The formal S4 Conference is over, and the researchers and attendees were great. This year we had more technical papers submitted and actually had to shorten times and reject some good work to fit it all in. The quality and technical detail in the presentations was at an all time high for S4. We challenged the researchers to present a lot of technical meat for this unique audience, and they came through. Thanks again to the researchers who presented and to their co-authors who were unable to make it.
We recorded the event and will be issuing the presentations over the next few weeks. Two presentations, Ralph Langner explaining the Stuxnet S7 code in line-by-line commented detail and the Basecamp PLC hacking presentation, got most of the attention outside S4. However there were many more that were strong, technical and important presentations that you will want to see, and we will write some blogs around the release of the videos that will help you decide whether you need to view it.
The other big part of S4 is the audience/attendees. Not only to they have to be skilled in ICS and IT security to understand the research, but they need to participate in the in session and out of session discussions. The audience got the research points, didn’t always agree, but voiced questions, suggestions, experiences. As the moderator of a completely open one hour “Great Debate” session, it is a relief to have so many attendee participants.
The day before S4 Billy Rios and Terry McCorkle taught a Hacking and Exploiting HMI course that was based on their work that found 100’s of vulnerabilities in freely downloadable products. All of the students were quickly finding 0days using ActiveX and File Format Fuzzing. There has been a lot of attention on fuzzing TCP and UDP ports, but this is obviously two more areas that need attention. Now there are 30 more people in the community that can take it back to their organizations.
Today is the final S4 Event with Reid Wightman teaching Hacking PLC’s. This is from the Basecamp work and focuses on the two PLC’s he knows best: the GE D20 and the Modicon Quantum. As I write this students are connected up and pulling data from the PLC’s for analysis and attack planning.
We sold out S4 this year, which was great, but also a bit regrettable as there were some great potential attendees that didn’t make it off the wait list. So …
Mark Your Calendars and Start Your Research … S4 2013 will be January 16-17 in Miami Beach with a training day before and after.