Critical Security Controls CoCS xls    
Top 20 Critical Security Controls - Ver 5.0 CoCS pdf   
Top 20 Critical Security Controls - Ver 4.0 poster CoCS pdf   
Top 20 Critical Security Controls - Ver 4.0 - 11-2012 SANS pdf   
Top 20 Critical Security Controls - Ver 3.1 - 11-2011 SANS pdf
Top 20 Critical Security Controls - Ver 3.1 poster SANS pdf
Top 20 Critical Security Controls - Ver 3.1 - 08-2011 SANS pdf   
Top 20 Critical Security Controls - Ver 2.3 - 11-2009 SANS pdf   
A Brief History of the 20 Critical Secuirty Controls SANS html 
Designing a DMZ SANS pdf
Industrial Control System Security Resources - poster SANS pdf   
     
    TOP

White Papers & Articles

Windows XP End-of-Life Handbook for Upgrade Latecomers Bit9 pdf   
Security and Prosperity in the Information Age (Vol 1 | Vol 2) CNAS pdf   
Understanding Distributed-Denial-of-Service (DDoS) Attacks DHS pdf   
Magic Quadrant for Security Information and Event Management Gartner pdf   
Cyber Security Posters Honeywell pdf   
Secure Remote Access to Process Control Systems Honeywell pdf   
Cyber Wars by Byres Staggs Hydrocarbon
Engineering
pdf   
Bound to Fail: Why Cyb er Security Risk Cannot Simply Be "Managed" Away Langner pdf   
Mitigating Pass-the-Hash and other Credential Theft Attacks Microsoft pdf   
Exploit Evasion Defenses Analysis NSS Labs pdf   
Exploit Protection Analysis NSS Labs pdf   
Convergence in Automation System Protection (Executive Summary) Pikes Res pdf   
Defending Yesterday (all sectors) PWC pdf   
Categorizing Threats - Building and Using a Threat Matrix SNL pdf   
Protecting Control Networks Sourcefire pdf   
SCADA and CIP Security in a Post Stuxnet World Tofino pdf   
7 Steps to ICS and SCADA Security Tofino pdf
Understanding Deep Packet Inspection for SCADA Security Tofino pdf   
     
    TOP

Assessment Guidance

Security Vulnerability Assessments API pdf
Cyber Security Assessments of Industrial Control Systems (Good Practice Guide) CPNI pdf   
Cyber Security Assessments of Industrial Control Systems (Viewpoint) CPNI pdf   
Cyber Security Assessments of Industrial Control Systems DHS pdf
Cyber Assessments Methods for SCADA ISA pdf
Guideline on Network Security Testing NIST pdf
Framework for Assessing and Improving Security Posture of ICS NSA pdf
Open Source Security Testing Methodology Manual v3.0   pdf
     
    TOP

Assessment Tools

Cyber Security Evaluation Tool (CSET) - Fact Sheet pdf
CSET Sample Project (CSET v4) orxml
CSET Sample Project (CSET v6) cset 
CSET Sample Output - Detailed Report pdf
CSET Sample Output - Executive Summary pdf
CSET Sample Output - Security Plan Report pdf
CSET Sample Output - Site Summary Report pdf
Nessus SCADA Plugins html
Nessus and NERC CIP Compliance html 
DigitalBond - Nessus SCADA Toolkit html 
Digital Bond - Bandolier Audit Files for Nessus html
Auditing SCADA and Control System Networks (Tenable) html
Compliance Auditing with Microsoft PowerShell (Tenable) html
Nessus Blog - SCADA (Tenable) html
   
  TOP

ICS Cyber Event Reference

Analysis of Siemens Malware Attacks v3.1 Tofino pdf
sKyWIper (Flame/Flamer) - A Complex Malware for Targeted Attacks CrySys pdf   
How Stuxnet Spreads v1.0   pdf
ICS-CERT Incident Response Summary (2009-2011) DHS pdf
Targeted Cyber Intrusion Detection and Mitigation Strategies (ICS-TIP-12-146-01A) DHS pdf   
Havex Hunts for ICS/SCADA Systems F-Secure pdf   
Energetic Bear - Crouching Yeti (Report | Appendices) Kaspersky pdf   
Mandiant APT1 Report - Exposing One of China's Cyber Espionage Units Mandiant pdf   
Mandiant APT1 Report Appendices Mandiant zip   
Night Dragon - Global Energy Cyberattacks McAfee pdf
Stuxnet 0.5 - The Missing Link v1.0 Symantec pdf   
Stuxnet Dossier v1.4 | v1.3 Symantec pdf
Stuxnet Under the Microscope v1.31 | v1.1 ESET pdf
Stuxnet Worm and Options for Remediation Ind Def pdf
Dragonfly Symantec pdf   
Targeted Attacks Against the Energy Sector Symantec pdf   
The Elderwood Project Symantec pdf   
The Downadup Codex v2.0 Symantec pdf   
W32.Duqu v1.3 | v1.2 | v1.0 Symantec pdf
W32.Duqu Threat Analysis McAfee pdf
OpenSSL - How Does It Affect You Tenable pdf   
     
