The 12th International Conference on System Safety and Cyber Security
30 October - 1 November 2017 | IET London: Savoy Place
Monday 30 October 2017
A roadmap for improving the cyber-security of safety-critical systems
The focus here is on operational aspects of safety-critical systems rather than the associated business information systems. Most cyber security research cannot be applied to safety-critical applications.
As a trivial example, it is (almost) impossible to gain regulatory approval for intrusion detection systems (IDS) within Supervisory Control and Data Acquisition (SCADA) environments.
Many of these IDS rely on AI/machine learning; which is not approved for safety related systems within existing software safety standards such as IEC61508. How can you prove that a program is safe when its behaviour is influenced by future training sets? And if you can, how would you respond to an alert in the Flight Data Processing Systems in Heathrow?
You cannot switch the system off and do a forensic analysis with dozens of aircraft in the sky. If you continue to operate, you may endanger safety by ignoring evidence that you have software of unknown provenance in your networks.
Existing security standards, including the ISO27k series, are equally hard to apply.
Would you leave them unpatched with known security vulnerabilities or update them and run the risk of transferring malware to the devices that control the reactor? In this tutorial, I will provide a number of solutions to these problems; outlining further challenges and successes in the cyber-security of safety-critical systems.
Presented by: Prof. Chris Johnson, University of Glasgow
Refreshments and networking
Cyber security: ICS, OT & IoT – the issues, standards and solutions
The increasing focus on Operational Technology security is demonstrated by the rate new guidance published from a variety of sources.
This tutorial will explore cyber physical systems security guidance and explore the issues driving security in the OT, IOT and Critical National Infrastructure ICS space and review some of the solutions covering:
Presented by: Nigel Mackie, Head of Cyber Security and Intelligence, MASS, UK
You are under attack – Cyber defence or protect the business?
Just because there’s a vulnerability and a threat, doesn’t mean there’s a corresponding risk. Bruce will explore with you the nature and relevance of threats and vulnerabilities, and where they fit in to the UK Cyber Defence taxonomy (which he was tasked to develop).
He’ll look at some aspects of intelligence-based defence, including:
He’ll spend a bit of time on sensible Risk Assessment, Risk Management and, most particularly, Risk Recovery (based on the fact that the bad guys are ALREADY inside, doing damage!).
Finally, he’ll offer you some ways of thinking, including a novel doctrine based around “deter - deny - defend - detect - diagnose - delineate - display - demarcate - decontaminate - dissect - disseminate – destroy” which might help inform any balance of investment decisions you get involved in.
Bruce has nothing to sell, and no hidden agenda – he merely hopes that by the end of his session he will have given you cause for thought, stimulated some lateral thinking, and perhaps even inspired you to do something you wouldn’t otherwise have done!
Presented by: Bruce Wynn, Independent Cyber Consultant and Special Advisor (Cyber) to the City of London Police
End of Day 1
Programme is correct at time of publication. Topics and speakers are subject to change.
Member - £595
Non-member - £695