Enabling Insecurity: Bringing the tools and techniques from IT to control systems
Control systems are increasingly standing on the shoulders of the IT giants, using their technologies, and importing their vulnerabilities. Increasingly Internet resources combine with software vulnerabilities and poor security awareness to yield serious risks to control systems. This talk will look at Internet resources, the life of software vulnerabilities, and the need for better security awareness, discussing these in the context of STUXNET.
Stacy Prowell is the Chief Cyber Security Research Scientist in the Computational Sciences and Engineering Division of Oak Ridge National Laboratory, leads the Cyber Warfare Research Team, and holds a joint appointment as Associate Professor in the Department of Electrical Engineering and Computer Science at the University of Tennessee. For over fifteen years Dr. Prowell has worked on making software systems more reliable, safe, and secure, and has developed novel ways of specifying, analyzing, and testing software applications and embedded devices. As an industry consultant Dr. Prowell has coached, consulted on, contributed to, and managed projects ranging from tiny embedded devices to large distributed industrial control systems, from simple software systems to sophisticated medical imaging. Dr. Prowell’s current research is computationally intensive cyber security, combining rigorous mathematical analysis with high-performance computing. Dr. Prowell holds a Ph.D. in computer science from the University of Tennessee.
The seminar series is presented by the Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Project, an $18 million multi-university research effort whose partner institutions include the University of Illinois at Urbana-Champaign, Arizona State University, Dartmouth, and Washington State University. The TCIPG Project, a successor to the earlier NSF-funded TCIP Center, was founded in 2009 with support from the U.S. Department of Energy and the U.S. Department of Homeland Security. It is housed in the Information Trust Institute, University of Illinois at Urbana-Champaign.