SMi's 3rd annual European Smart Grid Cyber & SCADA Security

1. SMi proudly present their 3rd Annual Conference
European
Smart Grid Cyber
and SCADA Security
Behavior Detection,
,
Applications and Devices
11th - 12th March 2013
Copthorne Tara Hotel, London,
United Kingdom
KEY SPEAKERS INCLUDE:
• European Network and Information Security • Swissgrid, Senior Advisor Operations, TSC SC
Agency, Head of Resilience and CIIP Unit, Chairman, Rudolf Baumann
Dr Vangelis Ouzounis
. • CRISALIS, FP7 Project Co-ordinator,
• European SCADA and Control Systems Corrado Leita
Information Exchange, Chair
• DNV KEMA Energy & Sustainability, Business
European Reference Network of Critical
Director Management and Operations
Infrastructure Protection, Coordinator
Annemarie Zielstra Consulting, Maurice Adriaensen
• Iberdrola, IT Manager SIMOD, • FOX IT Sales Director Europe CNI,
,
Miguel Escamilla Chavero Henk Pieper
• E.ON, Information Security Manager, • Infrastructure Security Labs, President,
Gitte Bergknut John McNabb
• Enel Distribuzione SpA, IT and Security • Cylance, Senior Researcher, Justin Clarke
Systems, Daniela Pestonesi
• Zigbee Alliance, Principal Consultant,
• Con Edison of New York, Smart Grid Project
Robert Cragie
Manager, Patricia Robison
• Vattenfall, Senior Research and Development • Security Matters, COO, Damiano Bolzoni
Engineer, Daniel Zajd • CNA Insurance, European Underwriting
• Alliander Alliance Manager Privacy &
, Director, Technology & Cyber Risks,
Security, Johan Rambi Jacob Ingerslev
POST CONFERENCE WORKSHOP 13th MARCH 2013 8.30AM-1.00PM
Approaches to Network Monitoring and Situational
Awareness in Critical Infrastructure
Presented by Dr Damiano Bolzoni, University of Twente
SPONSORED BY
www.smartgridcybersecurity.co.uk
Register online and receive full information on all of SMi’s conferences
Alternatively fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
Book by the xxth December and save £300 off the conference price

2. DAY ONE 11th March 2013 www.smartgridcybersecurity.co.uk
8.30 REGISTRATION & COFFEE DETECTION, AWARENESS, CHALLENGES
9.00 CHAIRMAN'S OPENING REMARKS 1.50 FP7 EARL WARNING DETECTION PRESENTED BY
Y
Mark Ossel, ESNA Board Member and VP Echelon
,
CRISALIS
Energy and Utility
FP7 project funded by DG Enterprise called CRISALIS,
EUROPEAN RECOMMENDATIONS Critical Infrastructure Security AnaLysIS
• Project focuses: Creation of practical, short-term
9.10 ENHANCING THE SECURITY OF SMART GRIDS solutions for the protection of critical infrastructure
New for 2013
— ENISA'S CONTRIBUTION environment from targeted attacks- primarily power
• Recommendations on Smart Grids Security
grid
• Minimum Security Measures
• Consortium members- Enel, Symantec, Security
• Risks Assessment and Management of
Smart Grids Matters and Alliander
• Certification of Smart Grids products • First deliverables of the project: Requirement study, in
• EU US co-operation on Smart Grids which we will study in depth the characteristics of the
Evangelos Ouzounis, Senior Expert, Network Security power generation and smart metering environments
Policy, ENISA - European Network and Information
• Identify risks and possible threat scenarios
Security Agency
• Feedback on our activity
9.50 DEPLOYING WORLDWIDE CYBERSECURITY Corrado Leita, Project Coordinator, CRISALIS
ON THERMAL POWER GENERATION
New for 2013
CONTROL SYSTEMS 2.30 ICS CYBER SECURITY IN POWER GENERATION
• Iberdrola overview AND FUTURE SCENARIO
• Iberdrola & Thermal Stations Strategy
• Electric grid and power generation scenario in Italy
New for 2013
• Cyber Security’s Goal and Vision
• Power Generation: Architecture and Frameworks
• AURA Project (Cybersecurity projects
examples) • Risk Analysis: Threats and impacts
• Conclusions • CI owner requirements for ICS protection
Miguel Chavero, IT Manager SIMOD, Iberdrola • Enel Cyber Security ICS Laboratory
• CRISALIS project participation
10.30 MORNING COFFEE Daniela Pestonesi, Project Leader Research Technical
