I’ve been highlighting the big name speakers and entertaining performances planned for the Main Stage at S4x16 because this is new and exciting. But we have not forgotten what S4 has been about since it began in 2007 … bleeding edge technical sessions presented in technical detail. Code, math, exploits, statistics, logic, protocol analysis, attack and defense methodologies and other detailed presentations you will not see at other events.
In fact we tell our presenters to dive deep into the most interesting aspect of their presentation and don’t be concerned if they leave a portion of the audience behind. Stage 2: Technical Deep Dives will be the home to the traditional technical S4 presentation. This is also a theater, concert quality stage, but the vibe in the room is perfect for a technical deep dive. Hard to explain, but you’ll get it when you see it.
You should check out the full agenda, but as always there are the top researchers you know and some new discoveries that you will certainly be hearing from a lot in the future. Here are five to whet your appetite.
- Egor Litinov of Digital Security in Russia will be showing how KNX, a lower layer building automation protocol, allows compromise of building management systems from a hotel room or office. While this has an insecure by design flavor, we think it is noteworthy in the same way Project Robus was because the attack can come from a physically insecure “field” site.
- Sergey Bratus, Adam Crain, Meredith Patterson and a couple of others have build on their Langsec presentation at S4x14 to now be able to show how to use this approach to validate DNP3 implementations. A new tool will be discussed and released.
- Jalal Bouhdada and Erwin Paternotte of Applied Risk are going to show how to attack a plant via WirelessHART. Very curious to see this as I haven’t heard of any security issues with the WirelessHART protocol.
- Dan Scali of Mandiant is going to tackle the question we hear a lot … My corporate network has been compromised. How do I know if my ICS has been compromised?
- And for number 5 I’ll pick a fun talk. Deviant Ollam will present on elevator security, particularly the physical keys and switches in most commercial elevators. I saw this talk at Shakacon this year, and I know the S4 audience will enjoy it.
This is a small sampling. I’ll highlight more in future articles, but you should check out the agenda and register if you want to see the best ICS technical content on Stage 2.