    TOP

Threat Intelligence

IT Security Situation in Germany in 2011 BSI pdf    
IT Security Situation in Germany in 2009 BSI pdf    
Threat Catalogue for Elementary Threats BSI pdf    
Cyber Crime and Security Survey Report 2013 CERTAu pdf    
Cyber Crime and Security Survey Report 2013 CERTAu doc   
Cyber Crime and Security Survey Report 2012 CERTAu pdf    
Cyber Crime and Security Survey Report 2012 CERTAu doc   
Global Threat Report CrowdStrike pdf    
Computer Crime and Security Survey 2010 CSI pdf    
Computer Crime and Security Survey 2009 CSI pdf    
Sector Resilience Report: Electric Power Delivery - June 2014 DHS pdf    
Advanced Threat Report - 2012 (1H | 2H) FireEye pdf    
Definitive Guide to Next-Generation Threat Protection FireEye pdf    
ICS2 Global Information Security Workforce Study (2013) Frost-Sullivan pdf    
BYOD and Mobile Security 2014 InfoSec pdf    
Cybercrime Exposed: Cybercrime as a Service McAfee pdf    
McAfee Global Threat Intelligence McAfee pdf    
Reputation - The Foundation of Effective Threat Protection McAfee pdf    
State of Security (March 2012) McAfee pdf    
Threat Predictions 2014 McAfee pdf    
Threat Predicdtions 2013 McAfee pdf    
Threat Report 2013 (Q1 | Q2 | Q3 | Q4) McAfee pdf    
Threat Predictions 2012 McAfee pdf    
Threat Report 2012 (Q1 | Q2 | Q3 | Q4) McAfee pdf    
Cyber Supply Chain Risk Management Microsoft pdf    
Security Intelligence Report 2013 (1H ) Microsoft pdf    
Security Intelligence Report 2012 (1H | 2H) Microsoft pdf    
Intelligence Report (Feb. 2013) Symantec pdf    
Internet Security Threat Report - 2012 Trends (Appendix) Symantec pdf    
Spear-Phishing - Email: Most Favored APT Attack Bait (2012) Trend Micro pdf    
Data Breach Investigations Report 2013 Verizon pdf    
Data Breach Investigations Report 2012 Verizon pdf    
     
    TOP

Open-Source Intelligence

Bugtraq (seclists.org) (2014 filter) html 
Computer Security Vulns html 
Exploit-DB html 
National Vulnerability Database (NIST) html 
Open-Source Vulnerability Database (SCADA search) html 
Rapid 7 (Metasploit) Vulnerabilities & Exploit Modules html 
Secunia html 
Security Focus (by Symantec) html 
   
  TOP

ICS Supplier Security Reference

Securing Industrial Control Systems: A Guide for Properly Securing ICS Operating in a Microsoft Windows Environment Wonderware (Schneider) pdf   
Achieving Secure, Remote Access to Plant-Floor Applications and Data Rockwell
Cisco
pdf   
Control System Security Updates Rockwell pdf   
Securing Manufacturing Computing and Controller Assets Rockwell
Cisco
pdf   
Security Concept for PCS7 and WinCC Siemens pdf   
     
SUPPLIER SECURITY WEBSITES / PORTALS / CERTS    
Cyber Security Alerts and Notifications ABB html 
Cyber Security Updates Invensys html 
Security Advisory Index (login required) Rockwell html 
Product Vulnerability and Security Advisories Schneider html 
ProductCERT Security Advisories Siemens html 
     
