Unsolicited Response

IACS System Testing and Assessment Rating (STAR) Methodology with Don Weber

Listen Later

Don Weber joins Dale Peterson to describe his IACS STAR Methodology to score the risk of a vulnerability to an ICS (or IACS in 62443-speak). It is a modification of the OWASP Risk Rating Methodology. Don has modified some of the 16-factors to create IACS STAR. The methodology and code is available on GitHub and a calculator is available on line.

Don and Dale discuss:

  • What Don likes about the OWASP Risk Rating
  • Potential issues with putting numbers to SME judgment
  • Differences between IACS STAR and the OWASP Risk Rating
  • The weighting of the 16 factors
  • The future of IACS STAR

Links

Slides Discussed In The Show: https://dale-peterson.com/wp-content/uploads/2023/10/IACS-STAR.pdf

IACS STAR GitHub Repo: https://github.com/cutaway-security/IACS_STAR_Methodology

IACS STAR Calculator: https://iacs-star-calculator.com/iacs_star_calculator.html

Cutaway Security Website: https://www.cutawaysecurity.com

ICS-Patch Decision Tree: https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf

 

...more
View all episodesView all episodes
Download on the App Store
Unsolicited ResponseBy Dale Peterson: ICS Security Catalyst and S4 Conference Chair
  • 4.9
  • 4.9
  • 4.9
  • 4.9
  • 4.9

4.9

14 ratings

More shows like Unsolicited Response

View all
Risky Business by Patrick Gray

Risky Business

369 Listeners

The Daily by The New York Times

The Daily

112,500 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

7,961 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

173 Listeners

The Industrial Security Podcast by PI Media

The Industrial Security Podcast

21 Listeners

The Rest Is History by Goalhanger

The Rest Is History

14,009 Listeners

The Mel Robbins Podcast by Mel Robbins

The Mel Robbins Podcast

20,151 Listeners