Embed Size (px)
Citation preview
2nd International Symposium for ICS & SCADA Cyber Security Research 2014
Programme Thursday 11th September 2014 08.30 a.m. Registration and Coffee 09.30 a.m. Welcome and Conference Opening Conference Chairs and University of Applied Sciences St. Poelten Faculty 10:00 a.m. Keynote Eric Byres: Alternatives to Patching for more Secure and Reliable Control Systems
Since the discovery of the Stuxnet worm in 2010, there has been exponential growth in government security alerts regarding Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) products. It is now clear that these systems were never designed with security in mind -‐ many contain numerous security related “bugs”. How to address these flaws is an important question, especially for the many legacy control systems in use today. In the IT world, one solution to security vulnerabilities has been an onslaught of product patches. Can the IT world’s strategy of continuous patching work for the ICS world? This talk explores the challenges of designing and deploying patches for security flaws on control system products like DCS, PLCs and RTUs. We look at vendor data on patch deployment rates in ICS products, the patch rates likely required from end-‐users in the future and what can be realistically achieved. We close with an exploration of alternative compensating control based solutions for security vulnerabilities in the world of automation and control.
11:00 a.m. Coffee and Refreshments 11:30 a.m. Session 1
1. A SysML Extension for Security Analysis of Industrial Control Systems Laurens Lemaire, Jorn Lapon, Bart De Decker and Vincent Naessens
2. (Position Paper) Socio-‐Technical Security Analysis of Industrial Control Systems. Benjamin Green, Daniel Prince, Utz Roedig, Jerry Busby and David Hutchison
12:30 a.m. Lunch break
01:30 p.m. Session 2 Invited Industry Event by Kaspersky: Kaspersky Industrial Protection Simulation Kaspersky Lab has devised the Kaspersky Industrial Protection Simulation business game to highlight the problems of securing critical infrastructure objects (production facilities, transport, power stations) against cyber-‐attacks. The business training format reproduces real-‐life attack scenarios, with participants having to come up with effective countermeasures to protect the IT infrastructure of an industrial object.
• Teams are put in charge of a water treatment plant. The plant is subjected to a series of cyber-‐attacks that impact on production and revenues. Participants need to respond with a variety of engineering or IT security measures to minimize impact and protect revenues.
• Teams compete under the same conditions. The team that earns most money wins. • No expertise required other than a general understanding of industrial control
systems. • Unlike the vast majority of business training on industrial security, Kaspersky
Industrial Protection Simulation is fun and engaging. 03:00 p.m. Coffee and Refreshments
03:30 p.m. Session 3
1. Securing Industrial Control Systems through Autonomous Hardening Thomas Locher, Robin Chapas, Ana Hristova and Sebastian Obermeier
2. (Position Paper) SCADA Laboratory and Test-‐bed as a Service for Critical Infrastructure Protection. Antonio Sánchez Aragó, Enrique Redondo Martínez and Sandra Salán Clares
04:30 p.m. End of day
05:30 p.m. Shuttle Transfer from Conference Venue to
06:30 p.m. Evening Programme
A bus will take us to the “Wachau” one of Austria’s most famous regions for wine-‐making. We will get a short guided tour through the ancient castle of Dürnstein where King Lionheart was once imprisoned, residing on the cliffs overlooking the beautiful river Danube. Afterwards, dinner will take place in a typical Austrian wine tavern. Departure by bus Meeting point: -‐ 17:30 pm main entrance University St. Poelten and -‐ 17:35 at Cityhotel D+C.
10:00 p.m. First Shuttle Transfer to Hotels
Friday 12th September 2014 08:30 a.m. Coffee 09:00 a.m. Keynote Stephan Lüders: SCADA Security in the Academic Environment of CERN In a swift revolution, control systems have inherited (embraced!) in the last decade all the advantages of standard IT: the Windows operating system, web servers, TCP/IP protocol, mailing, tablets… However, this revolution missed the aspects of security completely. While functionality, availability, usability, safety and maintainability are a must, security has been widely ignored. Only recent security events targeting control systems raised again attention to this subject. At CERN, main focus in preventing abuse has been put on people. Security is a sociological problem and is addressed as such. Technological means come second. 10:00 a.m. Coffee and Refreshments 10:30 a.m. Session 4
1. Towards Understanding Man-‐In-‐The-‐Middle Attacks on IEC 60870-‐5-‐104 SCADA Networks. Peter Maynard, Kieran McLaughlin and Berthold Haberler
2. Automated Analysis of Access Policies in Industrial Plants. Manuel Cheminod, Luca Durante, Lucia Seno and Adriano Valenzano
3. A Practical Attack Against a KNX-‐based Building Automation System. Alessio Antonini, Federico Maggi and Stefano Zanero
12:30 a.m. Lunch break 01:30 p.m. Invited Industry Talk: Critical Intelligence: ICS Cyber Security Threats and Trends 2000-‐2014 14:00 p.m. Session 5 1. (Positional Paper) Implementing and deploying honeypots in SCADA environments.
Daniel Haslinger 2. (Positional Paper) Safety and Security Monitoring in ICS/SCADA Systems.
Andrew Nicholson, Helge Janicke and Antonio Cau. 03:00 p.m. Coffee 03:30 p.m. Session 6 1. (Positional Paper) PRECYSE: Cyber-‐attack Detection and Response for Industrial
Control Systems. Kieran McLaughlin, Paul Smith, Sakir Sezer, Zhendong Ma and Florian Skopik
2. (Positional Paper) Not all SCADA is equal: Impact of Control Models on ICS Threat Landscape. Antoine Lemay, Marina Krotofil, José M. Fernandez and Scott Knight
04:30 p.m. Closing Remarks 4:45 p.m. Conference Close
