I received a comment from Ralph Langner on my blog on Friday – “The Emperor wears no clothes - the NERC CIP process”. This comment is so important I wanted it to stand by itself because it reflects the lack of understanding by the IT community of controls systems and the intransigence of NERC
I wrote: “Could you use serial as means to inject Stuxnet – YES!!!” Ralph responded ”To underline that point... our forensic evidence supports that Stuxnet DID inject rogue ladder logic via a serial link -- the vendor's proprietary MPI protocol that runs on RS-485.