A: Rolling out standards and shared infrastructure for aSecure Smart Grid - Pros and Cons of different models
Workshop Leader: Søren Peter Nielsen, Managing Consultant,Nine Consult A/S and Danish Government Representative
08.30 - 12.30
B: Smart Meter Vulnerabilities and Privacy in SmartGrid Projects: A lesson from Brazil
Workshop Leader: Jose Reynaldo Formigoni Filho, InformationSecurity Manager, CPqD
13.30 - 17.30
www.smartgridcybersecurity.co.ukRegister online or fax your registration to +44 (0) 870 9090 712 or call +44 (0) 870 9090 711
Utility, Academic and Group Discounts Available
PLUS TWO INTERACTIVE HALF-DAY POST CONFERENCE WORKSHOPSWednesday 11th March 2015 | Marriott Regents Park Hotel, London, UK
WHY ATTEND THIS EVENT:• Learn how real-time information can make smart grids
more efficient
• Discuss how utilities on a pan-European scale can improve
a stronger security
• Explore intelligent financial investment
• Predict how smart grid and the green energy industry can
tackle cyber attacks
REGISTER BY 28th NOVEMBER AND RECEIVE £300 DISCOUNTREGISTER BY 30TH JANUARY AND RECEIVE £100 DISCOUNT
9th - 10th
MARCH2015
Marriott Regents Park Hotel, London, UK
European Smart GridCyber Security
SMi presents its 5th annual conference on…
@UtilitiesSMi
Michael John, Senior Security Consultant,European Network for Cyber Security (ENCS)
Carmine Rizzo, Technical Officer, EuropeanTelecommunications Standards Institute (ETSI)
KEYNOTE ADDRESSES FROM:
Certification and Private Software: Testing theequipment and bringing knowledge to the boardroom
Laurent Schmitt, Grid Power Electronics &Automation ,Vice President Strategy &Innovation, Alstom Grid
Eberhard Oehler, CEO, Stadtwerke EttlingenGmbH
Mauriche Kroos, Security Officer, ENEXIS B.V.
Søren Peter Nielsen, Managing Consultant, NineConsult A/S
Steven Frere, Expert Datacom and Security SmartMetering, Eandis
Dr. Konstantinos Moulinos, Expert in Network &Information Security, ENISA
Nandita Parshad, Director of Power and EnergyUtilities, EBRD
Alessandro Parisi, Ethical Hacker, Data Scientist,Start IT Hub
CONFERENCE SPEAKERS INCLUDE:
REGISTER ONLINE AT: WWW.SMARTGRIDCYBERSECURITY.CO.UK • ALTERNATIVELY FAX YOUR REG
08.30 Registration & Coffee
09.00 Chairman's Opening Remarks Dieter Sarrazyn, Consultant & Managing Partner, Toreon CVBA
Awareness Of Cyber Security Threats on Smart Grid
OPENING ADDRESS / KEYNOTE ADDRESS09.10 Finding the Best Means to Respond to Security Threats • The scope of cyber threats in the 21st century • Tapping into new solutions and new technology to
combat cyber threats • Perspective from the European Network for Cyber
Security (ENCS) Michael John, Senior Security Consultant, European
Network for Cyber Security (ENCS)
09.50 Cyber Security - Enterprise Risks and Governance Priority • Understanding what truly matters and just how much • Integrate and wrap all that technology • Yes better situational awareness & monitoring, but
‘respond’ sand ‘recover’ too • Lesson learning & sharing for more than merely ‘the
sum of the parts’ Stephen Daniels, FMS, FIOR, FBCS, CITP, Managing
Director, I.S.M.S Consulting Services Limited
10.30 Morning Coffee
10.50 Cyber Threat Intelligence applied to Industrial ControlSystems and Smart Grids
• Basic concepts on SmartGrid Cyber Attacks • Example of real attacks to IEC 61850 architecture • ICS Security: the challenge to detect a cyber attack
in an Industrial Process world • Connecting the dots with Threat Intelligence needs
capability from both worlds - ICT and ICS • Suggested framework to transform the Threat Intelligence
in Actionable Information for the Security Team Toto Zammataro, Senior Advisor, Intellium LTD and Andrea Carcano, Co Founder, CEO, Nozomi Networks SA
11.30 ENISA’S work on smart grid cyber security • Security measures for smart grids • Security certification for smart grids • Smart grid security governance models in Europe Dr. Konstantinos Moulinos, Expert in Network &
Information Security, ENISA
12.10 Networking Lunch
Investment Opportunities and Cyber Security Assurance
13.30 Financial Investment in combating cyber-attacks on Smart Grid • Identifying opportunities for financial investments • ROI and cybersecurity : defining the issue for stakeholders • How to quantify cybersecurity investments • Bankability projects in the protection of Smart Grid Nandita Parshad, Director of Power and Energy Utilities, European Bank for Reconstruction and Development (EBRD)
14.10 The Role of Standards and Certification in Cyber SecurityAssurance
• The challenge – are standards, audits and your ownbusiness objectives compatible?
• Balancing the variety of standards and associatedassurance mechanisms.
• How to determine what is right for your organisation. • Picking the right partners to help. Steve G Watkins, Director, IT Governance Ltd.
Case Study on German Cyber Security Approach and New Technologies
14.50 Grid Computing - Can You Keep Control of a DistributedInfrastructure?
• Computer Network Defence (CND) is hard, and sprinklingyour computers all over the country doesn’t make iteasier. Which additional attack vectors must becovered?