Area, Automation & Diagnostics, Enel Engineering and
RISK MANAGEMENT ASSESSMENT
Research Spa
11.00 RISK MANAGEMENT FOR CRITICAL
INFRASTRUCTURE 3.10 AFTERNOON TEA
• Making security a priority
• Lack of standards and the effect on investment 3.40 CHALLENGES IN POWER-NETWORK SECURITY
• Cyber Security and Electricity pricing-
AND IT
cause and effect
• Updates and improvements in power-network and IT
• Fostering a culture of awareness
• Measuring resiliency • Common processes, systems and collaboration
• Incident response and countermeasures procedures
• Technical, cultural, and political cooperation for • Integration of system planning, operations and IT
success • Future developments and sharing knowledge
Maurice Adriaensen, Business Regional Director
Rudolf Baumann, Chairman of the Transmission
Management and Operations Consulting,
Security Cooperation, Senior Advisor Operations,
DNV KEMA Energy & Sustainability
swissgrid AG
11.40 LESSONS LEARNED FROM THE NEW SMART
METER/GRID RISK ASSESSMENT 4.20 ENHANCING NETWORK MONITORING AND
METHODOLOGY IN THE NETHERLANDS SITUATIONAL AWARENESS IN CRITICAL
WORKSHOP ON THIS
TOPIC MARCH 13TH
• Introduction
INFRASTRUCTURE
• Explanation IS1 Risk Assessment methodology on
• Current approaches to network monitoring and
Smart Meter/Grid in NL
• Practice on case “sector Privacy & Security AMI situational awareness
requirements v2.0” • Strengths and shortcomings of current approaches
• Lessons learned • Non-signature based approaches for improved
• Status European standard on Smart Grid Cyber monitoring and situational awareness
Security
• Discussion of 2 use cases
• Next steps
Damiano Bolzoni, COO, Security Matters
Johan Rambi, Alliance Manager Privacy & Security,
Alliander
5.00 CHAIRMAN'S CLOSING REMARKS AND
12.20 NETWORKING LUNCH CLOSE OF DAY ONE
Register online at: www.smartgridcybersecurity.co.uk • Alternatively fax your registration

3. DAY TWO 12th of March 2013 www.smartgridcybersecurity.co.uk
8.30 REGISTRATION & COFFEE 12.20 NETWORKING LUNCH
9.00 CHAIRMAN'S OPENING REMARKS 1.50 SECURING DEVICES FOR HOME AND CONTROL
Annemarie Zielstra, Director CPNINL, Centre for the NETWORKS
Protection of National Infrastructure (CPNI) • Home and Control Networks
• What is a Home network (HAN)?
9.10 HOW THE BOARD SHOULD TAKE CARE OF CYBER • What is a Control Network?
RESILIENCE • Topologies
• Cyber incidents on the increase, now a risk for any
• Devices
business
- Types of devices on home and control networks
• This leads to serious concerns on business process
- Distinguishing characteristics
continuity, privacy of consumers, identity theft or the
protection of intellectual property - Security challenges
• Cyber resilience needs to be part of strategic (both - Information Security Pillars
risk and reputation) management and leadership is - Cryptography
required - Public key cryptography
• Creating concrete, visible boardroom recognition of - Symmetric key cryptography
cyber resilience, as an enabler for cyber benefits - Hybrid cryptography
• Translating boardroom recognition into risk - Protocol stack security
management, communications, legal and operations - Building blocks
Annemarie Zielstra, Chair of the European SCADA and - Frame security
Control Systems Information Exchange (EuroSCSIE) - Authentication and key establishment
Coordinator of European Reference Network of - Credentials
Critical Infrastructure Protection (ERNCIP) Thematic - ZigBee SEP 1.0 stack security description
Group on ICS and Smart Grids - ZigBee SEP 2.0 stack security description
Robert Cragie, Chair, Security Task Group,
9.50 SCADA AND ICS SECURITY EXPERIENCES
Zigbee Alliance
• Experiences of how to run a Cyber Security program
• Business Awareness and Societal Responsibility
New for 2013
2.30 SECURITY ISSUES OF CONTROL SYSTEMS &
- Compliance & Review
WIRELESS METERS AT DRINKING WATER UTILITIES
- Training
New for 2013
• Use of technical mitigations such as IDS in • How do they differ from Smart energy meters?