    TOP

Insider Threats

Common Sense Guide to Prevention and Detection of Insider Threats CERT pdf   
Insider Threat Control - Using a SIEM signature to detect potential precursors to IT Sabotage CERT pdf   
Insider Threat Control - Using Centralized Logging to Detect Data Exfiltration Near Insider Termination CERT pdf   
Insider Misuse of IT Systems CPNI pdf   
2010-2011 Computer Crime and Security Survey CSI pdf   
Cybersecurity Watch Survey 2011 Deloitte pdf   
Insider Threat Awareness Webinar DHS pdf   
Risks to US Critical Infrastructure from Insider Threat (23 Dec 2013) DHS pdf   
Insider Threats FBI pdf   
Insider Threat Examples by Sector   pdf   
Insider Threat to Criticail Infrastructure NIAC pdf   
Cost of Data Breach Study 2011 Ponemon pdf   
     
    TOP

Government

Directive 2008/114/EC - Identification of European Critical Infrastructures EU pdf   
European Programme for Critical Infrastructure Protection EU pdf   
Analysis of Critical Infrastructures Germany pdf   
CIP Implementation Plan of the National Plan for Information Infrastructure Protection Germany pdf   
Meridan Library of Global Regulatory Standards (hosted by Qatar CERT) Qatar html 
Strategic Framework and Policy Statement - Improving Resilience of Critical Infrastructure UK pdf   
Framework to Reduce Cyber Risks to Critical Infrastructure v1.0 USA pdf   
Executive Order - Improving Critical Infrastructure Cyber Security USA pdf   
Executive Order - Fact Sheet USA pdf   
PPD-21 - Critical Infrastructure Security and Resilience USA pdf   
PPD-21 - Fact Sheet USA pdf   
Challenges in Securing Control Systems (GAO) USA pdf
Cybersecurity for Critical Infrastructure Protection (GAO) USA pdf   
National Infrastructure Protection Plan USA pdf
NIPP - Sector-Specific Plan - Chemical USA pdf
NIPP - Sector-Specific Plan - Critical Manufacturing USA pdf
NIPP - Sector-Specific Plan - Energy USA pdf
NIPP - Sector-Specific Plan - Information Technology USA pdf
NIPP - Sector-Specific Plan - Transportation Systems USA pdf
NIPP - Sector-Specific Plan - Water USA pdf
     
    TOP

Roadmaps

Framework to Reduce Cyber Risks to Critical Infrastructure v1.0 pdf   
Cross Sector Roadmap for Cybersecurity of Control Systems pdf
Roadmap to Achieve Energy Delivery Systems Cybersecurity (current) pdf
Roadmap to Secure Control Systems in the Chemical Sector pdf
Roadmap to Secure Control Systems in the Energy Sector (outdated) pdf
Roadmap to Secure Control Systems in the Water Sector pdf
Securing ICS in the Chemical Sector pdf
Strategy for Securing Control Systems pdf
   
  TOP

Case Studies

Bellingham Pipeline Explosion (NTSB) pdf   
Deepwater Horizon Accident Investigation Report (Executive Summary) pdf   
Deepwater Horizon Accident Investigation Report (Full Report) pdf   
ABB SCADA EMS System INEEL Baseline Summary Test Report pdf
Backdoors and Holes in Network Perimeters pdf
Undirected Attached Against Critical Infrastructure pdf
   
  TOP

Security Considerations for OPC

Effective OPC Security for Control Systems Matrikon pdf
Hardening Guidelines for OPC Hosts Byres pdf
OPC Exposed Byres pdf
Understanding OPC Byres pdf
Securing Your OPC Classic Control Systems Tofino pdf
Security Implcations of OPC in Control Systems DHS pdf
     
    TOP

ICS Basics

SCADA Basics - NCS TIB 04-1 pdf
SCADA Basics - TM 5-601 pdf
PLC Programming Theory pdf
   
ICS SUPPLIER SYSTEM INFORMATION  
ABB System 800xA - System Guide Summary pdf   
ABB - Essentials of Safety Instrumented Systems pdf   
   
