ICSJWG 2012 Fall Conference Presentations

These documents are ‘as received’ from the respective authors, who have released them for public distribution but may retain copyrights of the presentation matter. Please contact the authors for additional information regarding specific rights retained. Content and opinions are those of the authors and do not represent DHS opinions, endorsements, or recommendations. The advice and instructions provided in the attached are provided as is, with no warranties, and should be confirmed and tested prior to implementation, as applicable.

Should you wish a copy of any of the approved presentations, please contact us at ICSJWG@hq.dhs.gov and we will gladly forward a copy to you.

Real-Time Assurance for Critical Infrastructure and ICS
Mark Hall, Raytheon

Real-Time Knowledge Sharing
Chris Blask, ICS-ISAC
Gib Sorebo, SAIC

Applying ICS Cyber Security Principles to Health Care
Mike Ahmadi, GraniteKey LLC
Nate Kube, Wurldtech

Cyber Intrusions: More Than an IT Challenge
Bridgette Walsh, DHS Cyber Exercises Program

13 Ways Through a Firewall
Andrew Ginter, Waterfall Security Solutions

Defending Microsoft Windows Against 0-day Exploits Using EMET
Michael Orlando, CERT Coordination Center

The LOGIIC Host Protection Strategies Project
Zachary Tudor, SRI International

Public Standards for Interoperable ICS Security
Steven Venema, Boeing

David Mattes, Asguard Networks
Lisa Lorenzin, Juniper Networks
Kevin Staggs, Honeywell
Jeff Potter, Emerson Process Management

Using IP Addressing Schema for Network Isolation
Joel Langill, SCADAHacker

Public-Private Partnership in Japan: Control System Security Center Conducted by Japanese Government
Akio Sato, Ministry of Economy, Trade and Industry (METI), Deputy Director
Kazutaka Matsuzaki, Japan Control System Security Center

Application Whitelisting: Extend Your Security Arsenal?
Mike Baldi, Honeywell Process Solutions

Certificate Authorities and Public Keys: How They Work and 10+ Ways to Hack Them
Monta Elkins, Foxguard Solutions

Control Systems in the Pipeline Industry - Vulnerabilities and Mitigations
David Sawin, DOT Volpe Center
Robert Hoaglund, DOT Volpe Center

Security and Configuration Consoles and Other Physical/Virtual Communications Ports
Clyde Poole, TDI Technologies

Testing Control Systems with Microsoft's Attack Surface Analyzer
Michael Toecker, Digital Bond Inc

Update of ICS Security Policies of Japan
Akio Sato, Japan Ministry of Economy, Trade and Industry (METI), Deputy Director
Kazutaka Matsuzaki, Japan Control System Security Center

Security Issues for the Power Automation Industry in Central/South America
Juan Hoyos, Empresas Publicas de Medellin (EPM)
Timothy X. Brown, University of Colorado, Interdisciplinary Telecommunications Program, Director

Discussion: Guide/Kit to Kick Start a Control Systems Security Program
Graham Speake, Yokogawa IA Global Marketing Center, International Subgroup SCC Co-Chair