Registration is open for 9th Control System Cyber Security Conference

Aug. 14, 2009

The website for the October 19th-22nd Annual Control System Cyber Security Conference to be held in Bethesda, MD is ready for registrants at www.realtimeacs.com  (click on Register for the Conference on the right toolbar). The host hotel is the Bethesda Marriott, 5151 Pooks Hill Road, (301) 897-9400.
 

"

The website for the October 19th-22nd Annual Control System Cyber Security Conference to be held in Bethesda, MD is ready for registrants at www.realtimeacs.com  (click on Register for the Conference on the right toolbar). The host hotel is the Bethesda Marriott, 5151 Pooks Hill Road, (301) 897-9400.
 
As usual, the Conference is focused on control systems. Control system policies, procedures, technologies, and cyber vulnerabilities apply to electric power, water, oil/gas, chemicals, manufacturing, etc. Focusing on any one industry diminishes the value of information sharing. Consequently, there will be presentations from multiple industries. Because of the sensitivity of the discussions, the presentations will only be available to Conference attendees.
 
The term “cyber security” is an IT artifact that does not reflect the need to assure control system reliability and availability. Generally, the term cyber security refers to protection against attackers. For this Conference, the term cyber security refers to all electronic communications that could impact the performance of control systems. This definition includes intentional unintended events (eg, viruses and worms), malicious directed attacks (eg, hackers), and unintentional incidents (eg, inappropriate policies and testing). Based on the data I have collected, most control system cyber incidents are unintentional. Some of these unintentional events have caused significant damage and deaths. I believe there will be significantly more unintentional events than intentional events until appropriate awareness, policies, procedures, technologies, training, and testing are in place. Just recently, a water SCADA system cyber incident burst multiple water mains. Consequently, the Conference will focus on the need to maintain control system reliability and availability in the age of interconnected systems and modern communications.
 
The draft agenda will continue to be updated. As in the past, the agenda will remain flexible enough to address recent issues of interest. Topics I believe will be of interest to all are:
 
(1) Discussions of actual control system cyber incidents including recent events;
 
(2) Discussions of threats to control systems including non-traditional threats;
 
(3) Discussions of control system design limitations reducing fail-safe capabilities - people have already been killed because of this;
 
(4) Demonstrations of compromising control systems (not just intentional hacking) using actual control system equipment (NOTE- this demonstration is similar to what ALREADY shut down a nuclear plant and several process facilities;
 
(5) Nuclear plant cyber security regulations;
 
(6) Smart Grid cyber security issues including plug-in hybrid security issues and meter vulnerability hacking demonstrations; 
 
(7) Status of congressional legislation affecting control system cyber security for electric and other industries including CFATS; and
 
(8) Discussion of nation-state cyber attacks (Estonia and Georgia) and their impact on control systems
 
These are just a sampling of some of this year’s instructive and enlightening topics you won’t want to miss.
 
For those interested, there will be a tour of a water treatment facility. Because of the limited space in the facility, the tour will be limited to groups of 10-15 at a time. The tour will demonstrate the size, vintage, and types of control system used in a typical industrial facility. As this is a working facility, dress accordingly with sturdy shoes. The water treatment facility was chosen to reinforce that cyber is not just an electric industry problem.
 
We would like to get an accurate count for the Monday afternoon training session and the water treatment facility tours on Monday and Friday.  Please check the appropriate box on the registration form to assure your space.
 
If you have any questions, please let me know. I look forward to seeing you in Bethesda,

Joe Weiss
 

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.