This event has ended. Visit the official site or create your own event on Sched.
Welcome to the interactive agenda for SecurityWeek’s ICS 2022 ICS Cyber Security Conference. Sessions are being finalized and the final program will include 4 FULL DAYS of content. (View the full conference website here) (You can Register for the IN-PERSON Conference and trainings here and register for virtual/online only access here)
Technical Track [clear filter]
Tuesday, October 25

11:30am EDT

Are Zero Trust Industrial Networks Achievable?
The Pandemic brought zero trust to the forefront with the advent of Hybrid work and creating the perimeter less enterprise. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. Zero trust within the industrial space is often misrepresented and there can be confusion on what can or cannot be implemented. This quick overview will provide guidance on:
  • What Zero Trust is
  • Why Zero Trust can be challenging to implement in OT
  • Where Zero Trust applies across an Industrial Architecture
  • Starting the Zero Trust Journey while securing ICS with Industrial Standards.

avatar for Jason Greengrass

Jason Greengrass

Principal IoT Architect, Palo Alto Networks

Tuesday October 25, 2022 11:30am - 11:50am EDT

12:15pm EDT

Lunch Workshop: CISA Alert (AA22-265A) - Control System Defenses: Know the Opponent, know their steps. Anatomy of a Port Infrastructure Attack
Operational technology/industrial control system (OT/ICS) assets that operate, control, and monitor day-to-day critical infrastructure and industrial processes continue to be an attractive target for malicious cyber actors. Traditional approaches to securing OT/ICS do not adequately address current threats to those systems. However, owners and operators who understand cyber actors’ tactics, techniques, and procedures (TTPs) can use that knowledge when prioritizing hardening actions for OT/ICS.  Join Armis in reviewing the anatomy of a port infrastructure attack and how the lessons of Sun Tzu can help in protecting our critical infrastructure against advanced persistent threat (APT) groups.

avatar for Keith Walsh

Keith Walsh

Director, OT Strategy and Operations, Armis
Keith has been in the IoT and OT space since 2010 helping to protect and harden the lifecycle of critical infrastructure devices found within our nation's grid, healthcare and medical devices, transportation, DoD, smart city, and critical manufacturing. Keith has worked with the largest... Read More →

Tuesday October 25, 2022 12:15pm - 12:45pm EDT

1:15pm EDT

Cybersecurity Assessment Tools for Distributed Energy Resources
The National Renewable Energy Laboratory developed the Distributed Energy Resources Cybersecurity Framework (DERCF) and web application to help federal agencies mitigate gaps in their cybersecurity posture for distributed energy systems. The web-based tool assists a facility’s energy management team by bringing guidance and structure to the extensive array of cybersecurity controls applicable to DERs and walking the user through a three-pillar assessment framework. The three pillars, defined as Cybersecurity Governance, Technical Management, and Physical Security, each contain multiple layers that address key cybersecurity topics and together create a robust and flexible framework specifically designed for DERs. Join this session to learn more about the framework and how it could be utilized to help protect your operation!

The National Renewable Energy Laboratory is a national laboratory of the U.S. Department of Energy, Office of Energy Efficiency and Renewable Energy.

avatar for Anuj Dilip Sanghvi

Anuj Dilip Sanghvi

Researcher, Cybersecurity Science and Simulation Group, National Renewable Energy Laboratory
Anuj Sanghvi is an Operational Technology (OT) Cybersecurity Researcher and Network Security Engineer with the Cybersecurity Science and Simulation group at the National Renewable Energy Laboratory. He leads the research and development of NREL’s Distributed Energy Resources Cybersecurity... Read More →

