Loading…
This event has ended. Visit the official site or create your own event on Sched.
This is the AGENDA FOR 2022 -- Please visit the main website for the latest conference information. 
Monday, October 24 • 9:00am - 5:00pm
Applied ICS Security Training Lab

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

This full-day lab course gives participants hands-on experience attacking and hardening a simulated power plant network to learn about common ICS vulnerabilities and defenses. Participants will attack historians, HMIs, and PLCs to cause a power outage in the 3D simulation, and then implement defenses like firewalls and network monitoring to harden it.

Learning Objectives - In this session attendees will learn:
  • Deeper understanding of common vulnerabilities in ICS networks and devices                     
  • Techniques for testing ICS devices for various vulnerabilities
  • Practical experience hardening ICS device configurations and using network defenses

Topics Covered:
  • Scanning ICS networks
  • Exploiting web vulnerabilities in the DMZ
  • Sniffing industrial network traffic
  • Password cracking
  • PLC and HMI programming
  • Using Yara to scan for ICS malware
  • Writing host and network firewall rules for ICS
  • ICS network intrusion detection
                               
Requirements
Participants must bring their own laptop with either Chrome or Firefox installed. Some Linux experience is helpful but not required.

Speakers
avatar for Dr. David Formby

Dr. David Formby

Fortiphyd Logic, CEO/CTO
David Formby is CEO/CTO and co-founder of Fortiphyd Logic. He received his Ph.D. from the Georgia Institute of Technology where he focused on developing novel attacks and defenses for industrial control system networks and PLCs. Formby now leads Fortiphyd Logic in developing innovative... Read More →


Monday October 24, 2022 9:00am - 5:00pm EDT
Trippe II