- Cogeneration • Communications infrastructure vulnerabilities of fixed
- Hydro and wireless
- Heating • Lack of encryption
• Results and lessons learned • Theft
Gitte Bergknut, MU Nordic Information Security • Data collection privacy
Manager, EON Sverige AB • Billing
John McNabb, Principal, Infrastructure Security Labs
SYSTEMS, DEVICES, APPLICATIONS
3.10 AFTERNOON TEA
10.30 MORNING COFFEE
EXPOSING VULNERABILITIES AND CYBER RISK
11.00 SMART GRID INTEGRATES LEGACY AND NEW ICS AND INSURANCE
(SCADA, DCS, PLC) SYSTEMS, DEVICES, AND
APPLICATIONS
3.40 VULNERABILITIES IN CRITICAL
• Smart Grid Cyber Security – Integrating legacy and
INFRASTRUCTURE AND EMBEDDED DEVICES
new ICS enhances the grid and simultaneously
• Key roles of embedded devices in our every day lives
increases complexity and vulnerability
• Vulnerabilities in embedded system
• Cyber Security – needs to address ICS at all levels:
field devices, the device systems, the applications • Findings and impact behind several recent SCADA
New for 2013
supporting the devices and systems, the vulnerabilities that had worldwide impact
communications/network interfacing to the devices • Moving towards a resolution of existing vulnerabilities
and systems, etc. and avoidance of future vulnerabilities -Education of
• ICS Cyber Security Controls: Technical, Physical, manufacturers, end users, academia, government,
Administrative Risk Management – Smart Grid More and the general public
challenging with increased complexity and extended • The process that occurs when end users or the
systems and communications general public identify vulnerabilities in critical
• Leverage existing ICS standards and frameworks: infrastructure
IEC, NIST DOE, ISA, ISO, NERC
, - What to expect
• Smart Grid Architecture and Frameworks with ICS - How to reduce your risk
• Threats and Vulnerabilities - How to leverage existing agencies
• Examples of ICS systems utilized for Smart Grid : - Processes to minimize your required effort
transformers, switches, inverters, DG Justin Clarke, Security Researcher, Cylance
Patricia Robison, Smart Grid Project Manager, Con
Edison of New York
4.20 CYBER RISKS & INSURANCE
• Cyber Crime as an Industry
11.40 CREATING AN APP CONNECTED TO A BACKEND
New for
SYSTEM • Legal environment
2013
• Low awareness within the organisation about the • What is Cyber Insurance
effects of a connected app • Industry specific exposures
• The least secure point in a network will be the target Jacob Ingerslev, European Underwriting Director,
• An app will be an extension of the company CNA Europe
environment
• Data stored on the mobile device 5.00 CHAIRMAN'S CLOSING REMARKS AND
Daniel Zajd, Senior R and D Engineer, Vattenfall A B CLOSE OF DAY TWO
to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711 • GROUP DISCOUNTS AVAILABLE •

4. POST CONFERENCE WORKSHOP Wednesday 13th March 2013, Copthorne Tara Hotel, London, UK
Approaches to Network Monitoring and Situational
Awareness in Critical Infrastructure
8.30am – 1.00pm In Association with University Twente
Overview of workshop Programme
This workshop will present solutions
8:30 Registration and Coffee
currently available for monitoring critical
networks and situational awareness. We 9.00 Current solutions for network monitoring and situational
will analyse what are the major strengths awareness of critical networks
and weaknesses of each approach, when - Signature-based
it can be used and what is the output - Rule-based
- Behavior-based
users can expect.
- Visualization
We will wrap up the session with 10.30 Advantages and disadvantages of each approach
demonstrations of the approaches - Where and when use what
presented using real-life examples. - Which threats can be detected?
- Technical skills required to operate
Why you should attend: 11.30 Coffee Break
• Understand the importance of
12.00 Demonstrations
situational awareness and behavioural
monitoring 1.00 Question and Answer session
• Gain insight in to the benefits and
disadvantages of signature based, rule
based, behavioural and visualisation About the workshop host
based solutions Dr Damian° Bolzoni (1981) received his PhD in 2009 from the
• Learn what threats can be detected University of Twente, where he performed research on anomaly-
based intrusion detection. Since 2008 he has been involved in
and what skills are required to operate
securing computer networks of critical infrastructure. Before joining
• Interact with industry and engage with the University of Twente, he has been working for the Italian branch
our workshop leader who is actively of KPMG, within the Information Risk Management division. Since
involved in two security projects with 2009 he holds the position of Chief Operations Officer within
major energy companies at present. SecurityMatters BV .