Tuesday October 25, 2022 1:15pm - 1:45pm EDT
Windsor DE

1:45pm EDT

The Pros and Cons of Monitoring OT Cybersecurity Environments On Premise vs Through a Managed Security Service
Active monitoring of your ICS network traffic and end points can significantly reduce cyber risk and help ensure stable operations, but establishing a 24/7 OT monitoring solution remains a goal out of reach for many operators. Some have elected to leverage existing IT SOC capabilities or premise alternatives to support OT monitoring while others are turning to MSSP providers for an outsourced solution. In this presentation, we’ll discuss the benefits and challenges of OT/ICS cybersecurity risk monitoring & threat detection in both on-premise and MSS scenarios as well as best practices to drive resilience with 24/7 cyber threats detection and response.

avatar for Mohammed Saad

Mohammed Saad

Director of Industrial Cybersecurity, Honeywell
Mohammed Saad is a Global Director for Honeywell’s OT cybersecurity business. He holds a BSC and MSC in Electronics and Control Systems Engineering. Before working at Honeywell, Mohammed has worked as a Senior Process Control Systems Engineer, Freelancer Engineering Consultant... Read More →
avatar for Greg Randall

Greg Randall

Chief Revenue Officer, Cybersecurity, Honeywell
Greg Randall is the Chief Revenue Officer for Honeywell's Connected Cybersecurity business, where he is responsible for the global go to market strategy, sales execution, and client success related to Honeywell's cybersecurity products and managed services offerings. ​Prior to Honeywell... Read More →

Tuesday October 25, 2022 1:45pm - 2:15pm EDT
Windsor DE

2:15pm EDT

Operationalizing OT Threat Intelligence
Join this session as we explore various approaches that defenders can take to operationalize valuable ICS threat intelligence and take action to defend critical assets.

Threat intelligence has long been considered an apparatus of militaries and three letter agencies. Unfortunately, given the fact that sophisticated threat groups have shifted to disrupting civilian infrastructure as an objective of their cyber operations, threat intelligence is now a necessary component of every strong OT security program, including those in private industry. Although the term "threat intelligence" can sound nebulous or intimidating to security leaders, receiving and actioning threat intelligence can easily amplify preexisting security processes and enrich security operations, increasing industrial safety and resiliency. This talk will seek to inform OT defenders on the ways in which, with good planning and direction, OT threat intelligence can be implemented into security programs with easy alignment to the NIST Cybersecurity Framework, limited strain on human resources, and improved security posture. The talk will focus on ICS Threats and their implications, key strategic and tactical intelligence workflows, and extraordinary examples of industrial organizations (unattributed) actioning OT threat intelligence to prevent disruption.

avatar for Michael Gardner

Michael Gardner

Senior Intelligence Technical Account Manager, Dragos
Michael Gardner is a Senior Intelligence Technical Account Manager at Dragos, Inc. In his role, Michael helps Dragos customers across a variety of industrial verticals create more mature threat intelligence programs and operationalize ICS/OT threat intelligence. He has worked in the... Read More →

Tuesday October 25, 2022 2:15pm - 2:45pm EDT
Windsor DE

2:45pm EDT

Research: Protecting CAN Bus from Cyberattacks
Research efforts have demonstrated many critical security weaknesses in modern vehicles, specifically involving their Controller Area Networks (CAN). The CAN bus serves as the main communication network between all control systems in the vehicle. Due to its importance and weak security properties, the CAN Bus presents an attractive attack surface for cyberattacks; but also a useful resource for detecting any attacks or other anomalous vehicle conditions.

We present an overview of three recent contributions. First, we describe a research testbed that allows for replaying, modifying, or generating synthetic CAN traffic. This is complementary to testing approaches that involve real vehicles, allowing simpler and easier development and testing, especially at earlier stages in research and development. Next, we present a method for decoding the (proprietary) encoded contents of CAN messages. This automatically determines what signals are present in each message type, and then uses known (standardized) diagnostic queries to label the meaning and units of these learned signals. Finally, we implement a system to find anomalous network traffic on the CAN bus. This includes monitoring the timing characteristics of CAN messages and detecting missing or unexpected messages. In addition, we used the extracted signals described above to detect unusual or tampered message contents. We then combine these approaches into an ensemble detector to demonstrate its effectiveness.

