Aegis™ is a consortium of stakeholders dedicated to improving the robustness of industrial control system (ICS) software. We believe that technical collaboration and community ownership of tools can make a difference in the reliability and security of our infrastructure.
Bad actors have the capability to digitally disrupt our critical infrastructure. While the ancient concept of the Aegis involved protection from the divine, the meaning has changed to signify protection from a strong and benevolent source. Our community and tools are leading that defense.
Members pay yearly dues in exchange for early access to security tools and support from the private community. This allows members to comfortably fix security defects within their normal product cycles. Members are encouraged to actively participate in the development of the tools themselves. Members may use the Aegis logo and trademarks to promote their offerings.
Our first efforts will focus on negative testing tools, aka fuzzers. This class of testing software is critical for hardening software against threats. The first release will be the tool used in Project Robus, a fuzzer for DNP3. This tool is available to members now. Our roadmap will expand to include other protocols and updates to existing releases.
After tools have been circulated in our community for at least 6 months, they are released to the public. At this point anyone can use the tools to test systems. Non-members are encouraged to test products as soon as the software is publicly available, but may not use the Aegis logo or trademarks.