Industrial Control System (ICS) is commonly used to control and monitor critical infrastructures. One of the building blocks in ICS is Programmable Logic Controller (PLC). Over decades, security of ICS systems depends on the proprietary hardware and physical separation from public network. However, there is increasing trend of using interconnected devices over standardized network in order to provide more cost effective ICS solutions. This trend exposes many ICS systems to the risks that they are not supposed to handle. On the other hand, due to the hardware and deployment constraints, traditional security countermeasure techniques may not able to apply to PLC-based ICS systems. As there are more cyberattacks targeting the ICS systems, digital forensics investigators have to understand the working mechanism of PLC in order to conduct an investigation after an incident.
In this talk, we will discuss practical approaches in attacking an ICS system from a security practitioner’s perspective. We will also present ways to enhance the ICS security and forensics investigation by adding additional logging and monitoring mechanism inside a PLC.
Dr. K. P. Chow is the Associate Professor of Department of Computer Science and the Associate Director of the Center for Information Security and Cryptography (CISC) at The University of Hong Kong (HKU). Dr. Chow’s areas of expertise are cyber security and digital forensics. He was the chief designer of the computer forensic tool Digital Evidence Search Kit (DESK). Dr. Chow has been working on the Internet piracy monitoring systems the Lineaments (Lineament I, Lineament II, Lineament 1+ and Lineament SOCNET). The Lineaments were adopted by HKSAR Customs and Excise Department. Dr. Chow has published research papers on cyber security and digital forensics and computer security in local and international conferences and journals. One of his research papers “The Rules of Time on NTFS File System” had been submitted to Courts of Hong Kong several times as a supporting document for the expert reports. Starting from 2014, Dr. Chow is the Vice Chairman of the IFIP (International Federation on Information Processing) WG 11.9 on Digital Forensics, which is an international body, specialized in digital forensics research and practices. Since Jan 2016, Dr. Chow is the Chairman of the Information Security and Forensics Society (ISFS). Due to his contribution to digital forensics, Dr. Chow was the Honoree in the category of “Senior IT Security Professional”, the 3rd Annual Asia-Pacific Information Security Leadership Achievements Program in 2009. In 2013, Dr. Chow received the Faculty of Engineering Knowledge Exchange Award of the University of Hong Kong.
Since 2004, Dr. Chow has been invited to be a computer forensic expert to assist the Court and the HK law enforcement agencies, and to give advice to counsels on understanding and interpreting digital evidence for both criminal and civil proceedings in Hong Kong.
In 2016, Dr. Chow together with several research students founded the research spin-off company CISC Ltd from the research center CISC of HKU specialized in cyber intelligence and cyber security.
Elliptic curve cryptosystem is one of the most attractive public key cryptosystem since it achieves the high security with a small key size. This is why elliptic curve cryptosystems are currently attracting a great deal of attention from a low power machine such as a smart card and IoT devices.
The dominant part of efficiency of elliptic curve cryptosystems is the elliptic scalar multiplication. From the point of view of security, researches on elliptic scalar multiplication are also important since naive scalar multiplications may be vulnerable against the side channel attacks. Elliptic curve scalar multiplications have been researched for a long time, and still need to be customized for different platforms.
In this talk, we will present various techniques on elliptic curve scalar multiplications, and investigate how we combine these different techniques to realize an efficient and secure elliptic curve scalar multiplication.
Atsuko Miyaji is a professor at Osaka University since 2015 and a professor at Japan Advanced Institute of Science and Technology (JAIST) since 2007.
She received the Dr. Sci. degrees in mathematics from Osaka University, Japan in 1997. She joined Panasonic Co., LTD from 1990 to 1998 and engaged in research and development for secure communication. She was an associate professor at the Japan Advanced Institute of Science and Technology (JAIST) in 1998.
Her research interests include the privacy, information security, and application of number theory into cryptography. She has published more than 160 articles in international journals and conference proceedings. She was invited speaker at the 1st International Conference on Future Data and Security Engineering (FDSE 2014), 6th International Conference on Internet and Distributed Computing Systems (IDCS 2013), the 14th International Conference on Information and Security Cryptology (ICISC 2011) and the 10th International Conference on Network and System Security (NSS 2016).
She was a program chair of several research conferences and workshops: ACNS'16, ProvSec'15, Pairing'10, CANS'09, and IWSEC'07.