May 2013 Whitepaper and Presentation Submissions

These are the whitepapers and presentations that ICSJWG members submitted in conjunction with the cancelled 2013 Spring Meeting. These documents are ‘as received’ from the respective authors, who have released them for public distribution but may retain copyrights of the presentation matter. Please contact the authors for additional information regarding specific rights retained. Content and opinions are those of the authors and do not represent DHS opinions, endorsements, or recommendations. The advice and instructions provided in the attached are provided as is, with no warranties, and should be confirmed and tested prior to implementation, as applicable.

Should you wish a copy of any of these, please contact us at and we will gladly send a copy.

Protecting Critical Infrastructure from Emerging Cyber Threats - Cyber Security by Design

Ayman Al-Issa, Digital Oil Fields

A Peek Under the Covers - What Keeps Utilities Up at Night

Nadya Bartol, Utilities Telecom Council

ICS Supply Chain Security

Nadya Bartol, Utilities Telecom Council

Minimizing Risks Associated with Performing Vulnerability Assessments on Industrial Control Systems

Alexander Benitez, ComSource

Non-Traditional Uses of Forensics in Security Analysis

Steve Kaplan, Accuvant
Sandra Bittner, Arizona Public Service

Solution Pursuits for Control Systems Portable Media/Devices

Sandra Bittner, Arizona Public Service
Steve Kaplan, Accuvant
Jared Walther, GD Barri and Associates

Network Endpoints and Attribute Based Access Controls

Rainer Enders, NCP Engineering
Heinz Schwarz, Golden State University

CIP Version 5 Supports Unidirectional Security Gateways

Paul Feldman, MISO & WECC
Lior Frenkel, Waterfall Security Solutions

Overview of the DoD Risk Management Framework and the Committee for National Security Systems Instruction 1253, Industrial Control Systems Platform IT Overlay

Daryl Haegley, OCP
Dr. Michael Chipley, LEED AP

Holistic View of Securing IP-based Industrial Control Systems Networks

Leonard Jacobs, Netsecuris

Network Flow Analysis

Corey Thuen, Southfork Security

New Techniques for SCADA Cybersecurity: Data-level Controls and Network-based Deployments

Francis Cianfrocca, Bayshore Networks