Loading…
Welcome to the interactive agenda for SecurityWeek’s 2019 ICS Cyber Security Conference. Sessions are being finalized and the final program will include 4 FULL DAYS of content. (View the full conference website here) (You can Register for the ICS Cyber Security Conference and training here)
Monday, October 21 • 4:00pm - 4:45pm
Hardening a Modern ICS Environment

Sign up or log in to save this to your schedule and see who's attending!

Industrial Control System (ICS) devices were initially designed for closed-network or non-networked environments inside of facilities that were thought to be secure. These early systems did not consider cyber threats to be of consequence due to their closed off environment. However, these environments have evolved into technical distributed systems that may be connected to the Internet. These systems are high value targets that are also often infrequently patched or updated, leaving them vulnerable to common exploits. This, in tandem with the rise in threats from state actors willing to invest a large amount of time and money to compromise these high value targets, makes hardening ICS systems a necessity.

During this session, we will look at three fallacies that impact the security postures of industrial control systems and propose some ways to address them. In summary these misconceptions are:

1. Programming languages don’t matter.
2. Keeping the adversary out is all that matters.
3. There is no way the adversary knows enough about my system.

This session will demonstrate some of the concepts talked about above in a Linux 5.2 environment with Fieldbus support. We will demonstrate methods for inhibiting a ”root” shell from accessing a protected file, a encrypted storage and executable vault limiting the potential for RE, and finally a rootkit is unable to be loaded into the kernel.

Speakers
avatar for Dan Robertson

Dan Robertson

Software Engineer, Starlab
Dan Robertson is a Epidemiologist turned Software Engineer. Mr. Robertson is currently workin on a Linux Security Module at Starlab. Before working at StarLab he worked at Tripwire on a Vulnerability Management product where he spent most of his time working with the SMB protocol... Read More →


Monday October 21, 2019 4:00pm - 4:45pm
Windsor C