The most trusted source for computer security training, certification and research.

select a course
Stockholm, Sweden - October 27 - 30, 2009
Global Information Assurance Certification

There's nothing that compares to the detail and real world content in this course.
-John Daskal, Johns Hopkins University Applied Physics Laboratory

Please Note: The Intermediate Control Systems Security class has been closed.

The 2009 European Community SCADA and Process Control Summit

Table of Contents

Where and When

Summit Dates: October 27 & 28
Optional Courses: October 29
Location:
Hilton Stockholm Slussen
Guldgrand 8, P.O. Box 15 270
SE-104 65 Stockholm, Sweden
Phone: +45 8 517 363 00
Fax: +48 8 517 353 11
E-mail: Stockholm-slussen@hilton.com
Website: www.hilton.com

Questions for the Summit

  1. How has the threat to control systems changed during the last year? Who are the new attackers? What kind of damage have they already done? What can they do?
  2. What are the security challenges in smart meters and what can be done to mitigate them?
  3. Exactly how do attackers penetrate the defenses that have been established by most control system users? What are the principal vulnerabilities in control systems and how should they be prioritized for mitigation?
  4. What are some of the most valuable lessons learned by leading asset owners to improve security of control systems?
  5. Learn what governments are doing to both assist and regulate security in control systems.
  6. What techniques are the most advanced control systems users implementing to mitigate the threat? How are they training their people? How are they balancing information technology and control systems needs?
  7. How can utilities gain top management support for major security initiatives?
  8. Which SCADA security research projects have shown useful results? How can asset owners put those findings to work?
  9. Which control system vendors have made the most progress on implementing the new standards for secure configuration of their products?
  10. What tools have governments developed that make security of control systems more effective and efficient?

Who Should Attend & What Will You Learn?

Learn the most critical security challenges in implementing smart meters and smart grid. Learn what the US is doing with its $4.8 billion in Smart Grid funding to ensure these systems do not create new risks.

Plant Managers, Engineering and Operations Management, Project Managers, Automation and Control Managers, Process Control and SCADA Engineers, Plant Engineers

Learn the lessons discovered by leading process control user organizations throughout the world, and what your process control vendor may be doing to boost the defenses on systems already deployed, and on new systems.

Information Security and IT Professionals in Organizations That Deploy Industrial Control Systems

Learn why control systems are so difficult to protect and arm yourself with clear case studies showing what has been done and what can be done to protect SCADA and other control systems. Learn the language of control systems so you can be of more help to the engineers who plan and deploy such systems.

Control System Vendor Developers and Integrators

Understand the requirements and constraints faced by owners and operators of automation systems. Determine the state of the art in control system security as a benchmark for your own future planning.

Government Leaders Responsible for Policy and Regulation of Utilities and Other Process Control Users

Better understand what government can and cannot do by learning the requirements, constraints, and current capabilities available to secure critical control systems.

Academic and Research Laboratory Leaders

Determine the most challenging and important questions that will shape your process control security research agendas.

The Organizing Committee

  • Ake Holmgren, Swedish Emergency Management Agency (SEMA) in Sweden
  • Stefan Lueders, European Organization for Nuclear Research (CERN) in Switzerland
  • Annemarie Zielstra, National Infrastructure Against Cybercrime (NICC) in the Netherlands
  • Gitte Bergknut, E.ON
  • Marcelo Masera, European Community
  • Sheridan Morris, Center for the Protection of National Infrastructure (CPNI) in the United Kingdom
  • Hans Honecker, Federal Office for Information Security (BSI) in Germany
  • Marc Tritschler, KEMA
  • Michael Assante, NERC
  • Jeffrey L Hahn, PE, Idaho National Laboratory
  • Marty W Edwards, Idaho National Laboratory
  • Rita Wells, Idaho National Laboratory
  • Gary Finco, Idaho National Laboratory
  • Seán Paul McGurk, US Department of Homeland Security
  • Hank Kenchington, US Department of Energy, US
  • Will Pelgrin, New York State Cybersecurity Office and the Multi-State Information Sharing and Analysis Center
  • Alan Paller, SANS Institute

Post-Summit Courses

Introduction to Cyber Security for Control Systems - October 29, 2009, 8am - 12 noon

The United States Department of Homeland Security Control Systems Security in conjunction with the SANS Process Control & SCADA Security Summit 2009 in Stockholm, Sweden, is tentatively planned to offer a half day, "Introduction to Cyber Security for Control Systems." This training course is instructed by experts and will provide participants with an enhanced understanding of the importance of control systems cyber security. Class seats are limited and registration will be closed once filled. The course will be free of charge to all attendees.

Intermediate Control Systems Security - October 29, 2009, 1:00 pm -5:00 pm and October 20, 9:00 am - 5:00 pm

The United States Department of Homeland Security Control Systems Security Program and the Swedish Civil Contingencies Agency (MSB) in conjunction with the SANS SCADA Security Summit 2009 in Stockholm, Sweden, are tentatively planned to offer a 1½ day course titled, "Intermediate Control Systems Security." This is a technical hands-on course, instructed by experts, and is structured to help students analyze vulnerabilities in control system environments and apply contemporary security mitigation strategies and methods to control systems. Class seats are limited and registration will be closed once filled. This course will be free of charge to all attendees. For space availability in the Intermediate Control Systems Security class, please contact Alan Paller at apaller@sans.org.

How Good Are SANS Summits?

Here's more from people who attended the last yearÕs European SCADA Summit in Amsterdam:

  • The expertise and knowledge of the speakers, as well as the attendees of the Summit was amazing!, Philippe Schaeffer, RUV Rheinland
  • I was able to discuss technical issues that IÕm currently work and obtain some ideas to resolve these issues. Additionally [I] learned new ways to think about an issue and made several contacts., Eric Lee, USNRC
  • Frightening, informational, useful, solutions., Wim de Olde, N.V. Neatherlandse Gasunie
  • Brings SCADA security to the fore and stimulates international discussion., Vijay Dwarkanath, Enzen Global on behalf of NGN