Open ikiril01 opened 10 years ago
A starting point may be to create some CybOX Objects for popular/relevant protocols such as DNP3.
Not reviewed yet, just in case it could be useful http://www.cpni.gov.uk/advice/cyber/Security-for-Industrial-Control-Systems/
@athiasjerome thanks, we'll have to take a look.
Context: this would be useful for characterizing observables relating to malware that may target SCADA systems (i.e. in MAEC), and also indicators for such malware (i.e. in STIX).
LOE: High
We should consider adding the ability to characterize SCADA systems. This will require some combination of new objects, action names, etc.