Here it is: the Call for Papers for the SCADA Security Scientific Symposium (S4).

I know, I know. Some of you are saying yet another SCADA security conference! And oh, wasn’t Dale complaining about this just a few months ago? Yes, but I’ve also been concerned that the community has lacked an event where researchers and academics can present their results to peers in the time, detail, and environment that supports the development of the science that is the foundation of the needed solutions.

I use the analogy that the IT Security world has the RSA event, SANS conferences, Infosec, … but it also has a scientific event like Crypto where the researchers and academics go to discuss theory. Crypto is where Rivest of RSA, Diffie of Diffie Hellman, and a host of other leaders presented their research.

There should be no overlap in presentations between S4 and PCSF, SANS Security Summits, ISA, KEMA, … In fact, if we do this right, almost all of the attendees at the previously named conferences would be lost and bored stiff at S4.

So what are we looking for? Well first, we already have about a third of the program complete with some groundbreaking work from very talented researchers. Here are some examples of topics we are looking for:

• an analysis of a SCADA security protocol, e.g. Secure ICCP, Secure DNP3, OPC UA, or even the PNL protocol mentioned in a previous blog entry
• analysis of potential attack vectors on SCADA systems, i.e. an ICCP worm
• comparisons of the mathematics and methodology behind SCADA anomaly detection algorithms
• measuring attack space coverage in assessment methodologies
• performance impact of various agent technologies on field devices
• performance impact of crypto algorithms on field devices
• analysis of wireless security protocols proposed in SCADA
• your brilliant idea here!

We have put together the speaker’s program so academics and researchers should not have to reach too deeply into their pockets to present and participate. A speaker’s hotel room is covered along with $400 to help defray expenses, and of course the conference fee is waived. I hope the best and the brightest at I3P, University of Illinois, National Labs and other research programs will submit papers. You will have up to an hour to present in technical detail, fifteen minutes for questions, and your paper will be published in the proceedings.

One final note – S4 will be in beautiful Miami Beach in January. It is being held at the FIU Kovens Center right on Biscayne Bay. The conference hotel is on the ocean. We have an interactive setting for the 66 physical attendees and an innovative virtual attendee program scheduled. More information on the program and physical and virtual registration will be available in early September.