Stanford EE Computer Systems Colloquium

4:15PM, Wednesday, Oct 12, 2011
Skilling Auditorium, Stanford Campus http://ee380.stanford.edu

Control System Cyber Security - State of the State

Joe Weiss
Applied Control Solutions, LLC

About the speaker:

RETURN TO ABSTRACT

Joseph Weiss is an industry expert on control systems and electronic security of control systems, with more than 35 years of experience in the energy industry. Mr. Weiss spent more than 14 years at the Electric Power Research Institute (EPRI) where he led a variety of programs including the Nuclear Plant Instrumentation and Diagnostics Program, the Fossil Plant Instrumentation & Controls Program, the Y2K Embedded Systems Program and, the cyber security for digital control systems.

As Technical Manager, Enterprise Infrastructure Security (EIS) Program, he provided technical and outreach leadership for the energy industry's critical infrastructure protection (CIP) program. He was responsible for developing many utility industry security primers and implementation guidelines. He was also the EPRI Exploratory Research lead on instrumentation, controls, and communications.

Mr. Weiss serves as a member of numerous organizations related to control system security. These include the North American Electric Reliability Corporation (NERC) Control Systems Security Working Group (CSSWG), the International Electrotechnical Commission (IEC) Technical Committee (TC) 57 Working Group 15 - Data and Communication Security, the Process Controls Security Requirements Forum, CIGR--WG D2.22 - Treatment of Information Security for Electric Power Utilities (EPUs), and other industry working groups. He served as the Task Force Lead for review of information security impacts on IEEE standards. He is also a Director on ISA's Standards and Practices Board. Mr. Weiss was involved in the development of, and participated in, the April 2002 White House Conference on CIP - Developing Secure Digital/Electronic Process Control Systems for the Nation's Critical Infrastructure. He was an invited speaker at the NIST/NSA Information Security Summit. He has provided oral and written testimony to three House subcommittees, one Senate Committee, and a formal statement for the record to another House Committee. He has also responded to numerous Government Accountability Office (GAO) information requests on cyber security and Smart Grid issues. He is also an invited speaker at many industry and vendor user group security conferences, has chaired numerous panel sessions on control system security, and is often quoted throughout the industry. He has published over 60 papers on instrumentation, controls, and diagnostics including a chapter on cyber security for Electric Power Substations Engineering and the book Protecting Industrial Control Systems from Electronic Threats (ISBN 978-1-60650-197-9). He supported MITRE and NIST in extending NIST SP800-53 to include control systems and the development of NIST SP800-82. He was tasked to write the White Paper on Industrial Control Systems Security for the Center for Strategic and International Studies Blue Ribbon Panel preparing cyber security recommendations for the Obama administration. Mr. Weiss has conducted SCADA, substation, plant control system, and water systems vulnerability and risk assessments and conducted short courses on control system security. He has also been asked to participate in an advisory committee being established by the Transportation Safety Board on Cyber Security for Mass Transit meeting in August 2010. He also established and chairs the annual Control System Cyber Security Conference and established the International Standards Coordination Meeting on Control System Cyber Security. Mr. Weiss has received numerous industry awards, including EPRI Presidents Award (2002) and is an ISA Fellow, Managing Director of ISA Fossil Plant Standards, ISA Nuclear Plant Standards, and an IEEE Senior Member. He is a Voting Member of the TC65 TAG and a US Expert to TC65 WG10, Security for industrial process measurement and control-network and system security. He has two patents on instrumentation and control systems, is a registered professional engineer in the State of California, and a Certified Information Security Manager.

RETURN TO ABSTRACT

Contact information:

Joe Weiss
Applied Control Solutions, LLC
(408) 253-7934
(408) 253-7974 Fax
(408) 832-5396 Cell
joe (dot) weiss (at) realtimeacss (dot) com
http://www.realtimeacs.com
blog: http:www.controlglobal.com/unfettered
Book: http://www.momentumpress.net/books/protecting-industrial-control-systems-electronic-threats