  TOP

ICS Protocols & Networks

INDUSTRIAL PROTOCOLS    
Introduction to Modbus TCP/IP Acromag pdf   
DNP3 User & Reference Manual Control Microsystems pdf   
DNP3 Overview Triangle Microworks pdf   
DNP3 Protocol Primer DNP Users Group pdf   
DNP3 Secure Authentication v5 2011-11-08   pdf   
Introduction to Modbus Serial and Modbus TCP Extension pdf   
System Comparison - The Five Major Technologies IE Facts pdf   
Optimize EtherNet/IP Journal pdf   
Guide to OPC Matrikon pdf   
Common Industrial Protocol (CIP) ODVA pdf   
ControlNet - CIP on CTDMA Technology ODVA pdf   
DeviceNet - CIP on CAN ODVA pdf   
EtherNet/IP - CIP on Ethernet Technology ODVA pdf   
Network Infrastructure for EtherNet/IP: Introduction and Considerations ODVA pdf   
Securing EtherNet/IP Networks ODVA pdf   
OPC Data Access - Custom Interface - Ver 2.05A OPCF pdf   
OPC Unified Architecture - Overview and Concepts - Ver 1.02 OPC pdf   
PROFINET Security Guideline PI pdf   
PROFINET System Description - Technology and Application PI pdf   
Top 10 Recommendations for Plantwide EtherNet/IP Deployments Rockwell
Cisco
pdf   
PROFIBUS and Modbus: A Comparison Siemens pdf   
Using DNP3 & IEC 60870-5 Communication Protocols in the Oil & Gas Industry Triangle Microworks pdf   
     
INDUSTRIAL NETWORKING    
Industrial Ethernet - A Control Engineers Guide Cisco pdf   
Industrial Networks: Wired & Wireless   pdf   
Field Wireless Networks ISA pdf   
Converged Plantwide Ethernet (CPwE) Design & Implementation Guide Rockwell
Cisco
pdf   
Ethernet Design Considerations for Control System Networks Rockwell pdf   
TCP/UDP Ports Used by Rockwell and Allen-Bradley Products Rockwell pdf   
Ethernet to the Factory Design and Implementation Guide v1.2 Rockwell
Cisco
pdf   
SNMP Tutorial DPS Telecom pdf   
Demystifying the SNMP MIB DPS Telecom pdf   
     
    TOP

User Guides and Manuals

AlienVault OSSIM Installation Guide pdf
AlienVault OSSIM Snare Windows pdf
AlienVault OSSIM Users Manual v1.0 pdf
Certes Networks Layer 4 (Payload) Encryption pdf   
Certes Networks TrustNet Group Encryption pdf   
Certes Networks CEP-5LC Datasheet pdf   
Certes Networks CEP-5LC Brochure pdf   
Certes Networks CEP-10 Datasheet pdf
Certes Networks Variable Speed Encryptors Datasheet pdf
Cisco IOS Switch Security Configuration Guide pdf   
Cisco SAFE Security Reference Architecture (White Paper) pdf   
Cisco SAFE Security Reference Architecture (Poster) pdf   
Cisco Network Admission Control pdf   
Cisco TrustSec Solution At-a-Glance pdf   
Cisco TrustSec Solution Overview pdf   
Enterasys Secure Networks for Process Control pdf   
Enterasys Network Access Control pdf   
Hardening HP ProCurve Switches pdf   
Matrikon OPC Tunneller User Manual pdf   
Microsoft Introduction to Network Access Protection pdf   
Nessus Documentation (Tenable) html
Nessus 5.2 Installation and Configuration Guide pdf   
Nessus 5.2 HTML5 User Guide pdf   
Nessus Blending Security Checks pdf
Nessus Compliance Checks Reference pdf
Nessus Compliance Checks pdf
Nessus Credential Checks pdf
Nessus Patch Management Integration pdf
Suricata - Basic Setup pdf   
Suricata - Setting up IPS Inline for Linux pdf   
Suricata - Suricata.yaml Reference pdf   
Suricata - Ubuntu Getting Started with Suricata pdf   
Suricata - Ubuntu Installation pdf   
Tofino Argon 100 Hardware Installation and Troubleshooting Guide v1.0.0 pdf
Tofino Argon 220 Hardware Installation and Troubleshooting Guide v1.0.0 pdf
Tofino Argon CMP Installation and Upgrade Guide v1.7.0 pdf
Tofino Argon CMP User's Guide v1.7.0 pdf
VMware Network Segmentation in Virtualized Environments pdf   
VMware DMZ Virtualization using vSphere 4 Cisco Nexus pdf   
VMware DMZ Virtualization with Infrastructure 3 (legacy) pdf   
VMware vSphere 5.5 Security Hardening Guide xlsx  
VMware vSphere 5.1 Security Hardening Guide xlsx  
VMware vSphere 5.0 Security Hardening Guide xlsx  
VMware vSphere 4.1 Security Hardening Guide (legacy) pdf   
VMware vSphere 4.0 Security Hardening Guide (legacy) pdf   
VMware Instrastructure 3 Securing Hardening (legacy) pdf   
   
