9th Control System Cyber-Security Workshop (CS)2/HEP

Contribution List

1. Intro into the 9th CS2/HEP

Stefan Lueders (CERN)

21/09/2025, 09:00

8. Control Systems, Cyber Security and Conflicting Priorities

Karen White (Oak Ridge National Laboratory)

21/09/2025, 09:15

Control systems for scientific user facilities and cybersecurity initiatives share important goals but do not always share common paths and priorities. This talk will explore priority drivers, conflicts and compromises.

3. A Wish or Hope for better OT cybersecurity

Chandler Lawrence (Fermilab), Timothy Zingelman

21/09/2025, 09:45

We have implemented a commercial security appliance which processes a full network feed from our control system to passively identify threats and anomalies. We will discuss the successes and failures so far using this tool

7. The Extremely Large Telescope (ELT) Primary Mirror Control System

Luigi Andolfato

21/09/2025, 10:45

The Control System of the Extremely Large Telescope (ELT) Primary Mirror will be presented in terms of network layout, control system stack, possibility for remote access and data transfer, SW development and maintainability processes, interaction with other systems and the Internet.

5. 18 months into the CERN cyber-security audit

Stefan Lueders (CERN)

21/09/2025, 11:15

With thorough 2023 cyber-security audit at CERN, the IT department and the CERN Computer Security Office as well as the Organization as a whole has been tasked with 95 different work packages to improve their computer security posture. This presentation will go to their implementation and deployment, the successes and the areas creating additional problems

6. Lessons Learned from the HZB security incident

Thomas Birke

21/09/2025, 14:00

A ransomware attack disrupted HZB and BESSY II operations, prompting a
complete network infrastructure rebuild. The recovery task force
utilized standardized Ansible playbooks for rapid deployment, resulting
in a modernized science data acquisition network with improved
configurations managed through version-controlled GitLab repositories
for enhanced tracking and maintenance.

9. Cyber Secure Experimental Physics and Industrial Control System

George McIntyre (SLAC National Accelerator Laboratory)

21/09/2025, 15:00

Secure PVAccess (SPVA) brings production-grade cybersecurity to the Experimental Physics and Industrial Control System (EPICS) framework by encapsulating the PVAccess protocol within Transport Layer Security (TLS). It integrates X.509 certificate-based authentication with common laboratory-wide services such as Kerberos and LDAP, and delivers a full certificate authority, management, and...

4. (Too?) Many of ways into CERN

Stefan Lueders (CERN)

21/09/2025, 16:00

Remote access to labs for users and experts, in particular, control systems, is essential for the efficient running of control systems of accelerators and experiments. However, such an Internet-connectivity exposes sensitive and poorly protection systems to the risks of direct attacks. This presentation shall discuss the remote access model into the CERN Campus network as well as into its...

2. Discussions

Stefan Lueders (CERN)

21/09/2025, 16:30

• What are your general policies for controls? Have you been audited? What are lessons learnt and best practises?
• How do you allow remote monitoring / control?
• How did you design your control network and interact with your data centre(s) and campus networks?
• How to you address cloud usage like OracleDB, Git, but also ML/AI/LLM?
• What about remote software development and CI/CD...