avatar for Joel Asiamah

Joel Asiamah

Cybersecurity Technical Professional, National Security Sciences Directorate, Oak Ridge National Laboratory
Joel Asiamah is a Cybersecurity Technical Professional in the National Security Sciences Directorate at Oak Ridge National Laboratory. He performs cybersecurity research in Energy and Control Systems, automotive CAN Bus, and Additive Manufacturing. His expertise is in Mechanical Engineering... Read More →
avatar for Sam Hollifield

Sam Hollifield

Cyber Security Hardware Engineer, Oak Ridge National Laboratory
Sam Hollifield has worked and led research in automotive and transportation cybersecurity at Oak Ridge National Laboratory since 2018. He advises and delivers technical solutions to unique security problems on projects sponsored by the Department of Energy, the National Nuclear Security... Read More →

Tuesday October 25, 2022 2:45pm - 3:15pm EDT
Windsor DE

3:30pm EDT

Preparing ICS for Post-Quantum Cryptography
In August 2022, The Cybersecurity and Infrastructure Security Agency (CISA) released information on Preparing Critical Infrastructure for Post-Quantum Cryptography to help prepare critical infrastructure network owners and operators potential impacts from quantum computing. Join this session as we walk OT asset owners through the Post-Quantum Cryptography Roadmap along with the guidance from CISA and cryptography experts. Attendees will come away with actionable steps to take to prepare for the transition.

*This session will be presented remotely

avatar for Denis Mandich

Denis Mandich

CTO and Co-founder of QryptFounding member of the Quantum Economic Development Consortium (QED-C)Founding member of the Mid-Atlantic Quantum Alliance (MQA)Industry Advisor to the NSF-funded Center for Quantum TechnologyAdvisor to the Quantum Startup FoundryANSI Accredited Standards... Read More →

Tuesday October 25, 2022 3:30pm - 4:10pm EDT
Windsor DE

4:15pm EDT

Power, Semiconductor, and Retail - Supply Chain Threat Analysis
Following the influence of the trade war, the epidemic lockdown and the Ukraine-Russia conflict, the global supply chain has faced surging risks. especially the electronics industry suppliers are unable to provide materials and parts, making it more difficult for enterprises to manage the supply chain. For supply chain security, MITRE and DHS have developed the System of Trust (SoT) framework to improve the trust between supply chain partners. As we know, we should not only evaluate product quality of suppliers, but also understand their geopolitical, national governance, financial, etc.

This research will take the consumer electronics as an example to explore its complete industrial chain, and in-depth analyze the core of the supply chain, including the power industry, semiconductor industry and retail industry. Then find out the security situation and potential threats of above three industries. Finally, we will review the practical mitigations in ICS for different industries. By our research, the organization can fully understand potential threats in their industry, and collaborate with suppliers, manufacturers, and other partners to face the threats from various attack vectors, keeping operation going.

avatar for Mars Cheng

Mars Cheng

Manager, PSIRT and Threat Research Team, TXOne Networks
Mars Cheng is a manager of TXOne Networks PSIRT and threat research team, responsible for coordinating product security and threat research. Mars blends a background and experience in both ICS/SCADA and enterprise cybersecurity systems. Mars has directly contributed to more than ten... Read More →
avatar for YenTing Lee

YenTing Lee

Threat Researcher, TXOne Networks
YenTing Lee is a cyber threat researcher at TXOne Networks, blending experience in ICS/SCADA, cyber-offensive and defensive exercises, penetration testing, honeypot and image processing. YenTing has spoken at several conference such as FIRST Conference, ICS Cyber Security Conference... Read More →

Tuesday October 25, 2022 4:15pm - 4:45pm EDT
Windsor DE
Wednesday, October 26

10:30am EDT

Using “Man-in-the-Middle” to build a Zero-Trust Architecture
(Access Livestream and On Demand Video Here)

Designing a Zero Trust Architecture can seem like a daunting task. Rome wasn’t built in a day either! As you begin your journey you must start from the basics of what Zero Trust is and what it means to your organization. Then you must identify a starting point and develop an execution plan. In some cases that plan can be as simple as using known strategies from the adversaries to combat the adversaries.

