9 October 2011
WTC Convention Center, Grenoble (France)
Europe/Zurich timezone
2010 has been the tipping point for Control System Cyber-Security (CS2). For the first time, a targeted attack --- dubbed "Stuxnet" --- was conducted against an industrial control system. While this one was aimed at a particular control system, the attack itself confirms that the threat is real and similar attacks, most probably less sophisticated, will be seen throughout 2011...
Today's accelerator and detector control systems do not differ significantly from the control systems used in industry. Modern Information Technologies (IT) are commonly used, control systems are based more and more on common-of-the-shelf hardware/software (VME crates, PLCs, VxWorks, LynxOS, network switches, networked controls hardware, SCADA, commercial middleware, etc.) or Windows/Linux PCs. Furthermore, due to the academic freedom in the High Energy Physics community, control systems are produced in a wide, decentralized community, which leads to heterogeneous systems and often necessitates remote access. However, with this adoption of modern IT standards, control systems are also exposed to the inherent vulnerabilities of the corresponding hardware and software. The consequences of a security breach in an accelerator or detector control system might be severe, and attackers won't ignore HEP systems just because it's HEP. Overviews by several HEP institutes worldwide on the application of Cyber-Security in Control Systems were given at the 2nd ICALEPCS conference.
In the era of "Stuxnet", the (CS)2/HEP 2011 workshop is intended to share and discuss counter-measures, to review configuration and development procedures for secure control systems, and to review the progress since the last (CS)2/HEP workshop.
Potential Keywords and topics are:
  • Security, vulnerabilities and protective measures of front end devices (e.g. VME crates, LynxOS, VxWorks, PLCs, power supplies, networked controls hardware);
  • Control network security, network architectures, network segregation, firewalling and intrusion detection;
  • SCADA security, PC installation and management schemes;
  • Secure ("Kiosk") operation in multi-user environments (e.g. at light-sources, where users change quite frequently);
  • Authentication & Authorization on control systems;
  • Remote operations and expert interventions;
  • Software development cycle and system onfiguration management;
  • Security policies, best practices, security events and lessons learned.
Starts
Ends
Europe/Zurich
WTC Convention Center, Grenoble (France)
Kilimandjaro Nord