DEF  CON   30
SCHEDULE

August 12th: 10:00 am - 4:00 pm PDT
August 13th: 10:00 am - 3:30 pm PDT
August 14th: 10:00 am - 3:00 pm PDT
Session AbstractsSpeaker Bios

ICS Village will be in-persona and virtual at DEF CON 30. Talks will be released on our YouTube channel at the scheduled times below, but don’t worry if you can’t catch them—they’ll be available on YouTube indefinitely.

Our Discord channel is on the DEF CON Discord server, which you can join join here. Once you’ve joined, navigate to the #roles channel, react with the house emoji to view channels for villages, and then join the ICS Village channel (on the left sidebar). (If you are reading this before DEFCON 30, be aware that some of this functionality may not be set up yet!)

ICS Village will also feature several workshops, challenges, and CTFs! Be sure to give them a shot:

ICS Village Charity BBQ: ICS Village will be hosting a #unicornchef (check out the show that has included interviews with recipes with folks like Chris Krebs) catered BBQ with a select group of great people in our community. As always, our events adhere to a safe space policy including lots of non-alcoholic options. There will be a pool so bring your swim trunks and a towel! All proceeds go to the ICS Village 501c3 non-profit.

[[Buy Tickets to the BBQ]]

Fantom5 SeaTF: Contestants will be able to try their hand and compete in a point based Capture the Flag hacking competition based around 3 Maritime consoles. The consoles involved will be Navigation systems, Steering and Propulsion systems, and Ballast systems. These systems provide a relative experience of the actual systems found aboard a naval vessel.

DDS Hack-the-Microgrid: Microgrids are pretty high maintenance, and like satellites, primarily built for survivability, not security. As the Department of Defense marches toward deploying microgrids at scale to shore up mission resilience in response to the challenges presented by climate change, hackers are gonna hack.

In this lab, you’ll learn the basics of microgrid design – from what they are, how they work, and how they regulate themselves. Then, you’ll be able to use this knowledge to then attempt to take over and shut down a mock microgrid by hacking its weather data system and sensor input network to generate chaos.

Maritime Hacking Boundary Adventure: Have you ever wanted to run your own shipyard? To drive ships? Without permission? Then the Hacking Boundary tabletop role playing game is just for you. Hacking Boundary is a realistic, competitive, game of identifying and exploiting vulnerabilities in ports and ships. The game is designed to allow for you to bring your knowledge, skills, and abilities to the table and use these to compete against your peers. The game will last about 4 hours, and participants will have roles as attackers, defenders, or the mighty US government. Come for the competition, stay for the victory points, but try and not generate a lot of digital exhaust for the cops to find.

- Session 1 Friday August 12: 1:00 pm to 5:00 pm PDT
- Session 2 Saturday August 13: 1:00 pm to 5:00 pm PDT
- Session 3 Sunday August 14: TBD

CISA and Idaho National Lab Escape Room: CISA and Idaho National Lab invite you to participate in an immersive Escape Room adventure to test your cybersecurity and infrastructure protection skills. This Escape Room will challenge you and your Team through a series of traditional time-bound Escape Room challenges mixed with cybersecurity elements. Participant’s skills will be confronted with cybersecurity puzzles involving wireless technologies, Open Source Intelligence (OSINT) analysis, database exploitation, network discovery, industrial control systems, cryptography, Arduino backed puzzles, and more. With the mix of traditional escape room puzzles, there is enough to do for everyone regardless of the level of their cyber skills. Come have fun while learning more about cybersecurity with CISA and Idaho National Lab. Swing by the ICS Village to reserve a time for your team.

Escape Room Scenario: A disgruntled employee, Bob, has been plotting to bring down the company where he works. In retaliation for his perceived mistreatment, Bob has created an electromagnetic pulse device (EMP) to take out sensitive industrial control systems in the area. Thanks to a few diligent and observant company employees, Bob was taken into custody but not before the timer on the device could be activated! The EMP device has been armed and the clock is ticking. CISA needs your help in protecting our critical infrastructure by following the clues found in Bob’s office to help CISA to disarm the EMP device before it is too late.