New for 2013. SMi's Event Communities
SMi Group is a global events business specialising in business to business conferences, workshops
and masterclasses. We successfully create and run 250 events every year across 6 sectors
including Defence and Security, Energy and Utilities, Finance and Pharmaceutical. We believe in
bringing together the most knowledgeable experts from across the globe in each sector to learn,
engage, share and network be it in London, Paris or Singapore.
To further enhance the SMi experience, we have launched our very own SMi Event Communities.
These will be exclusive, private and secure communities in which our clients will learn, share,
engage and network.
The SMi Event Communities will build and expand your experience beyond the conference,
workshop or Masterclass you attend. Not just another "social network”, SMi’s Event Communities
have been specifically designed around the needs of our delegates, speakers and sponsors,
allowing all of our clients to foster longer term relationships with all of the other attendees beyond
the two day event for year round engagement.
To take part all you need to do is register for this event. SMi Group Communities
Learn Engage Share Network

5. SPONSORS
DNV KEMA Energy & Sustainability, with more than 2,300 experts in
over 30 countries around the world, is committed to driving the global
transition toward a safe, reliable, efficient, and clean energy future. With
a heritage of nearly 150 years, we specialize in providing world-class,
innovative solutions in the fields of business & technical consultancy,
testing, inspections & certification, risk management, and verification.
As an objective and impartial knowledge-based company, we advise and
support organizations along the energy value chain: producers, suppliers
& end-users of energy, equipment manufacturers, as well as government
bodies, corporations and non-governmental organizations. DNV KEMA
Energy & Sustainability is part of DNV a global provider of services for
,
managing risk with more than 10,000 employees in over 100 countries.
For more information on DNV KEMA Energy & Sustainability, visit
www.dnvkema.com
Fox-IT prevents, solves and mitigates the most serious cyber threats
with innovative solutions for government, defense, law enforcement,
critical infrastructure, banking, and commercial enterprise clients
worldwide. Our approach combines human intelligence and technology
into innovative solutions that ensure a more secure society. We develop
custom and packaged solutions that maintain the security of sensitive
government systems, protect industrial control networks, defend online
banking systems, and secure highly confidential data and networks.
www.fox-it.com
Supported by
For Sponsorship or Speaking
Opportunities please contact
Jamison Nesbitt
Business Development Director
P: +44 (0) 20 7827 6164
M: +44 (0) 7710 780 576
Email: jnesbitt@smi-online.co.uk
Don’t miss out on social
media networking!
Follow us on Twitter @UtilitiesSMi
and join us on Linkedin
http://uk.linkedin.com/in/smigroup
www.smartgridcybersecurity.co.uk

6. EUROPEAN SMART GRID CYBER AND SCADA SECURITY
Conference: 11th & 12th March 2013, Copthorne Tara Hotel, London Workshops: 13th March 2013
4 WAYS TO REGISTER
ONLINE at www.smartgridcybersecurity.co.uk
FAX your booking form to +44 (0) 870 9090 712 POST your booking form to: Events Team, SMi Group Ltd, 2nd Floor
PHONE on +44 (0) 870 9090 711 South, Harling House, 47-51 Great Suffolk Street, London, SE1 0BS
EARL BIRD □ Register by December 16th and receive £300
Y
DISCOUNT off the conference price
CONFERENCE PRICES GROUP DISCOUNTS AVAILABLE
I would like to attend: (Please tick as appropriate) Fee Total
PUBLIC SECTOR, ACADEMICS & UTILITIES
□ Conference & Workshop £1398.00 + VAT £1677.60
□ Conference only £899.00 +VAT £1078.80
Unique Reference Number
□ Workshop A only £599.00 + VAT £718.80
Our Reference LV U-013
COMMERCIAL ORGANISATIONS
DELEGATE DETAILS □ Conference & Workshop
□ Conference only
£2198.00
£1599.00
+VAT
+VAT
£2747.50
£1998
Please complete fully and clearly in capital letters. Please photocopy for additional
□ Workshop only £599.00 +VAT £748.75
delegates.
