Control sponsors 2008 ACS Cybersecurity Conference

Cyber Security Conference Focusing on Potential Causes, Prevention of Recent Power Blackouts and Plant Shutdowns (Trips) August 4-7, 2008 – Burr Ridge, IL   Applied Control Solutions, LLC announces the eighth in a series of conferences focused on cyber vulnerabilities of industrial control systems, August 4-7, 2008, in the southwest Chicago suburb of Burr Ridge, IL. The 2008 ACS Cybersecurity conference is sponsored by Control magazine, and controlglobal.com, where Joe Weiss' Unfettered blog is hosted.   Due to recent cyber-related blackouts and plant trips, along with the five year anniversary of the Northeast Blackout, potential cyber-related incidents and their prevention are now the main focus of the Conference agenda. The focus of cyber security has been on traditional cyber security including passwords, firewalls, and compliance, not system reliability. Reliability of industrial facilities (power plants, substations, chemical plants, refineries, water systems, pipelines, etc.) has focused on control system challenges, not cyber vulnerabilities. This Conference addresses the intersection of control system vulnerabilities and reliability of industrial control systems and processes.   Presentations and focus of the Conference include:   ·         The recent Florida cascading outage shines a bright spotlight on cyber security of relays, switches and other remotely accessible field devices. A session will be devoted to inherent cyber vulnerabilities of these devices, lack of appropriate logging, and the associated IEEE standards efforts to protect these devices.   ·         A recent nuclear plant automatic shutdown, resulting from a software change, brings up new questions concerning the unintended consequences of workstation and PLC reboots. With IT security, NERC CIP, NEI-0404, and other regulation pushing to expeditiously patch control system workstations, attendees will discuss if the proposed “cures” are “worse than the disease,” along with broad implications and potential solutions. Possible explanations for previously unexplained “trips” in fossil, chemical, and other process plants will also be explored.   ·         End-users will discuss impacts and issues unique to the application of firewalls for control system networks.   ·         IT practices that have impacted control systems will be discussed, including Microsoft’s recent disclosure about Excel calculation errors, unintended consequences of patching control system workstations, and scanning of control system networks.   ·         Case histories of control system cyber events, control system cyber security forensics (or lack thereof), demonstrated control system cyber security technologies, control system cyber security R&D, and status of government efforts on control system cyber security will be explored. This will include cyber security regulations and best practices for nuclear power plants.   ·         Control system hacking demonstrations will be conducted. There will be demonstrations of hacking control systems, using actual control system devices, not emulations. One demonstration will be the hack of a typical process controls safety system. The attack will traverse a firewall, causing a fault in both a typical controller and safety system without any indication at the HMI (operator displays) until it is too late (i.e., the process under control fails in a non-fail safe condition).   This Conference has application for utility and other industrial end-users, regulatory, university, and business professionals responsible for, or dealing with, control system security, IT security, and control system operations and maintenance.   Applied Control Solutions, LLC has more than 35 years of experience in developing, implementing, maintaining, and securing industrial control systems for multiple industries. Additionally, Applied Control Solutions personnel have supported government and university efforts in modernizing and securing control systems and providing training on how to secure and optimize these systems.   The Conference will be held at Marriott Burr Ridge, Burr Ridge, IL. Cost to attend is $800 for US government and university personnel and $1495 for others.   For further information, contact Joe Weiss at [email protected] or see www.realtimeacs.com      Joe Weiss PE, CISM Applied Control Solutions, LLC Cupertino, CA (408) 253-7934 (408) 253-7974 Fax (408) 832-5396 Cell [email protected]