S4 2014 Jan. 14, 2014 to Jan. 17, 2014, Miami,USA

Event Page


Tell us about missing data
Title Speakers Summary Topic Types
Welcome to OTDay Dale Peterson An introduction and welcome to the inaugural Operations Technology Day (OTDay) from the S4x14 event ...
Case Study: Running a DCS in a Highly Virtualized Environment - Level 101/301 Chris Hughes This session will cover the pro's and con's of virtualization as well as lessons learned ...
Welcome to OTDay (Replay) Dale Peterson An introduction and welcome to the inaugural Operations Technology Day (OTDay) from the S4x14 event ...
Designing and Maintaining a Resilient ICS Network Infrastructure - Level 101/301 James Lebaube Critical infrastructure and high value ICS must be resilient. Yet the majority of switches, routers ...
Detecting Problems in Industrial Networks Through Continuous Monitoring - Level 301 Marcelo Ayres Branquinho , Jan Seidl Each SCADA network, in a healthy state, presents a specific quality of service (QoS) which ...
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Systems Environments Paul Asadoorian I will never forget my assignment for a vulnerability assessment against a control systems network. ...
Time Traveling: Adapting Techniques from the Future to Improve Reliability - Level 301 Jacob Kitchel Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies ...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Securing Plant Floor Network Jeffrey Smith The presentation covers assessment, implementation methodology, and current level of success for addressing four key ...
Process Whitelisting And Resource Access Control For ICS Computers Kuniyasu Suzaki The Control System Security Center (CSSC) in Japan has an active project in their lab ...
Case Study: Running a DCS in a Highly Virtualized Environment - Level 101/301 (Replay) Chris Hughes This session will cover the pro's and con's of virtualization as well as lessons learned ...
Time Traveling: Adapting Techniques from the Future to Improve Reliability - Level 301 (Replay) Jacob Kitchel Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies ...
Managing and Securing Remote Access To Critical Infrastructure - Level 301 Yariv Lenchner The session will cover the security risks and issues around the management and usage of ...
Detecting Problems in Industrial Networks Through Continuous Monitoring - Level 301 (Replay) Marcelo Ayres Branquinho , Jan Seidl Each SCADA network, in a healthy state, presents a specific quality of service (QoS) which ...
Unidirectional Security - Level 101 Andrew Gintner This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that ...
Designing and Maintaining a Resilient ICS Network Infrastructure - Level 101/301 (Replay) James Lebaube Critical infrastructure and high value ICS must be resilient. Yet the majority of switches, routers ...
Process Whitelisting And Resource Access Control For ICS Computers 101/301 (Replay) Kuniyasu Suzaki The Control System Security Center (CSSC) in Japan has an active project in their lab ...
Managing and Securing Remote Access To Critical Infrastructure - Level 301 (Replay) Yariv Lenchner The session will cover the security risks and issues around the management and usage of ...
S4x14 Mini Keynote Dale Peterson The S4x14 stage is set as Dale presents another fast paced mini-keynote that doesn't pull ...
Going Small When Attacking A Process Jason Larson A great deal has been said about how to compromise various pieces of SCADA equipment. ...
Applying SDL To Legacy Code Matthew Theobald When an ICS vendor first integrates SDL (Security Development Lifecycle) practices into their software development ...
Securing ICS Applications When Vendors Refuse Or Are Slow To Produce a Security Patch Donato Ferrante , Luigi Auriemma While some ICS vendors are adjusting to the new reality of ICS vulnerabilities and are ...
Taken Out of Context - Language Theoretic Security and Potential Applications for ICS Darren Highfill Where would exploitation be without the ability to trick a machine into processing malicious input? ...
SCADA Apologist or SCADA Realist? Dale Peterson , Eric Byres Eric and Dale are friends with a strongly held disagreement on the path forward for ...
Harvard Architecture Exploitation – Coming to a Smart Grid SoC Near You! Nathan Keltner , Josh m0nk Thomas Exploitation on Harvard architecture chips presents unique challenges as opposed to the x86/x64 Von Nuemann ... IncludeThinkstScapes Harvard
At Least Pretend You Care: Writing ICS-Specific Vulnerability Advisories Sean Mcbride Critical Intelligence has written advisories for more than 800 publicly-disclosed ICS-specific vulnerabilities. This presentation will ...
HART As An Attack Vector: Current Loop to Application Layer Alexander Bolshev HART and HART-over-IP are widely deployed ICS protocols that have received minimal attention in the ...
You Name It, We Analyze It Jim Gilsinn , Bryan Singer With the ever increasing number of networking protocols, it can be difficult for vendors, integrators, ...
PLC Source Code Protection Failures and Solutions Stephan Dunlap , Jonathan Butts This session evaluates mechanisms used by major PLC vendors that provide source code protection for ...
Project Robus: Master Serial Killer Adam Crain , Chris Sistrunk Project Robus is a search for vulnerabilities in ICS/SCADA protocol stack implementations. Most research and ... IncludeThinkstScapes Embedded DNP3
All Aboard The Honey Train Marina Krotofil The idea of SCADA or ICS honeynets is not knew, but many of the ICS ...
PLCpwn - Turning PLC's Into Stealth Attack Platforms Stephen Hilt PLC's are ideal places to hide attack code and communication channels. They are computers, that ...
Data Driven Approaches To Defending "Known Vulnerable" ICS Monzy Merza This session focuses on data driven techniques that detect a range of ICS threats without ...
Threat Characterization From The Defender's Perspective Bri Rolston INL researchers will be comparing and contrasting the attack technology (vulnerabilities or exploits) to show ...
Using Graph Theory to Contain Propagation of Malicious Code on a Smart Grid Seth Bromberger Smart Grid and Industrial Control System (ICS) mesh infrastructures have unique characteristics that separate them ...
Red / Blue Live Eireann Leverett A skilled attacker (red) and defender (blue) from the S4 attendees will be selected in ...
15 in 15 Bryan Owen A fast paced session covering 15 recent ICS cyber security incidents in 15 minutes. Mr. ...
Poor API's Lead To Integrator Created Vulns - Time To Upgrade API's Rotem Bar SCADA manufacturers often promote a powerful API that allows asset owners and integrators to customize ...
Response and Serial Fuzzing ICS Protocol Stacks Adam Crain Adam Crain is the research leader for Project Robus which has identified numerous vulnerabilities in ...
How Will ICS Cyber Weapons Be Used? Thomas Rid Thomas Rid, author of the provocative book Cyber War Will Not Take Place, believes that ...
Introduction To Hardware Hacking for ICS Professionals Josh m0nk Thomas , Kevin Finisterre Date/Time: Friday, January 17th, 9AM - 4PM Note: The class fee includes $100 to cover ...
Profiling and Categorizing ICS Attack Teams Bri Rolston In this session, Ms. Rolston will identify some of the characteristics of teams that will ...
Aurora As A Harbinger Perry Pederson Although Stuxnet firmly fixed the term ‘cyberwar’ and ‘cyberweapon’ into the public lexicon, earlier efforts ...
Current Capabilities and Motivations of Threat Actors Laura Galante Cyber threats to critical infrastructure routinely make the news, but what do these threats actually ...
An Interview With Ralph Langner Paul Roberts , Ralph Langner Ralph Langner was the first to publicly identify that Stuxnet actually attacked and modified the ...
Preparation and Persistence Dale Peterson The order has been given; it's time to take down a critical infrastructure ICS. To ...