We are pleased to announce a return to Tokyo for the S4xJapan event on Friday, November 6th. S4xJapan will be held again at Academy Hills on the 49th Floor of the Roppongi Hills Mori Building. There will be a fun and novel social event (last year was the Kaspersky...
While progress on adding basic security to PLC/RTU/Controllers, Level 1 of the Purdue Model, continues to be excruciatingly slow, there is much good news from vendors that make the applications that reside at Level 2. Vendors offering HMI, Engineering...
This is a great session for power engineers and those involved in substations to watch. It is an extremely technical session by Dr. Chee-Wooi Ten of Michigan Technological University. The key point is actually easy to understand. The most critical substations to...
In my talk way back at S4x15 I briefly mentioned a few techniques at identifying interesting parts of an application for reverse engineers. A lot of times we as reverse engineers load up a firmware or DLL or executable. We want to get hunting for bugs as quickly...
We generally do not allow product presentations at S4, but occasionally there is a technology that is novel or potentially important that we make an exception. For example, we had Kaspersky present on their ICS operating system at S4x15. A second exception was made...
Billy Rios of Laconicly joined me on the Unsolicited Response Podcast to discuss two topics: WhiteScope – an online ICS/SCADA whitelist that is trying to solve the last mile supply chain problem until vendors start signing their code. The WhiteScope data...
In part 1 we looked at what CAN is and what the difference between CAN and OBDII traffic is on a vehicle network. In this part we’re going to look at simple reverse engineering techniques to determine which CAN IDs are of interest to us. For this exercise, we’d like...
Save the date: S4x16 is January 12-16 S4x16 is moving to the Fillmore Miami Beach at Jackie Gleason Theater in the heart of South Beach. It’s literally 3 blocks from the beach, 1 block from Lincoln Road and right in the middle of all the SoBe...
I thought I’d take a step back after releasing tools and presenting on CAN to do a quick intro into what communications are going on inside a vehicle anyway. What is CANBus? What is OBDII? Is there a difference? We’re going to skip all the electrical fun parts, the...
Belden buys Tofino, GE buys Wurldtech, Lockheed Martin buys Industrial Defender and now iSight Partners acquires Critical Intelligence. The trend continues of larger organizations buying ICS security expertise. Bob Huber and Sean McBride left Idaho National Labs...
