Circa 2015 I stopped putting most ICS vulns in the Friday News & Notes because there were so many and most had minimal impact on ICS-related cyber risk. Next week I’m initiating a max of 3 of USG related items in this weekly newsletter.
Another ICS security pioneer, Dennis Holstein, died earlier this month. He was a huge contributor to the IEC 62443 standards. Professionally what I remember most about Dennis was he was a most fervent advocate for quantifiable security levels in the stds, and then after 2 - 3 years said they weren't possible. This is a compliment. Most would have stubbornly stuck to their point of view. He took in the data, wasn't afraid to change his mind, and went for the achievable.