We set up the SCADA Security Scientific Symposium (S4) in an environment and agenda that fosters discussions between a group of technical experts. It is set in a case study room that is like a small theater in the round with stadium seating. With the back row set aside for the AV crew to film the event and handle the feed for Virtual Attendees, this leaves seats for 55 attendees.

Last year we had 30 attendees and the post presentation Q&A/discussion was a highlight and exactly the type of collaboration and peer review we were hoping for. This year we have 46 physical attendees registered to date for S4, Jan 23-24 in Miami Beach. It is very cool that it is a technical who’s who from around the world. 17 of the physical attendees are from outside the US, not to mention the virtual attendees.

If you are a technical researcher or thought leader in control system security, we want you there. Grab one of the nine remaining seats before they are all gone. It will be unlike any event you have attended before in content, environment and fellow attendees.

I have been sprinkling posts on S4 papers over the past few months. Here is the agenda in total with links to those posts. Don’t forget it is in Miami Beach. Hotel is right on the beach and the lunch and Day 1 Cocktail Party at the Kovens Center overlooks the Intercoastal Waterway.

Wednesday, January 23rd

Keynote: Lessons Learned While Building Secure Software by Steve Lipner of Microsoft

1) Security Assurance Levels: A SIL Approach to Security by Nate Kube and Bryan Singer of Wurldtech Security Technologies

2) Threat Modeling NetDDE Vulnerabilities in Control System by Xavier Panadero and Lluis Mora of Neutralbit and Jason Holcomb and Charles Perine of Digital Bond

3) Measurable Control System Security through Ideal Driven Technical Metrics by Miles McQueen, Wayne Boyer and Sean McBride of INL, Marie Farrar of Securicon, and Zachary Tudor of George Mason University

4) Modeling Flow Information and Other Control System Behavior to Detect Anomalies by Brian Moran and Rick Belisle of IBM Internet Security Systems

5) Wireless Security in DCS (Invited Talk)

Thursday, January 24th

Keynote: The Hacker Strategy by Dave Aitel of Immunity, Inc.

6) Detecting Attacks in Power Plant Interfacing Substations through Probabilistic Validation of Attack-Effect Bindings by Julian Rrushi and Roy Campbell of University of Illinois

7) Control System Attack Vectors and Examples: Field Site and Corporate Network by Eyal Udassin of C4 Security

8 ) Key Management and Cryptography for Advanced Metering Infrastructures (AMI) and Other Large, Low Power Networks by Grant Gilchrist and Darren Highfill of EnerNex

9) SCADA Threat Modeling Using Attack Scenarios by Ralph Langner of Langner Communications and Bryan Singer of Wurldtech Security Technologies

10) OPC Unified Architecture (UA) Exposed: Part 1 by Dale Peterson of Digital Bond