The conference was organized by Dr. Mauricio Papa, Assistant Professor of Computer Science at the University of Tulsa, Dr. Sujeet Shenoi, F.P. Walter Professor of Computer Science at the University of Tulsa, and Eric Goetz, Associate Director for Research at I3P, and was supported by the Institute for Information Infrastructure Protection (I3P). The program committee drew members from the IFIP Working Group 11.10.

The conference began with a keynote lecture given by Dr. Ruth A. David, President and CEO of ANSER Institute for Homeland Security. In her lecture Dr. David provided the rationale for resilience in computer systems and networks, otherwise known as defense in depth. The message in her talk was that protection mechanisms, i.e. intrusion prevention, access control, hardened configurations, etc., ultimately must be deployed in computer systems and networks, but reliability of security should not be all placed on them. Protection mechanisms sooner or later will get broken, and in that case we need to think of additional layers of defense. Dr. David stressed the importance of research, development, and deployment of intrusion tolerance mechanisms capable of supporting continuity of service even when the system has been brought to a degraded state by successful attacks.

Dr. Scott Dynes of the Dartmouth College held a presentation on cyber risks to IT-dependent organizations, including owners and operators of power systems and critical infrastructure in general. This presentation provided insight into supply chain risks organizations are exposed to. Nowadays technology designers, owners of foundries and manufacturing facilities, marketing and delivering folks are found in different organizations which form enterprises for collaboration. The enabling technology for these enterprises is the Internet, therefore cyber security is a substantial concern. Viruses, worms, malware in general, compromises of data and intellectual property storage, and other cyber failures have considerable effects on these enterprises in general, and on smaller firms in particular. These effects include supply chain disruptions and delays, theft of shared intellectual property, data integrity violations, etc.

Dan Assaf of the University of Toronto held a presentation on CIP regulation. He talked about en empirical analysis based on two case studies. Assaf presented two regulatory models where he highlighted relevant interactions that take place between various organizations, including national security organizations, when involved in preparation and enforcement of regulatory standards on cyber security of critical infrastructure.

Dorsey Wilkin of the Air Force Institute of Technology talked about some of the intricacies of policies and politics of critical infrastructure defense. What most took my attention was an outline of an active and offensive approach to attacks on critical infrastructure. The underlying principle of the approach in question is to counter these attacks by attacking and subsequently disabling the systems used to launch them. Such an active response to harmful attacks raises a myriad of concerns, but, as an old saying says, the end justifies the means.

The conference program had a presentation on standards-driven security by Prof. Ann Miller of the University of Missouri-Rolla, but unfortunately she didn’t make it to the conference. Debin Liu of the Indiana University talked about a game theory analysis of attacks mounted by insiders. Liu provided a mathematical model that captures the behavior of insiders in security relevant situations.

Tyson Macaulay of Bell Canada held a presentation on operational risk management and operational continuity controls. Risk in this context is defined as a function of likelihood and consequences, where likelihood represents the probability of occurrence of a hazard and the consequences are the impact of this hazard on infrastructure. Metrics such as network of origin of a cyber action, estimated resources, i.e. money, skills, time, etc., available to attackers, their motivations, their objectives, etc., are used to assess the threat environment. Estimations of values of these metrics then allow for accordingly adjusting operational continuity real-time controls such as physical surveillance or firewall technology.

An analysis of the security of RSVP-TE protocol, i.e. Resource Reservation Protocol - Traffic Engineering, was discussed by Mike Spainhower et al. of the University of Tulsa. The presentation discussed a series of mainly spoofing based manipulations of functions implemented in this protocol. In theory there are network configuration and authentication measurements that could prevent these attacks. Nevertheless, in practice such measurements are not generally taken.

Dr. Igor Fovino of the Joint Research Center, Italy, held a presentation on security assessment of a power plant. Dr. Fovino provided a description of a case study in which his team was tasked to identify ways of attacking a power plant in a cyber way. He discussed an approach which combines specifications of the power plant in question with a series of attack trees developed especially for a power plant. The power plant was reconstructed in laboratory settings especially for this assessment. The outcome of this case study was the identification of a large number of vulnerabilities that might have enabled an attacker to even impact the edge devices directly interfacing with the power plant.

Stig Ole Johnsen of SINTEF also discussed a case study. His presentation centered around a remote oil and gas platform operated remotely via the network from teams in UK and Norway. Johnsen discussed known security issues which regarded the platform in question.

Day 1 of the conference was concluded by a great panel led by Brian Singer of Wurldtech, and formed by Brian Singer himself, Sean McGurk, Director of the Control Systems Security Program at Department of Homeland Security, Zachary Tudor, Program Director at SRI International, and Marcus Sachs, Executive Director, Government Affairs and National Security Policy, Verizon.