Security firms Tenable Network Security and Digital Bond announced on Tuesday that the two companies planned to release a plugin for the Nessus vulnerability scanner to enable the software to audit networks for vulnerable control system devices.

Digital Bond, a security consultancy that focuses on supervisory control and data acquisition (SCADA) and other distributed control system technology, plans to release the initial set of plug-in features on November 1. Tenable, the creator of Nessus, agreed to an exclusive arrangement with Digital Bond to develop the new features.

"Many of the existing Nessus plugins pull security related information about IT devices on the network," Digital Bond's CEO Dale Peterson stated on the company's blog. "The SCADA plugins will do the same for field devices and control system applications. In an assessment you may use this information to identify rogue systems and plan secondary testing."

Vulnerability researchers have started to focus more on SCADA and other distributed control and monitoring systems, because the devices act as a gateway between the Internet and critical infrastructure systems, such as power networks and manufacturing systems. The U.S. Department of Homeland Security has made securing the systems a top priority for government and private industry. As part of the push, Idaho National Laboratory has teamed up with infrastructure providers to offer example contract language intended to require that suppliers make security a priority.

While few vulnerabilities in SCADA systems have been made public, both Tenable and Digital Bond expect the number to grow, they stated in a release e-mailed to SecurityFocus.