BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Security Analysis of Industrial Control Systems - Arthur Gervais (
 Aalto University)
DTSTART:20120710T151500Z
DTEND:20120710T161500Z
UID:TALK38512@talks.cam.ac.uk
CONTACT:Wei Ming Khoo
DESCRIPTION:Industrial Control Systems (ICS)\, often referred to as SCADA 
 (Supervisory Control And Data Acquisition) Systems\, have gained the incre
 asing attention of IT-Security researchers. This talk introduces the termi
 nology and background of ICS and exposes the reasons why it is difficult t
 o secure ICS. Moreover\, the talk will present security analysis guideline
 s for ICS devices. These guidelines can be applied to many ICS devices and
  are mostly vendor-independent. Furthermore\, based on Scapy\, a Modbus/TC
 P interactive packet manipulation program was developed for assessing crit
 ical infrastructures and ICS devices.\n\nIn the second half of the talk\, 
 I will describe a security analysis performed on a real device - an ICS de
 mocase containing current products in use in ICS. Besides known security i
 ssues\, the analysis shows how the data visualized by the Human Machine In
 terface (HMI) can be altered and modified without limit. Secondly\, physic
 al values read by sensors\, such as temperatures\, can be altered within t
 he Programmable Logic Controller (PLC). Thirdly\, input validation also re
 present critical security issues in the ICS world. Lastly\, existing secur
 ity solutions for securing current ICS are briefly presented.
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR