IET logo
 
scs - header

SSCS 2017

The 12th International Conference on System Safety and Cyber Security

30 October - 1 November 2017 | IET London: Savoy Place

CPD 18 hours IET London: Savoy Place (logo)
 

Workshop programme

 
Monday 30 October 2017

09:00 - 11:00

A roadmap for improving the cyber-security of safety-critical systems

The focus here is on operational aspects of safety-critical systems rather than the associated business information systems. Most cyber security research cannot be applied to safety-critical applications.

As a trivial example, it is (almost) impossible to gain regulatory approval for intrusion detection systems (IDS) within Supervisory Control and Data Acquisition (SCADA) environments.

Many of these IDS rely on AI/machine learning; which is not approved for safety related systems within existing software safety standards such as IEC61508. How can you prove that a program is safe when its behaviour is influenced by future training sets? And if you can, how would you respond to an alert in the Flight Data Processing Systems in Heathrow?

You cannot switch the system off and do a forensic analysis with dozens of aircraft in the sky. If you continue to operate, you may endanger safety by ignoring evidence that you have software of unknown provenance in your networks.

Existing security standards, including the ISO27k series, are equally hard to apply.
In civil nuclear facilities, many SCADA components are air gapped (isolated) – the only way that malware can feasibly reach most PLCs or sensors is to follow the security standards and regularly install security patches.

Would you leave them unpatched with known security vulnerabilities or update them and run the risk of transferring malware to the devices that control the reactor? In this tutorial, I will provide a number of solutions to these problems; outlining further challenges and successes in the cyber-security of safety-critical systems.

Presented by: Prof. Chris Johnson, University of Glasgow

11:30

Integrating cyber security: IT, OT & safety

The increasing focus on Operational Technology security is demonstrated by the rate new guidance published from a variety of sources. Controls systems are at the heart of IOT, and fundamentally shape the Industrial IOT.

Which guidance is most applicable to your systems, and how should you utilise the good practice to best effect? This tutorial will explore the development of OT and cyber physical systems security guidance, including the interdependencies of safety and cyber security.

Coverage includes IEC 62443, CPNI Securing ICS, NIST SP 800-82R2, NIST Cyber Security Framework, ISA TR84.00.09, VDI 2182, DOE C2M2 and the Framework for Cyber-Physical Systems:

  • Delegates will understand the variety of available and emerging guidance for securing OT systems
  • Attendees will be appreciate the importance of appropriate governance in the establishment of security programmes and successful OT security implementation

Safety and security are increasingly converging, participants will learn about approaches to integrate both aspects in their projects, and manage convergence risk.

Presented by: Dr Richard Piggin, Atkins

13:00

Lunch

14:00

You are under attack – Cyber defence or protect the business?

Just because there’s a vulnerability and a threat, doesn’t mean there’s a corresponding risk. Bruce will explore with you the nature and relevance of threats and vulnerabilities, and where they fit in to the UK Cyber Defence taxonomy (which he was tasked to develop).

He’ll look at some aspects of intelligence-based defence, including:

  • Some of the tradecraft of the bad guy
  • Military operations vs intelligence collection vs law enforcement
  • Immediate self-defence versus forensics and evidence-chain preservation
  • Proactive cyber defence
  • The cyber kill chain
  • Intelligence-based cyber defence
  • Penetration testing vs vulnerability assessment vs risk Management

He’ll spend a bit of time on sensible Risk Assessment, Risk Management and, most particularly, Risk Recovery (based on the fact that the bad guys are ALREADY inside, doing damage!).

Finally, he’ll offer you some ways of thinking, including a novel doctrine based around “deter - deny - defend - detect - diagnose - delineate - display - demarcate - decontaminate - dissect - disseminate – destroy” which might help inform any balance of investment decisions you get involved in.

Bruce has nothing to sell, and no hidden agenda – he merely hopes that by the end of his session he will have given you cause for thought, stimulated some lateral thinking, and perhaps even inspired you to do something you wouldn’t otherwise have done!

Presented by: Bruce Wynn, Independent Cyber Consultant and Special Advisor (Cyber) to the City of London Police

16:00

Workshop 4 - to be confirmed

Programme is correct at time of publication. Topics and speakers are subject to change.

Exhibitors

Pricing

Member - £595
Non-member - £695