  TOP

Cheat Sheets

Hacking - Certified Ethical Hacker Cheat Sheet Exercises pdf
Hacking - Meterpreter Cheat Sheet pdf
Hacking - Nessus NMAP Commands pdf
Hacking - netcat pdf
Hacking - NMap Mindmap Reference pdf
Hacking - NMap Quick Reference Guide pdf
Hacking - Reconnaissance Reference Sheet pdf
Hacking - Tripwire Common Security Exploit-Vuln Matrix pdf
HTML - Markdown pdf
Linux - Bourne Shell Quick Reference pdf
Linux - Quick Reference Card pdf
Linux - Shell Cheat Sheet pdf
Linux - Shell Scrip Cheat Sheet pdf
Linux - tcpdump pdf
Linux - Ubuntu Quick Reference pdf
Linux - VI Editor Reference pdf
MAC - OSX Key Combo Reference Guide pdf
Networking - Border Gateway Protocol pdf
Networking - Cisco IOS IPv4 Access Lists pdf
Networking - Cisco IOS Versions pdf
Networking - Common TCP-UDP Ports pdf
Networking - EIGRP (Enhanced Interior Gateway Routing Protocol) pdf
Networking - First Hop (Router) Redundancy pdf
Networking - Frame Mode MPLS pdf
Networking - IEEE 802.11 WirelessLAN pdf
Networking - IEEE 802.1X Authentication pdf
Networking - IP Tables Processing png   
Networking - IP Security (IPsec) pdf
Networking - IPv4 Multicast pdf
Networking - IPv4_Subnetting pdf
Networking - IPv6 pdf
Networking - IS-IS pdf
Networking - Network Address Translation (NAT) pdf
Networking - Open Shortest Path First (OSPF) pdf
Networking - Physical Terminations pdf
Networking - Point-to-Point Protocol (PPP) pdf
Networking - Quality of Service (QoS) pdf
Networking - Spanning Tree pdf
Networking - TCPIP pdf
Networking - Virtual Local Area Networks (VLAN) pdf
Networking - Wireshark Display Filters pdf
Programming - Ruby pdf   
Programming - x64 Instructions pdf   
Programming - x86 Instructions pdf   
Programming - x86 Instructions pdf   
SQL - MySQL Commands pdf
VMware - Reference Card pdf
Windows - Command Line pdf   
   
  TOP

eBooks

Universal Threat Management (UTM) for Dummies Forinet pdf   
Vulnerability Management for Dummies Qualys pdf   
     
    TOP

Multimedia

WEB-BASED DEMONSTRATION VIDEOS BY SCADAHACKER  
Exploitation 101: Turning a SCADA Vulnerability into a Successful Attack html
Protecting Your ICS from Zero-Day Attacks html
Stuxnet - Introduction, Installation, and Injection Methods html
Stuxnet - Using Software Restriction Policy as a Mitigation html
   
WEB-BASED THIRD-PARTY VIDEOS  
Auditing SCADA and Control System Networks (Tenable) html
   
  TOP

Spreadsheets

IP Address Subnet Calculator xls   
Network Assistant (subnetting, port lookup, cli commands, acronyms) xls   
IP Subnetting Assistant (tools to understand "visibility") xls   
   
  TOP

On-Line Tools and Applications

NIST Quick Guide for 800-53 (Apple IOS) html
NIST Quick Guide for 800-53 (Android) html
Booz-Allen-Hamilton iAssurance for 800-53 (Apple IOS) html
NIST Specifical Publication 800-53 Rev. 3 Desktop Tool (Windows) html
National Vulnerability Database - NIST Special Publication 800-53 Rev. 3 (http) html
National Vulnerability Database - CVSS Scoring Tool html
NIST Computer Forensics Tool Catalog html 
   
  TOP

Websites

INDUSTRIAL
American Chemistry Council Chemical Sector Cyber Security Program html
American Gas Association -- Natural Gas Security html
ASIS International html
Canadian Society for Industrial Security (CSIS) html
Control Engineering html
Control Global (Control Magazine) html
Digital Bond: Securing the Critical Infrastructure html
Electric Power Research Institute (EPRI) html
Electrical Energy Online html
Forum of Incident Response and Security Teams (FIRST) html
IEEE Power Engineering html
InfraGard html
ISA-99, Manufacturing and Control Systems Security html
ISA Security Compliance Institute (ISASecure) html 
SCADA and Control Systems Security (SCADASEC) Mailing List html
SCADA HoneyNet Project html
ScadaSafe Project html
The Infrastructure Security Partnership (TISP) html
Water Sector Information Sharing and Analysis Center html
   
