OT-Security and a bit more
Details
This event is organized as an on-site event only.
OT-Security and a bit more
1. Talk: "OWASP Top 10 … but for OT?!"
By: Siegfried Hollerer
2. Talk: "Recurring Security Pitfalls in Cyber-Physical Systems: A Cross-Domain Analysis"
By: Matthias Eckhart and Philipp-Sebastian Vogt
Talk language: English
On-site event only!: Floragasse 7, 1040 Vienna (5. floor)
Further information will be announced soon!
Agenda
*********
17:55: Gathering
18:05: Welcome
18:10: Talk: "OWASP Top 10 … but for OT?!"
18:40: Talk:"Recurring Security Pitfalls in Cyber-Physical Systems: A Cross-Domain Analysis"
19:30: Food, Drinks & Get together
Looking forward to seeing you there!
Talks & Speaker Details:
Talk 1: "OWASP Top 10 … but for OT?!"
Operational Technology (OT) encompasses a wide variety of programmable systems and devices that have direct or indirect interactions with the physical environment. These technologies are integral to numerous sectors such as manufacturing, energy, transportation, medical, and utilities, where they play a crucial role in the operation and management of physical processes.
As OT systems become more interconnected and integrated with Information Technology (IT) networks, they face increased vulnerability to large-scale cyber attacks. This integration, while beneficial for operational efficiency and data sharing, exposes OT systems to the same cyber threats that typically target IT environments.
The goal of the OWASP OT Top 10 is to raise awareness about the top security risks and vulnerabilities specific to OT environments.
Speaker:
Siegfried Hollerer has seven years of experience as a penetration tester, focusing on the analysis of web applications, IT/OT infrastructures, and social engineering attacks. In addition to his practical experience, he has obtained an OSCP certificate. Furthermore, Siegfried has gained experience in incident response. During this time, he also carried out security management consultations, audits and certifications based on the OT security standard IEC 62443 and the IT security standard ISO 27000.
In 2023, Siegfried joined the Federal Ministry of the Interior (BMI) in Austria as a security architect and analyst to enforce the “Netz- und Informationssystemsicherheitsgesetz” (NISG), which is the national implementation of the NIS EU directive [cf. Directive (EU) 2016/1148] .
Talk 2: "Recurring Security Pitfalls in Cyber-Physical Systems: A Cross-Domain Analysis"
Cyber-physical systems (CPS) repeatedly exhibit similar security weaknesses across domains, despite differing technologies and operational contexts. This talk explores recurring security pitfalls in areas such as manufacturing, energy, and aerospace. By analyzing common patterns, we reveal the root causes and discuss strategies for designing more resilient CPS architectures and engineering
practices.
Speaker:
Matthias Eckhart is a postdoctoral scientist at the AIT Austrian Institute of Technology. Previously, he worked on privacy and responsible AI at Amazon, conducted security research at SBA Research,
and developed software at NXP Semiconductors.
Philipp-S. Vogt is a research engineer and PhD candidate at AIT Austrian Institute of Technology. Vogt received a MSc in electrical engineering from TU Wien. His research interests include cyber-physical systems, embedded systems and cyber security.