@BEERISAC: OT/ICS Security Podcast Playlist artwork

IACS System Testing and Assessment Rating (STAR) Methodology with Don Weber

@BEERISAC: OT/ICS Security Podcast Playlist

English - October 27, 2023 15:12 - 39 minutes - ★★★★★ - 2 ratings
Technology Business listen notes listen later Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: 99: Exploring the Multifaceted World of Gary Kessler: From Cybersecurity Expert to Master Scuba Diver Trainer
Next Episode: Eric Smith: The Importance of Physical Security in Protecting Infrastructure

Podcast: Unsolicited Response (LS 34 · TOP 5% what is this?)
Episode: IACS System Testing and Assessment Rating (STAR) Methodology with Don Weber
Pub date: 2023-10-25



Don Weber joins Dale Peterson to describe his IACS STAR Methodology to score the risk of a vulnerability to an ICS (or IACS in 62443-speak). It is a modification of the OWASP Risk Rating Methodology. Don has modified some of the 16-factors to create IACS STAR. The methodology and code is available on GitHub and a calculator is available on line.

Don and Dale discuss:

What Don likes about the OWASP Risk Rating Potential issues with putting numbers to SME judgment Differences between IACS STAR and the OWASP Risk Rating The weighting of the 16 factors The future of IACS STAR

Links

Slides Discussed In The Show: https://dale-peterson.com/wp-content/uploads/2023/10/IACS-STAR.pdf

IACS STAR GitHub Repo: https://github.com/cutaway-security/IACS_STAR_Methodology

IACS STAR Calculator: https://iacs-star-calculator.com/iacs_star_calculator.html

Cutaway Security Website: https://www.cutawaysecurity.com

ICS-Patch Decision Tree: https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf

 



The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.