Attacks against industrial control systems, including Ransomware and politically motivated attacks, are now regularly reported in the media; new vulnerabilities are regularly published and exploited; and politicians become more and more concerned about the resilience of the control systems controlling a nations critical infrastructure...
Modern accelerator and detector control systems do not differ significantly from the control systems used in industry or devices being part of the "Internet-of-Things" (IoT). Modern Information Technologies (IT) are commonly used, control systems are based more and more on common-of-the-shelf hardware/software (VME, PLCs, VxWorks, network switches, networked controls hardware, SCADA, commercial middleware, etc.) or Windows/Linux PCs, and commonly employ standard IT-techniques (Git & built frameworks, virtualisation & containerisation, Machine Learning, etc.). Furthermore, due to the academic freedom in the High Energy Physics community, control systems are produced in a wide, decentralized community, which leads to heterogeneous systems and often necessitates remote access. However, with this adoption of modern IT standards, control systems are also exposed to the inherent vulnerabilities of the corresponding hardware and software. The consequences of a security breach in an accelerator or detector control system might be severe, and attackers won't ignore HEP systems just because it's HEP.
Presentations by several HEP institutes worldwide on the application of Cyber-Security in Control Systems were given at the 8th ICALEPCS conference prior to the Covid pandemia. Resurrected, this new (CS)2/HEP workshop is intended to continue sharing and discussing counter-measures, to review configuration and development procedures for secure control systems, and to review the progress since the last (CS)2/HEP workshop.
Potential Keywords and topics are:
- Security, vulnerabilities and protective measures of front end devices (e.g. VME, VxWorks, PLCs, power supplies, networked controls hardware);
- Control network security, network architectures, network segregation, firewalling and intrusion detection, but also data centre connectivities;
- SCADA security, PC installation and management schemes, including secure ("Kiosk") operation in multi-user environments (e.g. at light-sources, where users change quite frequently);
- Authentication & Authorization on control systems;
- Remote operations and expert interventions;
- Software development, software curation, and system built & configuration management;
- Security policies, best practices, security events and lessons learned.
