2nd Control System Cyber-Security Workshop (CS)2/HEP

Since the last ICALEPCS conference in 2007, Control System Cyber-Security (CS2) still attracts increasing attention worldwide from global players in industry and in government, in particular in the U.S. and in Europe. We also see growing numbers of malicious attacks attempting to infiltrate control systems. Today's accelerator and detector control systems do not differ significantly from the control systems used in industry. Modern Information Technologies (IT) are commonly used, control systems are based more and more on common-of-the-shelf hardware/software (VME crates, PLCs, VxWorks, LynxOS, network switches, networked controls hardware, SCADA, commercial middleware, etc.) or Windows/Linux PCs. Furthermore, due to the academic freedom in the High Energy Physics (HEP) community, control systems are produced in a wide, decentralized community, which leads to heterogeneous systems and often necessitates remote access. However, with this adoption of modern IT standards, control systems are also exposed to the inherent vulnerabilities of the corresponding hardware and software. The consequences of a security breach in an accelerator or detector control system might be severe, and attackers won't ignore HEP systems just because it's HEP. First overviews by several HEP institutes worldwide on the application of Cyber-Security in Control Systems were given at the last ICALEPCS conference. This time, the (CS)2/HEP 2009 workshop is intended to review the progress since the last conference, to share and discuss further counter-measures, and to review configuration and development procedures for secure control systems. Potential Keywords and topics are: * Security, vulnerabilities and protective measures of front end devices (e.g. VME crates, LynxOS, VxWorks, PLCs, power supplies, networked controls hardware) * Control network security, network architectures, network segregation, firewalling and intrusion detection * SCADA security, PC installation and management schemes * Secure ("Kiosk") operation in multi-user environments (e.g. at light-sources, where users change quite frequently) * Authentication & Authorization on control systems * Remote operations and expert interventions * Software development cycle and system configuration management * Security policies & best practices