Critical vulnerabilities in Siemens‘ industrial control systems were downplayed by Siemens, says security expert Dillon Beresford, a researcher with NSS Labs.

Beresford cancelled a planned demonstration of the vulnerabilities at the TakeDownCon security conference in Texas last week after Siemens accused him of having “special laboratory conditions” with “unlimited access to the protocols” in his security research after a recent attack of the Stuxnet worm.

The U.S. Department of Homeland Security expressed concern about disclosing information before Siemens could patch the vulnerabilities.

Stuxnet was discovered on systems in Iran last year and is believed to have been designed by a nation state aimed at destroying uranium-enrichment centrifuges at the Natanz nuclear facility in Iran.

Stuxnet exploited vulnerabilities in Windows to infect computers that ran Siemens SCADA (supervisory control and data acquisition) software, giving attackers access to the software that in turn controlled programmable logic controllers (PLC) devices.