What If I told you that designing a “man-in-the middle” mitigation could start you on your journey of achieving a zero-trust architecture? Join us as we talk about being “in the middle” and how this approach can allow you to broker the trust relationships as we talk about:
  • Utilizing an Intermediate System to establishing session controls
  • Establishing conditional access policies and parameters
  • Doing this with a single tool that will also provide you with situational Awareness.

avatar for Pam Johnson

Pam Johnson

VP Business Operations and Customer Experience, TDI Technologies
Pam Johnson is a 25-year, growth-phase software veteran. Johnson thrives in a fast-paced, innovative environment assuring customer success and solving business problems. Her responsibilities at TDi Technologies include professional services, customer support, sales, marketing and... Read More →

Wednesday October 26, 2022 10:30am - 11:00am EDT

11:15am EDT

Is ‘Wait-and-See’ a Good OT Security Strategy?
Modernization of operational technology has brought about significant challenges. Can we justify a wait-and-see approach when it comes to securing OT? The operations in OT/ICS used to be relatively straight forward, but as we become more dependent on connectivity, the challenges securing cyber assets become more complex. We’ll focus on use cases that deal with some of the most prevalent issues organizations encounter today: Legacy systems, insecure protocols, and ‘whose job is it anyway?’ are some of the topics we’ll discuss.

avatar for Jim Montgomery

Jim Montgomery

Solution Architect, TXOne Networks
Jim Montgomery is a 30-year veteran of IT security working in all aspects of solution design, deployment an implementation. During this time, he has helped several fortune 100 companies implement complex strategies for operational efficiency and secure processing. Jim is currently... Read More →

Wednesday October 26, 2022 11:15am - 11:45am EDT

1:15pm EDT

Cyber Risk Mitigation in a Manufacturing Environment via Security Segmentation
Learn how security segmentation can be a cost-effective and efficient approach to mitigate cyber vulnerabilities for manufacturing environments.

Small manufacturers tend to operate facilities with limited staff and limited resources enabling cybersecurity to fall by the wayside as something that takes too much time or cost. The lack of cybersecurity leaves small manufacturers vulnerable to cyberattack. Some assets used by a manufacturing company need more protection than other assets. The grouping of assets according to the protection they need and placing appropriate cyber protection measures around these groups of assets is security segmentation. This session provides an overview of security segmentation, and then present a systematic yet simple six-step approach for security segmentation design.

Session Objectives: 
  • The intended audiences for this session are people managing the IT/OT systems at a manufacturer who could be the operations manager, the network/security architect or a CISO. 
  • Learn how common cybersecurity weaknesses present in the OT environment can be mitigated with security segmentation.
  • Learn what are the building blocks of security segmentation.
  • Learn how to conduct a security segmentation design.

avatar for Dr. Michael Powell

Dr. Michael Powell

Cybersecurity Engineer, NIST/NCCoE
Michael Powell is a Cybersecurity Engineer at the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) in Rockville, Maryland. His research focuses on cybersecurity for the manufacturing sector, particularly how it impacts... Read More →
avatar for Aslam Sherule

Aslam Sherule

Lead Cyber Physical Security Engineer, MITRE Corporation
Aslam Sherule is a Lead Cyber Physical Security Engineer at MITRE Corporation. He co-authored NIST SP 800-82 R3 and NIST SP 1800-10. Currently he is working on creating practice guides for Zero Trust Architecture in OT and Responding to & Recovering from Cyber Attacks. Prior to joining... Read More →

Wednesday October 26, 2022 1:15pm - 2:00pm EDT
Windsor DE

2:00pm EDT

Using VEX to Prioritize Vulnerabilities That Matter
Software Bill of Materials (SBOMs) are now recognized as a key component in software supply chain risk management. Executive Order 14028 has mandated them for doing business with the federal government, and critical industries are increasingly adopting this position as well. Unfortunately, SBOMs can result in a significant number of false positive vulnerability reports, creating too much work for too few security experts.