ICS Village Talk Schedule

All Times Local (PDT) - Subject to Change
August 12, 2021
10:00 am - 11:00 am
Ohm, how do I get into ICS?
Dennis Skarr, Josephine Hollandbeck, Kairie Pierce, Erin Cornelius, Christine Reid
August 12, 2022
11:00 am - 11:30 am
Closing a Security Gap in the Industrial Infrastructure Ecosystem: Under-Resourced Organizations
Dawn Cappelli
August 12, 2022
11:30 am - 12:00 am
CRITICAL FINDING: Lessons Learned from Dozens of Industrial Network Architecture Reviews
Nate Pelz, Miriam Lorbert
August 12, 2022
12:00 am - 1:00 pm
Understanding Modbus TCP and the GRACE Console [[Maritime]]
Dave Burke
August 12, 2022
1:00 pm - 2:00 pm
The USCG's Maritime Cybersecurity Strategy [[maritime]]
RADM John Mauger
August 12, 2022
2:00 pm - 3:00 pm
Exposing aberrant network behaviors within ICS environments using a Raspberry Pi
Mike Raggo and Chet Hosmer
August 12, 2022
3:00 pm - 3:30 pm
Wind Energy Cybersecurity: Novel Environments facing Increased Threats
Meg Egan
August 12, 2022
3:00 pm - 3:30 pm
Power Flow 101 for hackers and analysts
Stefan Stephenson-Moe
August 12, 2022
4:00 pm - 5:00 pm
Research and Deliverables on Utilizing an Academic Hub and Spoke Model to Create a National Network of ICS Institutes
Casey O'Brien
August 12, 2022
5:00 pm - 5:30 pm
Why aren’t you automating?
Don C. Weber
August 12, 2022
5:30 pm - 6:00 pm
Stop worrying about Nation-States and Zero-Days; let's fix things that have been known for years!
Vivek Ponnada
August 13, 2022
10:00 am - 11:00 am
Industry 4.0 and the MTS of the Future – Convergence, Challenges and Opportunities [[MARITIME]]
Zac Staples
August 13, 2022
11:00 am - 11:30 am
Describing Maritime Cyber work roles Using the NICE Framework
Tyson B. Meadors
August 13, 2022
11:30 am - 12:00 am
Taking MITRE ATT&CK for ICS to Sea
Tyson B. Meadors
August 13, 2022
12:00 am - 1:00 pm
Understanding AIS Protocols and the GRACE Console [[Maritime]]
Gary Kessler
August 13, 2022
1:00 pm - 1:30 pm
We Promise Not to Brick It... But If We Do...
Marissa Costa and Todd Keller
August 13, 2022
1:30 pm - 2:00 pm
Cyber Physical Lab Environment for Maritime Cyber Security
Wesley Andrews
August 13, 2022
2:00 pm - 3:00 pm
Keeping Beer Cold: Attackers, ICS and Cross-Sector Defense
John Bryk, Jaquar Harris, Tim Chase
August 13, 2022
3:00 pm - 4:00 pm
The Perfect Storm: Deception, Manipulation, and Obfuscation on the High Seas
Rae Baker
August 13, 2022
4:00 pm - 5:00 pm
The Geopolitical Implications of the Escalation and Weaponization of GPS and AIS Spoofing [[MARITIME]]
Gary Kessler, Tyson B. Meadors, Dr. Diane Maye Zorri
August 13, 2022
5:00 pm - 6:00 pm
Thrice Is Nice: Evaluating the Ukrainian Power Events from BlackEnergy to Industroyer2
Joe Slowik
August 13, 2022
6:30 pm - 10:00 pm
ICS Village Charity BBQ [[TICKETS]]
unicornchef
August 14, 2022
10:00 am - 11:00 am
Tales from the trenches - why organizations struggle to get even the basics of OT asset visibility & detection right.
Vivek Ponnada
August 14, 2022
11:00 am - 12:00 am
OT:ICEFALL - Revisiting a decade of OT insecure-by-design practices
Jos Wetzels
August 14, 2022
12:00 am - 1:00 pm
Understanding CAN Bus and the GRACE Console [[Maritime]]
Dave Burke
August 14, 2022
1:00 pm - 2:00 pm
Spear Vishing / VoIP Poisoning - Maritime and Land
Travis Juhr
August 14, 2022
2:00 pm - 2:30 pm
Navigating the High Seas When Dealing with Cybersecurity Attack
Daniel Garrie