We claim that our SCADA Security Scientific Symposium (S4) is different than all other events in that it is technical content presented to a technical audience. It is not SCADA Security 101, program updates, product pitches or other content you see at other events. It is not for everybody, but if you have want to dive deep into the bits, bytes, vulns, exploits, statistics and meet other technical and thought leaders, S4 is the event for you. We have the Call for Papers out for S4 2012, January in sunny Miami Beach.
So let us show you how it is different with some great presentations and papers from past S4’s. Why not start with the hot name in SCADA Security, Ralph Langner of Stuxnet fame. In January 2007, at the inaugural S4, Ralph presented a paper titled OPC Exposed. It looked at vulnerabilities in OPC Server implementations. Not in the protocol itself, but in the ability to crash the server by overwhelming the resources related to the server. Ralph demos a tool his company designed to run OPC specific DoS attacks such as creating large numbers of client connections, client threads and group names. The real technical meat starts at about minute 20.
(This is just video and audio of Ralph, the powerpoint is not visible in the video. Ralph explains everything very clearly. Also the S4 room is small, so the microphone was just for the virtual, off-site attendees to hear. Sound was a bit scratchy at times on this video, but the content is well worth it.)
One of the highlights of a S4 presentation is the Q&A / discussion in the last 15 minutes. There are great questions, critical commentary, suggestions and more. A big benefit of S4 is getting two days with kindred spirits for two days.