Not every vulnerability merits panic. Just because a vulnerability is reported for a software component doesn't mean the vulnerability is actually exploitable.
Cybersecurity and Infrastructure Security Agency (CISA) and the German Cybersecurity and Infrastructure Security Agency (BSI), have developed VEX (Vulnerability Exploitability eXchange) to address this issue. VEX documents allow vendors to preemptively assess the exploitability of vulnerabilities and issue a standardized, machine-readable document that states whether or not their products are “affected” by one or more known component vulnerabilities. 
VEX helps vendors communicate efficiently with their customers and prevents organizations wasting valuable time fruitlessly searching for and patching vulnerabilities in components that are perfectly safe.

This talk will present the results of a supplier of mission-critical ICS equipment using VEX documents to swiftly address customer concerns regarding the high-profile Log4j vulnerability. It will also cover the structure and the standardized formats available for VEX documents. VEX is still early days and there is still work to be done regarding the processing of VEX documents. But the industry needs to understand and be ready for VEX if they are to get vulnerability management under control.

The discussion of the results of this project will be valuable to both end-users and vendors considering implementing VEX to improve and streamline their security processes.

Learning Objectives:

The discussion of the results of this project will be valuable to both end-users and vendors considering implementing VEX to improve and streamline their security processes.

avatar for Eric Byres

Eric Byres

Chief Technology Officer, aDolus Technology
Eric Byres, the Chief Technology Officer at aDolus Technology Inc., is widely recognized as one of the world’s leading experts in the field of Operational Technology (OT) cybersecurity. He is the inventor of the Tofino Security technology – the most widely deployed OT-specific... Read More →

Wednesday October 26, 2022 2:00pm - 2:30pm EDT
Windsor DE

2:30pm EDT

Deep Dive Into PLC Ladder Logic Forensics
In this talk we will introduce new open-source tools for PLC Ladder Logic forensics, showing how it can be used to analyze code and data blocks.

We will demonstrate how it can be used to detect rogue code blocks and anomalous metadata. The demonstration will be shown on a POC malware that has been simulated in our ICS lab environment.

This talk will also cover the basics of programming and explain how communications and execution concepts works in Ladder Logic programming.

avatar for Maayan Shaul

Maayan Shaul

Security Researcher, Microsoft
Maayan Shaul is a Malware Analyst and Security Researcher in Section52 at Microsoft Defender for IoT (formerly CyberX).

Wednesday October 26, 2022 2:30pm - 3:00pm EDT
Windsor DE

3:00pm EDT

How I Learned to Stop Worrying and Love the PLC Change
Until recently, most of the focus in the ICS security community has been “bolting on” security to the network in the form of firewalls, data diodes, and network monitoring all at the perimeter. Any mention of touching Level 1 devices like PLCs deep inside the network has traditionally been met with gut reactions saying they are too sensitive to handle any extra security functionality, or it is not an effective investment in security. However, there is a wealth of data inside PLCs that can provide tremendous value both for security detections and for everyday troubleshooting. In this talk we will break down common objections we have heard to Level 1 security so we can learn how to stop worrying and love the PLC change.
In this session attendees will learn:
  • Common challenges and concerns when deploying Level 1 (PLC) security
  • Strategies and tests to ensure Level 1 security solutions don’t affect the process
  • Benefits of Level 1 security that far outweigh the costs of deployment

avatar for Dr. David Formby

Dr. David Formby

Fortiphyd Logic, CEO/CTO
David Formby is CEO/CTO and co-founder of Fortiphyd Logic. He received his Ph.D. from the Georgia Institute of Technology where he focused on developing novel attacks and defenses for industrial control system networks and PLCs. Formby now leads Fortiphyd Logic in developing innovative... Read More →

Wednesday October 26, 2022 3:00pm - 3:30pm EDT
Windsor DE

3:45pm EDT

Asset Inventory and Network Security Monitoring – Key Technical Considerations and Best Practices
Why are organizations struggling to get the basics of OT Asset Visibility & Detection right?

