Thoughts on the ACS Conference

Aug. 9, 2008
2008 Applied Control Solutions Conference Overview August 4-7 marked the Eighth Control System Cyber Security Conference. Times have certainly changed. When this Conference began in 2002, it was the only conference dedicated to control system cyber security, and conferences like Black Hat did not address control system topics. This year’s attendance was impacted by the proximity of other conferences such as Black Hat (slightly) and PCSF (significantly). However, there were still approximatel...
2008 Applied Control Solutions Conference Overview August 4-7 marked the Eighth Control System Cyber Security Conference. Times have certainly changed. When this Conference began in 2002, it was the only conference dedicated to control system cyber security, and conferences like Black Hat did not address control system topics. This year’s attendance was impacted by the proximity of other conferences such as Black Hat (slightly) and PCSF (significantly). However, there were still approximately 100 attendees from eight countries (Finland, Sweden, Israel, UK, Brazil, Singapore, Japan, Canada, and the US). Conference participants came from electric power transmission, distribution, generation, and nuclear power; oil/gas; chemicals; pipelines; water; and IT. In this age of vendor dominated conferences, more than 80% of the attendees were NOT vendors - end-users, government, universities. The Conference begun with a video keynote message from Congressman James Langevin, D-RI, the Chair of the Committee on Homeland Security’s Subcommittee on Emerging Threats, Cybersecurity, and Science and Technology. Congressman Langevin made a plea for cooperation and coordination. We did have representation from FERC, NRC, DOD, NERC and the FBI. Ironically, there was no attendance from either DHS or DOE. In order to get end-users to discuss actual control system cyber incidents, the groundrules for the Conference are that presentations are only available to Conference attendees. In the same vein, to get more interesting discussions, the details of discussions will not be made public either.  Consequently, only a capsule synopsis for each day will be prepared. As Alan Paller of SANS would do, here are some selected comments from Conference attendees: “It was slightly out of my field of expertise (power system protection), but nonetheless of considerable interest”.  “It’s difficult to find a conference that follows exactly the control system cyber security issues and this Conference achieved the aim.” “Conference covered a lot of topics, not only computer security. Point of view of different sectors (not only electric) is very useful.” "I was surprised and pleased at the meatiness of the presentations, and the knowledge of the participants. These are serious people, with serious stroke, coming together to discuss a critical topic." Joe Weiss

Sponsored Recommendations

IEC 62443 4-1 Cyber Certification – Why ML 3 is So Important

The IEC 62443 Security for Industrial Automation and Control Systems - Part 4-1: Secure Product Development Lifecycle Requirements help increase resilience for control systems...

Multi-Server SCADA Maintenance Made Easy

See how the intuitive VTScada Services Page ensures your multi-server SCADA application remains operational and resilient, even when performing regular server maintenance.

Your Industrial Historical Database Should be Designed for SCADA

VTScada's Chief Software Architect discusses how VTScada's purpose-built SCADA historian has created a paradigm shift in industry expectations for industrial redundancy and performance...

Linux and SCADA – What You May Not Have Considered

There’s a lot to keep in mind when considering the Linux® Operating System for critical SCADA systems. See how the Linux security model compares to Windows® and Mac OS®.