ikiril01
commented
9 years ago A starting point may be to create some CybOX Objects for popular/relevant protocols such as DNP3.
Open ikiril01 opened 10 years ago
ikiril01
commented
9 years ago A starting point may be to create some CybOX Objects for popular/relevant protocols such as DNP3.
athiasjerome
commented
9 years ago Not reviewed yet, just in case it could be useful http://www.cpni.gov.uk/advice/cyber/Security-for-Industrial-Control-Systems/
ikiril01
commented
9 years ago @athiasjerome thanks, we'll have to take a look.
ikiril01
commented
9 years ago Context: this would be useful for characterizing observables relating to malware that may target SCADA systems (i.e. in MAEC), and also indicators for such malware (i.e. in STIX).
LOE: High
We should consider adding the ability to characterize SCADA systems. This will require some combination of new objects, action names, etc.