Due to increasing awareness and/or Board/Compliance requirements, many organizations conduct a preliminary risk assessment to initiate their OT specific Security program. One of the initial steps is to generate an inventory of OT assets, which used to be a rudimentary spreadsheet exercise. With the wide availability of OT asset discovery tools, many go down that path via a proof of concept/value. Besides inventory, asset visibility, network security monitoring and threat detection are evaluated as part of this process. This talk will focus on technical considerations, lessons learnt and best practices from performing these POC/POV, and covers challenges including availability of infrastructure (span ports/tap, routing, bandwidth), archaic protocol implementations, organizational policies for network flows, risk appetite for active probing on low traffic networks and installing agents on HMIs & EWS, and finally the collaboration required of OT & IT personnel for successful implementations.

Due to a speaker travel issue, this session will be presented remotely

avatar for Vivek Ponnada

Vivek Ponnada

Nozomi Networks
Vivek Ponnada is an OT practitioner with global (14 countries) experience and currently works at Nozomi Networks as a Regional Sales Director.  Having started his career in ICS as an Instrumentation Technician, Vivek became a Controls Engineer and commissioned Gas Turbine Controls... Read More →

Wednesday October 26, 2022 3:45pm - 4:30pm EDT
Windsor DE

4:30pm EDT

Are Zero Trust Industrial Networks Achievable?
The Pandemic brought zero trust to the forefront with the advent of Hybrid work and creating the perimeter less enterprise. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of a digital interaction. Zero trust within the industrial space is often misrepresented and there can be confusion on what can or cannot be implemented. This quick overview will provide guidance on:
  • What Zero Trust is
  • Why Zero Trust can be challenging to implement in OT
  • Where Zero Trust applies across an Industrial Architecture
  • Starting the Zero Trust Journey while securing ICS with Industrial Standards.

Solutions Session Sponsored by Palo Alto Networks

avatar for Jason Greengrass

Jason Greengrass

Principal IoT Architect, Palo Alto Networks

Wednesday October 26, 2022 4:30pm - 4:50pm EDT
Windsor DE
Thursday, October 27

9:00am EDT

The Security Risks of 4.0 CNC Machines
CNC (computer numerical control) machines are largely used in production plants and constitute a critical asset for organizations globally. The strong push dictated by the Industry 4.0 paradigm led to the introduction of technologies for the wide connectivity of industrial equipment, including CNCs. As a result, modern CNCs resemble more to fully fledged systems rather than mechanical machines, offering numerous networking services for smart connectivity. Given this shift into a more complex and software-dependable ecosystem, these machines are left more easily exposed to potential threats.

Our work explored the risks associated with the strong technological development observed in the domain of numerical controls. We conducted an empirical evaluation of four representative controller manufacturers, by analyzing the technologies introduced to satisfy the needs of the Industry 4.0 paradigm, and conducting a series of practical attacks against real-world CNC installations.

Join this session as we share findings showing that malicious users could abuse of such technologies to conduct attacks like denial-of-service, damage, hijacking or theft. We reported our findings to the affected vendors and proposed mitigations. This talk wants to be an opportunity to raise awareness in a domain in which, unfortunately, security is not yet considered an important driver.

avatar for Marco Balduzzi

Marco Balduzzi

Senior Research Scientist, Trend Micro
Dr. Marco Balduzzi is a team leader & principal researcher in computer & network security. Marco holds a Ph.D. in applied security from Télécom ParisTech and a M.Sc. in computer engineering from the University of Bergamo. His interests concern all aspects of computer security... Read More →

