2010 Agenda

Control System Cyber Security Conference

September 20-24, 2010


Monday - Sept. 20, 2010

9:00 - 12:00 SD67 Meeting - Nuclear Plant Cyber Security Guy Landine, Pacific Northwest National Laboratory
1:30 - 3:30 SCADA and Process Control for Beginners Gary Seifert, Idaho National Laboratory
3:30 - 5:30 Cyber Exploitation-A Control Engineer’s Primer on Why Bad Things Happen Jon Stanford, Bonneville Power Administration


Tuesday - Sept. 21, 2010

7:00 - 8:00 Breakfast/Registration
8:00 - 9:15 Current Industry Status Joe Weiss, Applied Control Solutions
9:15 - 10:15 Break
10:15 - 10:45 Siemens Energy SPPA-T3000 Security and Compliance Vladimir Vylkov, Siemens
10:45 - 11:15 Industrial Security Overview Brad Hegrat, Rockwell
11:15 - 12:15 Beyond the Stuxnet Story Roel Schouwenberg, Kaspersky Lab, Americas
12:15 - 1:30 Lunch Walt Boyes - Controls Magazine
1:30 - 3:30 Approaching Stuxnet as an ICS Security Researcher-Methods and Findings from the Lab Ralph Langner, Langner Communications
3:30 - 4:00 Break
4:00 - 5:15 Open Discussion on Stuxnet Presentation Facilitated by Brad Hegrat and Joe Weiss
6:00 - 8:00 Reception


Wednesday - Sept. 22, 2010

7:00 - 8:00 Breakfast/Registration
8:00 - 8:45 Control System Patch Issues and ISA 99 William Cotter, 3M
8:45 - 9:30 Demonstration of Zigbee Vulnerabilities and Results of “the Gathering” Jake Brodsky, Washington Suburban Sanitary Commission
9:30 - 10:15 Demonstration of ICS Vulnerabilities Tom Maufer, Mu Dynamics
10:15 - 10:45 Break
10:45 - 11:30 Smart Grid Vulnerabilities Jeff Dagle, Pacific Northwest National Laboratory
11:30 - 12:15 Wind Power-Communications Security Concerns and Protection Gary Seifert, Idaho National Laboratory
12:15 - 1:30 Lunch Richard Hale- Chief Information Assurance Executive-Defense Information Systems Agency (DISA)
1:30 - 2:15 NIST Framework in Electric Power Jon Stanford, Bonneville Power Administration
2:15 - 3:00 DHS Plant Assessment Rick Lichtenfells, Department of Homeland Security
3:00 - 3:30 Break
3:30 - 4:15 Resilient Architectures for Mission Assurance and Business Objectives Harriett Goldman, MITRE
4:15 - 5:00 What is Software Security? Gary McGraw, Cigalis
6:00 - 8:00 Reception


Thursday - Sept. 23, 2010

7:00 - 8:00 Breakfast/Registration
8:00 - 8:45 Information Technology and Engineering: Lessons from the Chemical Sector Eric Cosman, Dow
8:45 - 9:30 Cyber Threats to Control Systems Mike Peters, Federal Energy Regulatory Commission (FERC)
9:30 - 10:15 Concerns with Unintentional Incidents Col Thomas Peppard, Air Force Space Command
10:15 - 10:45 Break
10:45 - 11:30 Commonalities and Differences in Securing ICSs in Industrial vs DOD Environments Gil Litichever
11:30 - 12:15 ICS Overview Michael Savena, Navy Facilities Command
1:30 - 2:15 Secure Autonomic Control Systems Don Cox, Raytheon
12:15 - 1:15 Lunch
2:15 - 3:00 Meeting the Challenges of a Qualified ICS Workforce and the Limits of Regulation Mike Assante, NBISE
3:00 - 3:15 Break
3:15 - 4:00 Part 73 and Cyber Security Perry Pederson, Nuclear Regulatory Commmission (NRC)
4:00 - 4:45 What Works for Control System Cyber security at CERN Stefan Lueders, CERN
4:45 - 5:00 Summary and Closing Joe Weiss, Applied Control Solutions


Friday - Sept. 24, 2010 - NIST Agenda

8:00 - 8:30 Registration Peggy Himes
8:30 - 8:45 Welcome and Opening Remarks James St. Pierre- ITL
8:45 - 10:00 Enterprise-Wide Risk Management
Organization, Mission, and Information System View		 Ron Ross-CSD
10:00 - 10:15 Break
10:15 - 11:00 NIST Special Publication 800-53, Revision 3
Security Controls for Information Systems, ICSs, and Organizations		 Kelly Dempsey-CSD
11:00-11:15 Nuclear Regulatory Commission Regulatory Guide 5.71 Eric Lee, NRC
11:15-11:30 ICS Status Including Stuxnet Joe Weiss, Applied Control Solutions
11:30 - 12:00 NIST Special Publication 800-37, Revision 1
Applying the Risk Management Framework to Information Systems and ICSs		 Ron Ross-CSD
12:00 - 1:00 Lunch
1:00 - 2:00 NIST Special Publication 800-82
Guide to Industrial Control Systems Security		 Marshall Abrams, MITRE
2:00 - 3:00 Smart Grid Project Update Marianne Swanson-CSD
3:00 - 3:30 Question and Answer Session Ron Ross-CSD