Register now for S4 2013 to guarantee your spot, January 15 – 18 in Miami Beach.
A quick look at the agenda will convince you that this is going to be the most interesting technical ICS security event of all time. Seriously, check it out. The quality and quantity of research has taken a big jump over the last 12 months. And look at the videos from last year to see this event actually provides technical meat.
S4 is a very different event than ICSJWG, WeissCon, SANS, etc. It is very technical and very participative You will see presenters going deep into code, protocols, statistics, theory, … If you are looking for this S4 is the place for you.
It is participative because of the size and layout of the case study rooms and the ethos that has developed at S4 over the last six editions. The Q&A and discussion part of the event (focused on technical and specifically avoiding topics like responsible disclosure, information sharing, IT vs Ops) is an important part of each session. Plus attendees can go on a five minute unsolicited response, participate in the great debate and of course the hallway con and social events.
S4 is not for everyone. S4 doesn’t have overview presentations, SCADASEC 101, policy discussions, etc. These are very useful for a large portion of the ICS community and are handled well by the other events. So make sure you self select wisely because we push the speakers hard to have serious technical content.
Space is limited for the two day S4 Conference, but even more limited for the ICS Advanced Security Training that happens the day before and after S4. The courses vary in size from 20 to 30 students. We have four great training courses available:
- Travis Goodspeed will be teaching hardware hacking embedded wireless systems (and you will walk away with some hardware tools)
- Billy Rios and Terry McCorkle are reprising their HMI hacking course from last year. This was very popular as the Active X and form field fuzzing techniques, taught on actual HMI, are what Rios/McCorkle used to find the hundreds of HMI vulns
- atlas 0f d00m is teaching a course on RfCat. Capturing and analyzing these RF comms is an area that deserves a lot more attention
- and a late entry from Luigi Auriemma and Donato Ferrante will teach how to find server side vulns in SCADA software. Luigi will teach the techniques he has used to find a large number of vulnerabilities including looking at encryption and compression in these products.