Thursday October 27, 2022 9:00am - 9:30am EDT
Windsor DE

9:30am EDT

Tests Using Polarization for RF Fingerprinting
This presentation is a report on field tests of a method for authenticating wireless devices based on the polarization characteristics of their signals.Results from monitoring wireless sensors in a factory environment will be presented under various conditions.The tests include the motion of an autonomous robot in the multipath environment and its impact on the polarization characteristics of stationary sensors on the production line. Results will be analyzed for their repercussions of the viability of using polarization for securing wireless devices.

avatar for Page Heller

Page Heller

Endpoint Security

Thursday October 27, 2022 9:30am - 10:00am EDT
Windsor DE

10:00am EDT

From Industrial Cybersecurity Tools to Solutions to Protect Critical Infrastructure Sectors
This presentation will highlight the importance of designing and tailoring industrial cybersecurity solutions for critical infrastructure based on lessons learned and best practices obtained across industry sectors, entities, and critical services. Every industrial cybersecurity solution must be unique for every organization because every OT-IoT environment is also unique.

Designing a tailored solution requires specific knowledge, skills and experience in OT/ICS that must include people, processes, and technology. However, many industrial organizations are investing in IT/OT technology tools available on the market without a proper planning and before having a clear understanding of their OT-IoT environments and a development roadmap for their industrial cybersecurity solutions. In many cases, such investments are leading to overspending, disappointment, and lack of expected outcomes.

The goal of this presentation is to provide a practical and hands-on approach to designing and developing industrial cybersecurity solutions that will help organizations within critical infrastructure sectors and their leadership teams in planning, tailoring, and implementing solutions for their OT-IoT environments and Operations.

Recommendations that will be provided for audience during the presentation are based on industrial cybersecurity practical experience, use-cases and lessons learned obtain across industry sectors including public and private organizations.

avatar for Goran Novkovic, P.Eng., PMP

Goran Novkovic, P.Eng., PMP

Head of Industrial Cybersecurity Practice, NEOM
Goran Novkovic is Head of Industrial Cybersecurity Practice with NEOM. Goran is a licensed Professional Engineer in Ontario, Canada (Electrical and Controls Engineering background) with 20+ years of hands-on experience in Operational Technology and Industrial Control Systems within... Read More →

Thursday October 27, 2022 10:00am - 10:30am EDT
Windsor DE

10:45am EDT

Electric Vehicle Supply Equipment (EVSE) Cybersecurity and Resilience
Electric vehicle (EV) development and associated charging infrastructure are expected to advance rapidly. Most of all global vehicle sales may be EVs and hybrid EVs in years to come, and they will rely on increasingly sophisticated strategies for grid integration. Next-generation EV charging infrastructure is expected to include interconnected renewable resources, such as photovoltaic (PV) arrays and battery storage systems, along with grid-edge devices. These complex interconnections expand the attack surface and could result in attackers acquiring valuable user data or manipulating firmware updates to create malfunctions that could impact power equipment.

In this session, Anuj Sanghvi, Cybersecurity Researcher at the National Renewable Energy Laboratory (NREL), will dive into the some of the cybersecurity work NREL is doing around threat vectors and risk mitigation techniques for Electric vehicle supply equipment (EVSE) and connected and automated vehicles to identify cybersecurity gaps and develop mitigation strategies for the future technologies.

avatar for Anuj Dilip Sanghvi

Anuj Dilip Sanghvi

Researcher, Cybersecurity Science and Simulation Group, National Renewable Energy Laboratory
Anuj Sanghvi is an Operational Technology (OT) Cybersecurity Researcher and Network Security Engineer with the Cybersecurity Science and Simulation group at the National Renewable Energy Laboratory. He leads the research and development of NREL’s Distributed Energy Resources Cybersecurity... Read More →

Thursday October 27, 2022 10:45am - 11:15am EDT
Windsor DE
Filter sessions
Apply filters to sessions.