Thursday, August 6, 2020

Webinar on determining software authenticity and integrity



If you're looking for my pandemic posts, go here.

Dick Brooks of Reliable Energy Analytics is one of the most knowledgeable people on the subject of software that I know. He has done a lot of research on how to verify software authenticity and integrity, for compliance with CIP-010-3 R1.6 (which comes into effect on Oct. 1, along with CIP-013-1). Next Wednesday August 12, he will present a webinar for Energy Central entitled “Software Supply Chain Risks and Mitigations for NERC CIP-010-3”.

I’ve seen Dick’s slides, and I can promise that you’ll learn a lot that you didn’t know, but which may help you in deciding how to verify software integrity and authenticity, as well as comply with R1.6 (of course, this can also help you comply with CIP-013-1 R1.2.5, although you need to be aware that the focus is different there, even though both requirement parts deal with software authenticity and integrity. I hope to write a post about that soon).

You can read about the webinar and sign up here.


Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com.

Are you hot at work – or should be – on getting ready for CIP-013-1 compliance on October 1? Here is my summary of what you need to do between now and then.


No comments:

Post a Comment