Control System Cyber-Security Workshop (CS)2/HEP

The enormous growth of the worldwide "Internet" during the last decade offers computer users new means to share and distribute information and data. The High Energy Physics (HEP) community has even partially driven the success of the Internet. Today, modern Information Technologies (IT) are commonly used in accelerator and experiment control systems. Accelerator and experiment control system are based more and more on common-of-the-shelf hardware/software (VME crates, PLCs, VxWorks, LynxOS, network switches, networked controls hardware, SCADA, commercial middleware, etc.) or Windows/Linux PCs. Even customized hardware often comes with Ethernet adapters. This world-wide interconnectivity allows access to all this equipment remotely from the office, from home or from remote universities and institutes. Unfortunately, the adoption of modern IT standards by control systems also exposes the inherent vulnerabilities of the corresponding hardware and software to the world. This world is far more hostile than a local private controls network as the number and power of worms and viruses increases and hackers start to become interested in control systems. Furthermore, control PCs can not be patched as fast as office PCs. Even worse, vulnerability scans at CERN have shown that common-off-the-shelf automation systems often lack even fundamental security protection measures. The (CS)2/HEP workshop is intended to present, share and discuss counter-measures deployed in high energy physics laboratories in order to secure control systems. Potential Keywords and topics are: * Security, vulnerabilities and protective measures of front end devices (e.g. VME crates, LynxOS, VxWorks, PLCs, power supplies, networked controls hardware) * Control network security, network architectures, network segregation, firewalling and intrusion detection * SCADA security, PC installation and management schemes * Secure ("Kiosk") operation in multi-user environements (e.g. at light-sources, where users change quite frequently) * Authentication & Authorization of control systems * Remote operations and expert interventions * Security policies, security procurement language, official regulations and best practices * Security testing, disclosure and follow up