Mark Your Calendar: S4 2013 is January 16-17
Digital Bond’s SCADA Security Scientific Symposium (S4)
Was Held January 18-19, 2012 in beautiful Miami Beach
January 2012 was the 5th edition of Digital Bond’s S4 conference, and it was the best yet. Full credit is due to the researchers and attendees.
S4 2012 was a sell out with 65 attendees from 13 different countries. We limit the size so a venue that maximizes conversations and relationship building can be used. The 65 attendees represented top ICS security talent from vendors, owner/operators, consultants, researchers and government organizations. This audience could understand the technical content and actively participated in the Q&A and hallway conversations. Regrettably we had to turn away 25 people on the wait list, and hopefully they will have a chance to attend S4 2013.
The 2012 edition was the first time we had more quality papers than conference time — even with shortening many of the presentations to 30 or 45 minutes. The speakers got right into the technical meat, avoided SCADASEC and ITSEC 101, and provided the most technical sessions to date in DCS and SCADA security.
We made room for four media representatives: Wired, ThreatPost, Washington Post and CBS News / 60 Minutes. Here is a press coverage page with some of the more interesting and accurate articles.
There were also two advanced full day courses taught before and after S4.
- Billy Rios and Terry McCorkle taught Hacking and Exploiting HMI
- Reid Wightman taught Hacking and Exploiting PLCs
This year we are giving the entire ICS security community a chance to see what happens at S4 by making the videos available on our S4 2012 Video Channel. You can go directly to the channel or click below on the individual blog article and video.
18 Jan 2012, Day 1
| 8:30 – 9:00 | S4 Keynote – No More Fragility - Dale Peterson of Digital Bond |
| 9:00 – 9:45 | The Witch Doctor vs. the Engineer – Why Believe Either One - Darren Highfill of Utilisec |
| 9:45 – 10:15 | Technical Security in Smart Metering Devices: A German Perspective - Stephan Beirer of GAI NetConsult |
| 10:30 – 11:15 | Documenting the “Lost Decade:” An Analysis of Publicly-Disclosed ICS-Specific Vulnerabilities since 2001 - Sean McBride of Critical Intelligence |
| 11:15 – 12:15 | Stuxnet: A Deep Dive – Ralph Langner of Langner Communications |
| 12:15 – 1:15 | Lunch Outside in Beautiful Weather Overlooking the Intracoastal Waterway |
| 1:15 – 1:30 | Unsolicted Response |
| 1:30 – 2:00 | Automated Consequence-Based Assessment Schema – Dennis Holstein of OPUS Consulting Group |
| 2:00 – 2:45 | ICS Exploit Mitigation with EMET – Suha Can of Microsoft, Terry McCorkle of Spearpoint Security |
| 3:00 – 3:45 | Application Whitelisting for Industrial Control Systems – An Evaluation Guideline – Sebastian Obermeier of ABB |
| 3:45 – 4:30 | No Silver Bullets: Application Whitelisting in ICS – Andrew Ginter of Waterfall Security Solutions |
| 4:30 – 5:15 | Why Johnny Can’t Patch: Can Vulnerability Patching Work in the ICS World? – Eric Byres of Tofino Security |
| 5:15 – 7:15 | S4 Gala Cocktail Party |
19 January 2012, Day 2
| 8:30 – 10:30 | Project Basecamp Intro - Dale Peterson of Digital Bond, Project Basecamp - Reid Wightman of Digital Bond |
| 10:45 – 11:30 | Denial of Surface – Eireann Leverett |
| 11:30 – 12:15 | Preventing Attacks on Critical Infrastructure through Hardware Protection Against Malicious USB Devices – Pascal Sitbon of Electricite de France |
| 12:15 – 1:15 | Lunch Outside in Beautiful Weather Overlooking the Intracoastal Waterway |
| 1:15 – 1:30 | Unsolicited Response |
| 1:30 – 2:00 | Intrusion Detection for Embedded Control Systems – Jason Reeves of Dartmouth College and TCIPG |
| 2:00 – 3:15 | The Great Debate: Anti-virus and Monthly Security Patching Should Be Abandoned in ICS |
| 3:30 – 4:15 | Forensic Techniques for Industrial Control Systems – Bryan Singer of Kenexis |
| 4:15 – 4:30 | Closing Remarks by Dale Peterson |
