Industrial Control System Security (ICSS) Workshop

The Industrial Control System Security Workshop will be held in Los Angeles, California, Tuesday, December 8, 2015, in conjunction with the Annual Computer Security Applications Conference (ACSAC). ACSAC will be held at the Hilton Los Angeles/Universal City.

Supervisory control and data acquisition (SCADA) and industrial control systems monitor and control a wide range of industrial and infrastructure processes such as water treatment, power generation and transmission, oil and gas refining and steal manufacturing. Such systems are usually built using a variety of commodity computer and networking components, and are becoming increasingly interconnected with corporate and other Internet-visible networks. As a result, they face significant threats from internal and external actors. For example, Stuxnet malware was specifically written to attack SCADA systems that alone caused multi-million dollars damages in 2010.

The critical requirement for high availability in SCADA and industrial control systems, along with the use of resource constrained computing devices, legacy operating systems and proprietary software applications limits the applicability of traditional information security solutions. The goal of this workshop is to explore new security techniques that are applicable in the control systems context. Papers of interest including (but not limited to) the following subject categories are solicited:

  • Intrusion detection and prevention
  • Malware
  • Vulnerability analysis of control systems protocols
  • Digital forensics
  • Virtualization
  • Application security
  • Performance impact of security methods and tools in control systems

Program

8:30 Welcome and Introduction, Harvey Rubinovitz, The MITRE Corporation, and Adam Hahn, Washington State University

8:45 Towards Security and Resilience of Cyber-Physical Systems, Sajal Bhatia, Fordham University, NY

9:30 Securing Industrial Control Systems: An End-to-End Integrity Verification Approach [ slides ], Sye Loong Keoh, et al., University of Glasgow Singapore, Singapore

10:30 Evaluating Resilience of Oil and Gas Cyber Physical Systems: A Roadmap, Yatin Wadhawan and Clifford Neuman, University of Southern California

11:15 A Quantitative Evaluation of the Target Selection of Havex ICS Malware Plugin [ slides ], Julian Rrushi, Western Washington University

1:00 Trustworthy Critical Infrastructures: Threats, Challenges, and Countermeasures, Saman Zonouz, Rutgers University

1:45 Extracting the RC4 secret key of the Open Smart Grid Protocol (OSGP) [ slides ], Linus Feiten, and Matthias Sauer, Albert-Ludwigs-Universität Freiburg

2:30 Exploratory Analysis of Modbus and general IT network flows in Water SCADA System, Anvit Srivastav, Carlos Ortega, Priya Ahuja, Michael Christian, and Alvaro Cardenas. University of Texas at Dallas

3:15 Discussion Period and Wrap-up, Harvey Rubinovitz, The MITRE Corporation, and Adam Hahn, Washington State University


Submissions should be 5-8 pages, using the double-column ACM proceedings format. Submission website: https://easychair.org/conferences/?conf=icss20150

Important Dates

Submission Deadline:October 5, 2015
Acceptance Notification:October 26, 2015
Final Manuscript due:November 5, 2015
Workshop Date:December 8, 2015

Organizing Committees

General Co-Chairs:
Harvey Rubinovitz, The MITRE Corporation
Adam Hahn, Washington State University

Program Chair
Irfan Ahmed, The University of New Orleans

Program Committee Members include:

Sajal Bhatia, Vanderbilt University
Alvaro Cardenas, University of Texas at Dallas
Ernest Foo, Queensland University of Technology, Australia
Marina Krotofil, Hamburg University of Technology
Tommy Morris, University of Alabama in Huntsville
Clifford Neuman, University of Southern California
Bradley Schatz, Schatz Forensic
Wen-Zhan Song, Georgia State University
Saman Zonous, Rutgers University

The workshop papers will be published on the ACSAC website and selected papers may be published in extended format in the International Journal of Critical Infrastructure Protection (Elsevier).
If you are interested in attending please check off the appropriate box on the conference registration form and add in the Industrial Control System Security (ICSS) Workshop fee. Lunch will be included as part of the workshop fee.

Additional ACSA Events:
NSPW – New Security Paradigms Workshop
LASER – Learning from Authoritative Security Experiment Results