NATIONAL LABORATORIES
Argonne National Laboratory (ANL) National and Homeland Security html
Idaho National Laboratory (INL) - National and Homeland Security html
Idaho National Laboratory (INL) - National SCADA Test Bed Program html
Pacific Northwest National Laboratory (PNNL) National Security html
Sandia National Laboratory (SNL) - Center for SCADA Security html
 
INFORMATION SHARING AND ANALYSIS CENTERS
Multi-State Information Sharing and Analysis Center: SCADA and Control Systems Procurement Project html
Electricity Sector Information Sharing and Analysis Center (ESISAC) html
Surface Transportation Sector Information Sharing and Analysis Center html
   
GOVERNMENT / REGULATORY
Directory Listing of Worldwide CERT Organizations html
Centre for the Protection of National Infrastructure (CPNI) html
Department of Energy (DOE) Control Systems Security html
Department of Homeland Security (DHS) National Cyber Security Division html
Department of Homeland Security (DHS) - Cyber Security html
Department of Homeland Security (DHS)- Critical Infrastructure - Chemical Security html
Federal Energy Regulatory Council (FERC) html
National Institute of Standards and Technology (NIST) html
NIST - Computer Security Division - Computer Security Resource Center - Industrial Control System Security (ICS) html
NIST - Computer Security Resource Center - Special Publications (800 Series) html
North American Electric Reliability Council -- Critical Infrastructure Protection html
Technical Support Working Group TSWG html
   
PRODUCTS / VENDORS
Alien Vault html
Certes Networks html
Hirschmann html
OSIsoft html
Secure Crossing html
Tenable Network Security html
Tofino Security html
Waterfall Security Solutions html
   
  TOP

On-Line News Sources

ISSSource html
Threat Level (Wired) html
Homeland Security Newswire html
   
  TOP

Software

These links will redirect you to various sites on the Internet for downloading of current versions. Some applications may require registration prior to downloading. You should always validate that you are accessing the latest version before downloading.

Cyber Security Evaluation Tool         
Kali Linux         
Firewall Builder for Windows / Mac / Linux         
pfSense Security Appliance         
Vyatta Security Appliance         
Clonezilla Disk Imaging Utility         
Redo Disk Imaging Utility         
ModbusPal Java-based Modbus/TCP Simulator         
SCADA Honeynet         
Triangle MicroWorks Test Harness for Windows         
Security Onion Linux (Xubuntu) Distro         
Metasploit Community Edition for Windows/Linux         
Microsoft Baseline Security Advisor for Windows         
Microsoft Message Analyzer         
Microsoft Network Monitor         
Nessus Bandolier ICS Audit Files         
Nessus Center for Internet Security (CIS) Benchmark Files         
Nessus Vulnerability Scanner         
Wireshark         
Solarwinds Network Tools for Windows         
Libre Office (replaces Open Office) for Windows / Mac / Linux         
Ophcrack Password Utility LiveCD         
Password Rainbow Tables for Ophcrack         
XP Password Recovery Tool (Linux)         
QuickDraw IDS Signatures and PCAP Test Files         
AlienVault Open-Source Security Incident Monitor (OSSIM)         
Splunk Syslog Server for Windows / Mac / Linux         
Snare Syslog Agent for Windows         
TrueCrypt Disk Encryption Utility for Windows/Linux/Mac OS X         
Checksum (hash) Generation Utility for Windows         
Putty Telnet/SSH Client         
UNetBootin USB Boot Creation Utility for Windows / Mac / Linux         
   
WEBSITES  
AlienVault Open-Source Security Incident Monitor (OSSIM) html 
Bandolier Project - SCADA Nessus Audit Files (Digital Bond) html 
pfSense (Open-Source Firewall) html 
QuickDraw IDS (Digital Bond) html 
Security Onion (Intrusion Monitoring System) html 
SNORT (Intrusion Monitoring System) html 
Splunk (Syslog Server) html 
Suricata (Intrusion Monitoring System) html 
Vyatta (Security Appliance) html 
   
  TOP

= New/Updated Content Q1-2014
= New/Updated Content Q3-2014