The second day of the conference began with a key note lecture given by Paul Kurtz, Partner and Chief Operating Officer, Good Harbor Consulting LLC. Mr. Kurtz provided substantial insight into practical concepts of cyber espionage at the present time. He also talked about a large cyber security initiative taken by prominent companies in the computer industry to develop software with security in mind.

Dr. Sujeet Shenoi of the University of Tulsa held a presentation on taxonomies of attacks applicable to the Modbus protocol. He began with an overview of Modbus internals, i.e. organization of application data units, description of data and addressing models, and an overview of Modbus transactions. He then built upon these ground definitions to explain a variety of attacks on Modbus applications.

Dr. Himanshu Khurana of the University of Illinois at Urbana-Champaign provided a comprehensive taxonomy of attacks on control systems and networks used to monitor and control the electrical power grid. He also outlined potential solutions for each category of attacks discussed, and pointed out research directions which have the potential of improving the cyber security of the electrical power grid.

Dr. Emiliano Casalicchio of the Università di Roma “Tor Vergata” held two individual presentations on critical infrastructure interdependencies. Dr. Casalicchio explained cascading effects among interdependent infrastructure systems, provided means of quantifying these cascading effects, and described approaches to their modeling and simulation. As a matter of fact simulation is among the most feasible and efficient mechanisms for analyzing infrastructure interdependencies, and Dr. Casalicchio’s presentations were a push toward that direction.

Eric Luiijf of TNO is a prominent CIP researcher in Europe. At this conference Mr. Luiijf provided an analysis of critical infrastructure dependencies. He talked about a series of such dependencies and quantified how and to what degree disruptions that take place in industries such as water, natural gas and oil, electricity, etc., impact each-other.

Hamed Okhravi of the University of Illinois at Urbana-Champaign talked about devising and implementing trusted computing solutions for process control networks. He described an application of cryptographic mechanisms embedded within control systems to provide authentication-based access control, confidentiality, and integrity for process control communications.

Jeff Hieb of the University of Louisville held a presentation on security hardening of field devices such as remote terminal units (RTUs). He outlined an investigation of reduced kernel concepts for field devices, including the application of Multiple Independent Levels of Security architecture for achieving resource partitioning, kernel component verification, and kernel minimization and reduction in field devices.

Julian Rrushi of the University of Illinois at Urbana-Champaign and the Università degli Studi di Milano talked about a model-based anomaly intrusion detection approach devised ad hoc for power plants. The approach that Rrushi described employs the stochastic activity network (SAN) formalism to develop atomic models of both control systems and physical power plant components along with the physical processes that take place in the latter. The SAN models developed in this work are such that their solution produces an estimation of legitimate values stored in control system memory locations allocated for process variables, and an estimation of legitimate change flows followed by values stored in such memory locations.

Dr. Stephen D. Wolthusen of the Gjovik University College and Royal Holloway, University of London, talked about model-based anomaly intrusion detection in control networks. Dr. Wolthusen described an approach which uses applied statistics to model various properties of critical infrastructure networks along with what their deviations are and how they occur.

Dr. Alberto Paoluzzi of the Università degli Studi di Roma III held a presentation on leveraging simulation for critical infrastructure cyber security. Dr. Paoluzzi explained the application of geometric modeling and discrete simulation to model known infrastructure behaviors. These simulations are based on applied mathematics and their aim is to develop capabilities that recognize risky situations and suggest effective countermeasures.

Dr. William J. Tolone of the University of North Carolina at Charlotte talked about critical infrastructure modeling and simulation. He explained a variety of techniques for simulating infrastructures such as the electrical power grid. Dr. Tolone also provided a demonstration of a simulation tool developed for simulating the operation of large power systems. This tool didn’t appear to be computational power hungry, and was running smoothly in a laptop computer.

Day 2 of the conference was concluded by a great panel formed by Seymour Goodman, Professor of International Affairs and Computing, Georgia Institute of Technology; Stephen Lukasik, Former Director, DARPA and Chief Scientist, Federal Communications Commission; Anthony Rutkowski, Vice President for Government and Regulatory Affairs, VeriSign; and Michael Corcoran, UK Defense Advisor, DSTL.