Hello all, First off, I am unsure if this is the correct place to post this, so please excuse my unfamiliarity in advance. I represent an information security company that is working with several federal agencies (USA and abroad) to help understand and craft standards to address potential security threats affecting industrial control facilities. Our group is well versed in discovering vulnerabilities in software, but has little experience with the type of hardware industrial control facilities may run. We have had success finding security issues in software from various vendors (such as IWS, CoDeSys, IGSS), but it is difficult for us to understand the true risk when we are not familiar with the context in which such software may be deployed. While researching how to best expand our efforts, we ran across some vulnerability reports affecting various PLC devices: http://www.digitalbond.com/tools/basecamp/wago-ipc-758870/ http://www.digitalbond.com/tools/basecamp/general-electric-d20meii/ http://www.digitalbond.com/tools/basecamp/schneider-modicon-quantum/ http://www.digitalbond.com/tools/basecamp/rockwell-automation-controllogix/ We believe that we could find many more such issues and work with the affected vendors to get them fixed. To that end I am posting here to ask for your advice. If anyone might be interested in helping us enumerate which PLCs we should focus on, how we might acquire hardware for testing, and generally provide advice please let me know and we can discuss what a consulting opportunity may look like. Thank you for your time.
