CUUG Upcoming Meetings

Last update: $Date: 2018-10-02 13:05:32-06 $

October General Meeting

The Top 20 Cyberattacks on Industrial Control Systems

Speaker: Andrew Ginter, VP Industrial Security, Waterfall Security Solutions

Andrew Ginter

This presentation reviews the top twenty cyberattack classes for industrial control systems, and evaluates three different control system security postures for a single site against these attacks. Business decision makers are often reluctant to allocate funds for security program improvements on the basis of qualitative risk assessments or hypothesized probabilities for attacks that have not yet occurred at a site. Andrew shows how to use the spectrum of attacks as a tool for explaining the consequences of existing vs. proposed security postures. This spectrum of attacks suggests a specific answer to the question, "What is the simplest attack with serious consequences that our current security posture does not defeat reliably?"

For anyone interested in more details, this presentation is based on the 2017 paper by the same name.

Andrew Ginter is the VP Industrial Security at Waterfall Security Solutions, an Assistant Professor at Michigan Technological University, and an author and speaker on SCADA Security topics. He has led teams developing SCADA, IT/OT middleware, and SCADA security products, and was awarded patents for middleware and SCADA security technologies. He holds Applied Mathematics and Computer Science degrees from the University of Calgary, and is located in Calgary, Alberta.

Central Library

616 Macleod Trail S.E.
Basement meeting room

5:30 PM, Tuesday, October 23, 2018

Snacks at 17:30. Meeting begins at 18:00.

Attendance is free for CUUG members, or $10 (cash only) at the door for non-CUUG members.

November General Meeting

Hardware as Software: How To Write A Cycle-Accurate Emulator

Speaker: Dr. Thierry Lavoie, Ph.D., Manager - Static Analysis Technologies (SAT), Synopsys

Software is commonly advertised as portable across hardware. However, the promises of portability fall short in practice and most software are to various degrees dependent on their hardware. This was especially true at the beginning of the personal computing era. As older hardware fades out and disappears from the market, programs designed for these systems are lost. Or are they?

This talk will explore cycle-accurate hardware emulation and how to emulate systems and programs based on the 6502 processor, famously used in the Apple II, Atari 2600, and the Nintendo Entertainment Systems. The main topics that will be discussed are the basic architecture of an emulator and how it interprets programs, memory device emulation, challenges of achieving cycle accurate emulation, system emulation with multiple processing units (including video and audio), and debugging.

Dr. Thierry Lavoie is a former senior engineer turned manager in the Software Integrity Group at Synopsys. He holds a Bachelor of computer engineering, and a Master's degree and a Ph.D. in static program analysis from the University of Montreal, where he also lectured on compilers and data structures for several years. He is currently the principal voter on the ISO C++ Standard Committee for Synopsys. He has implemented parsers for PHP, Java, and C/C++, has a knack for exotic data structures, and loves designing software for complex problems.

Location TBA

5:30 PM, Tuesday, November 27, 2018

Snacks at 17:30. Meeting begins at 18:00.

Attendance is free for CUUG members, or $10 (cash only) at the door for non-CUUG members.

December Holiday Social

CUUG December Holiday Season Social Evening

Details TBA.

See the main CUUG web page for general information about CUUG.