The third annual SCADA Security Scientific Symposium [S4] will be held on January 21 - 22, 2009 in Miami Beach, Florida. So those of you looking for an event that gets into the bits / bytes / exploits / code / protocols / statistics / mathematics and other technical detail save the date. After two […]

We have updated our site so you can now purchase the 2008 S4 Proceedings book of 8 papers, ~200 pages, $100 from the Digital Bond site. It also is available from Amazon.com, but you need to pay shipping at that site.
We also have a combo deal where you can purchase a copy of the 2007 […]

Between being the S4 chair and handling the Virtual Attendee chat and Q&A it was impossible to live blog at the event, but I was writing down some thoughts. Here they are in brief:

The metrics paper from INL supported my belief that there is some great work going on at the labs that we just […]

We have had some questions on the Virtual Attendee program for S4. Take a look at a brief replay (40 seconds) of an introduction from last year on a Windows system. You will see the video pane, powerpoint pane and a third pane that is used for Q&A and chat during live presentations. You will […]

We wanted to have a meaty, technical wireless security talk that focused on control system wireless protocols like Zigbee, HART wireless or ISA 100. This was a struggle. We had no decent wireless abstract submissions, and most of the good people who volunteered wanted to talk about 802.11, cracking WEP, WPA, … Things that most […]

We set up the SCADA Security Scientific Symposium (S4) in an environment and agenda that fosters discussions between a group of technical experts. It is set in a case study room that is like a small theater in the round with stadium seating. With the back row set aside for the AV crew to film […]

It seems like there is always one S4 paper that is a technical challenge for me to understand the full impact. This year it is Julian Rrushi and Roy Campbell’s paper, “Detecting Attacks in Power Plant Interfacing Substations through Probabilistic Validation of Attack-Effect Bindings”. You may remember Julian from last year when as a graduate […]

The second S4 paper on control system security metrics comes from a DHS NCSD supported project that teamed INL researchers with Marie Farrer of Securicon and Zach Tudor of George Mason University. Miles McQueen and Wayne Boyer are letting have selected Sean McBride of INL present the paper: Measurable Control System Security through Ideal Driven […]

I’m very pleased to announce that Steve Lipner, Microsoft’s Senior Director of Security Engineering Strategy in Trustworthy Computing, is the Day One Keynote at our SCADA Security Scientific Symposium (S4). All physical attendees will also receive a copy of his book, The Security Development Lifecycle. See the full agenda and register.
Steve’s keynote is titled […]

We have two papers on security metrics at S4. The first is from Ralph Langner, who wrote the great paper on OPC server resource exhaustion attacks at S4 2007, and Bryan Singer who you all know. They both came in independently with similar abstracts, so it only made sense for them to pair up on […]