Main menu:

• Home
• S4 2009
• Consulting
• Research
• Events
• Subscribe
• About Us
• Resources

 

 

 

AAA  AAA 

S4 2009

Digital Bond’s SCADA Security Scientific Symposium (S4)

When: January 21 and 22, 2009

Where: Beautiful Miami Beach, FL

Bonus: Advanced Training: Security Testing of Control System Components on January 20th

Price: Physical Attendee: $995, Virtual Attendee: $800, Training Class: $600

Key Links

• Full Program with Detailed Session Descriptions, Venue and Hotel Information
• Advanced Training: Security Testing of Control System Components
• Registration for S4 and Advanced Training
• Reserve your Hotel Room
• Proceedings from Past S4 Conferences

S4 is a unique event for the presentation of highly technical research papers on SCADA and control system security. Presenters are given one hour to present in detail - - down to the bit, byte, packet, control, protocol, statistic, code, or script level. Now in its 3rd year, the S4 Proceedings Books are a great way to verify the technical rigor of the event . . . or just ask a past participant. The audience represents the best minds in control system security research.

• Who should attend? Researchers, engineers & thought leaders in SCADA security.
• Who should not attend? Those looking for best practices, standards overviews and SCADAsec 101. Marketing, sales and senior management.

Physical attendees are limited to 55 seats to create the right environment for research collaboration. Virtual attendee space is unlimited.

Program Summary

Tuesday, January 20th

Bonus Training Course: Security Testing of Control System Components

The 6-hour course is titled Advanced Security Testing of Control System Components. The morning module covers assessing and exploiting historians and other applications commonly found on a control system DMZ. The afternoon module teaches customizing a fuzzer for control system components, looking for overflows and building proof of concept exploits for advanced students. See the course brochure for additional info.

Wednesday, January 21st

Keynote - To Be Announced

Session 1: Leveraging Ethernet Card Vulnerabilities in Field Devices by Frank Marcus, Daniel Peck and Dale Peterson of Digital Bond, Inc.

Session 2: Estimation and Observations of 0Day Vulnerabilities in Control Systems by May Robin Chaffin and Miles McQueen of Idaho National Laboratory

Session 3: Customizing Control System Intrusion Detection at the Application Layer by Mai Kiuchi, Eiji Ohba and Yoshizumi Serizawa of CRIEPI (Japan)

Session 4: An Analysis of Two Directions in Control System Perimeter Security by Ludovic Pietre-Cambacedes and Pascal Sitbon of Electricite de France

Session 5: Secure Wireless Key Management for MAC-Layer Security and First Responder Credentialing by Tim Draelos and Mark Torgerson of Sandia National Laboratories

Session 6: Invited Talk

Evening Cocktail Reception Overlooking the Intercoastal Waterway

Thursday, January 22nd

Session 7: Jamming and Interference Induced Denial of Service Attacks on IEEE 802.15.4 Based Wireless Networks by Jake Brodsky and Anthony McConnel of Washington Suburban Sanitary Commission

Session 8: Low-Level Design Vulnerabilities in Wireless Control Systems Hardware by Travis Goodspeed of University of Tennessee and Brad Singletary and Darren Highfill of EnerNex Corporation

Session 9: The Great Debate - Is It Possible to Safely and Securely Connect Safety Systems to Control Systems?

Session 10: Security Metrics for Cyber Security Assurance by Dennis Holstein of OPUS Publishing

Session 11: Denial of Control: Availability and Integrity Attacks Against Critical Systems by Mark Fabro of Lofty Perch and Zach Tudor of SRI

Session 12: Aggregating and Correlating Security Events in Historians to Detect Cyber Attacks and Classify Attack Consequences by Kevin Lackey, Charles Perine and Martin Solum of Digital Bond, Inc.