Title: Forename:
PROMOTIONAL LITERATURE DISTRIBUTION
Surname: □ Distribution of your company’s promotional
literature to all conference attendees £999.00 + VAT £1198.80
Job Title:
Department/Division: The conference fee includes refreshments, lunch, conference papers and access
to the Document Portal containing all of the presentations.
Company/Organisation:
Email:
Address:
VENUE Copthorne Tara Hotel, Scarsdale Place, Kensington, London, W8 5SR.
□ Please contact me to book my hotel
Town/City:
Alternatively call us on +44 (0) 870 9090 711,
Post/Zip Code: Country: email: hotels@smi-online.co.uk or fax +44 (0) 870 9090 712
Direct Tel: Direct Fax:
Mobile: DOCUMENTATION (Shipped 10-14 days after the event)
Switchboard: I cannot attend but would like to purchase access to the following Document Portal/paper
copy documentation: Price Total
Signature: Date: □ Access to the conference documentation
I agree to be bound by SMi's Terms and Conditions of Booking. on the Document Portal £499.00 + VAT £598.80
ACCOUNTS DEPT □ The Conference Presentations - paper copy £499.00 - £499.00
(or only £300 if ordered with the Document Portal)
Title: Forename:
Surname: PAYMENT
Email: Payment must be made to SMi Group Ltd, and received before the event, by one of
the following methods quoting reference D-018 and the delegate’s name. Bookings
Address (if different from above):
made within 7 days of the event require payment on booking, methods of payment are
below. Please indicate method of payment:
Town/City: □ UK BACS Sort Code 300009, Account 00936418
□ Wire Transfer Lloyds TSB Bank Plc, 39 Threadneedle Street, London, EC2R 8AU
Post/Zip Code: Country: Swift (BIC): LOYDGB21013, Account 00936418
Direct Tel: Direct Fax: IBAN GB48 LOYD 3000 0900 9364 18
□ Cheque We can only accept Sterling cheques drawn on a UK bank.
□ Credit Card □ Visa □ MasterCard □ American Express
Terms and Conditions of Booking All credit card payments will be subject to standard credit card charges.
Payment: If payment is not made at the time of booking, then an invoice will be issued and
must be paid immediately and prior to the start of the event. If payment has not been received
Card No: □□□□ □□□□ □□□□ □□□□
then credit card details will be requested and payment taken before entry to the event.
Bookings within 7 days of event require payment on booking. Access to the Document Portal
will not be given until payment has been received.
Valid From □□/□□ Expiry Date □□/□□
Substitutions/Name Changes: If you are unable to attend you may nominate, in writing, another
delegate to take your place at any time prior to the start of the event. Two or more delegates
CVV Number □□□□ 3 digit security on reverse of card, 4 digits for AMEX card
may not ‘share’ a place at an event. Please make separate bookings for each delegate.
Cardholder’s Name:
Cancellation: If you wish to cancel your attendance at an event and you are unable to send
a substitute, then we will refund/credit 50% of the due fee less a £50 administration charge,
providing that cancellation is made in writing and received at least 28 days prior to the start Signature: Date:
of the event. Regretfully cancellation after this time cannot be accepted. We will however
provide the conferences documentation via the Document Portal to any delegate who has I agree to be bound by SMi's Terms and Conditions of Booking.
paid but is unable to attend for any reason. Due to the interactive nature of the Briefings we
are not normally able to provide documentation in these circumstances. We cannot accept
Card Billing Address (If different from above):
cancellations of orders placed for Documentation or the Document Portal as these are
reproduced specifically to order If we have to cancel the event for any reason, then we will
.
make a full refund immediately but disclaim any further liability
, .
Alterations: It may become necessary for us to make alterations to the content, speakers,
timing, venue or date of the event compared to the advertised programme.
Data Protection: The SMi Group gathers personal data in accordance with the UK Data
Protection Act 1998 and we may use this to contact you by telephone, fax, post or email to
VAT
tell you about other products and services. Unless you tick here □ we may also share your
data with third parties offering complementary products or services. If you have any queries VAT at 20% is charged on the attendance fees for all delegates. VAT is also charged on
or want to update any of the data that we hold then please contact our Database Manager Document Portal and Literature Distribution for all UK customers and for those EU
databasemanager@smi-online.co.uk or visit our website www .smi-online.co.uk/updates quoting
the URN as detailed above your address on the attached letter . customers not supplying a registration number for their own country here: ________________
If you have any further queries please call the Events Team on tel +44 (0) 870 9090 711 or you can email them at events@smi-online.co.uk