• How are computer network based attacks against utilitiesperformed? How will the smart grid change that picture?
• Know your enemy: Who are the attackers and what dothey want?
• No magic box in the network will do defence for you, butyour staff well might.
• Compliance is not Security. Occasionally, it’s theopposite. How do we deal with regulated vulnerability?
Felix Lindner, Head, Recurity Labs GmbH
15.50 Afternoon Tea
15.50 The Relevance of Humans concerning Cyber-Secuity -especially in the Domain of Critical Sensitive Infrastructure
• IT-security as an important part of energy supply • Digital attacks against critical sensitive infrastructures • Internal and external protective measures • Absolute security can never be achieved. Eberhard Oehler, Managing Director, Stadtwerke Ettlingen GmbH
Panel Discussion on The Impact of EU Policies on The Cyber Security of Smart Grid
16.30 Smart Grid and Cyber Security: a case for national, regionalor local approach
• Harmonisation of Cybersecurity standards - a long term vision • The role of PPP • Do we need a specific legislation to deal with cyber-attacks? • Does cyber-security need a policy or risk-based approach? • Defining the role of the EU and local energy authorities in
protecting the smart grid Dr. Konstantinos Moulinos, Expert in Network & Information
Security, ENISA Felix Lindner, Head, Recurity Labs GmbH Stephen Daniels, FMS, FIOR, FBCS, CITP, Managing Director,
I.S.M.S Consulting Services Limited Steve G Watkins, Director, IT Governance Ltd. Dominik Spannheimer, Chief Information Officer, 50Hertz 17.10 Chairman's Closing Remarks and Close of Day One
European Smart Grid Cyber Security 2015 DAY ONE | 9th March 2015
SPONSORSHIP AND EXHIBITION OPPORTUNITIESSMi offer sponsorship, exhibition, advertising and branding packages,uniquely tailored to complement your company’s marketing strategy.Prime networking opportunities exist to entertain, enhance and expandyour client base within the context of an independent discussion specificto your industry.
Should you wish to join the increasing number of companies benefitingfrom sponsoring our conferences please call: Sadia Malick on +44 (0) 20 7827 6748 or email: [email protected]
Interested in promoting yourservices to this market?
Contact Sarah Watson, SMi Marketing on+44 (0) 207 827 6134 or email [email protected]
Official Platinum Media Partner
www.smartgridcybersecurity.co.uk
GISTRATION TO +44 (0) 870 9090 712 OR CALL +44 (0) 870 9090 711 • GROUP DISCOUNTS AVAILABLE
European Smart Grid Cyber Security 2015DAY TWO | 10th March 2015
08.30 Registration & Coffee
09.00 Chairman's Opening Remarks Dieter Sarrazyn, Consultant & Managing Partner, Toreon CVBA
OPENING ADDRESS / KEYNOTE ADDRESS09.10 ETSI Cyber Security standardization • Overview of ETSI (European Telecommunications Standards
Institute) • ETSI Cyber Security work in its Technical Committee “CYBER” • Collaboration with other Standards Developing
Organisations • Other planned ETSI Cyber Security activities Carmine Rizzo, Technical Officer, European
Telecommunications Standards Institute (ETSI)
Case Study on Cyber Attacks and Pragmatic Impact on The Smart Grids
09.50 Implementing Secure Communications for CriticalInfrastructure - A Danish example
• Introduction to the Combined Heat and Power PlantCommunications (CHPCOM) project
• Smart Grid solutions for data communication acrossactors in the energy sector
• The use of IEC 62351 to ensure data communication • The use of X.509 based PKI for authentication of actors • Role-based access control • Trust Framework requirements Søren Peter Nielsen, Managing Consultant, NineConsult A/S
10.30 Morning Coffee
Estfeed: The Estonian Data Platform Project
10.50 How to Use Governmental Digital InfrastructureComponents to Develop Data Exchange in the EnergySector – Estonian case study
• Estfeed is data sharing platform (EU wide authentication,identification, crypto channels, log management,encryption, mandate management, public keyinfrastructure (PKI)).
• Simple data collection software (open sourcecomponents) for smart meter infrastructure.
• System for consumer accessing its hourly readings withoutthird parties involved. Mandates for sellers accessing thereadings
• The free software infrastructure connecting e-servicedatabases of the whole public sector in Estonia
Kristo Klesment, Project Manager, Elering AS (Estonian National Grid)
11.30 Security related lessons learned from the Eandis Flemish Pilot • Introduction Eandis – Flemish pilot • Eandis smart meter concept - Multi gateway & filtering - Smart Communication Module (SCM) - E2E security by design • Challenges at set-up and op • eration • Lessons Learned Steven Frère, Expert Datacom & Security Smart Metering,
Eandis
12.10 Networking Lunch
13.30 Case Study Overview of new American & European Recommendationsfor SmartGrids security
• Main recommendations from NERC & ENISA • Introduction of new cybersecurity levels • Implications on future SmartGrid ICT and project
deployment • New Cybersecurity situational applications Laurent Schmitt, Grid Power Electronics & Automation, Vice
President Strategy & Innovation, ALSTOM Grid
BSI Certification Gateways and Current Research
14.10 Protecting the energy sector’s infrastructure from cyber attack • Detecting threats and risks- assessment of Cyber attacks • Challenges and opportunities in the market • Developing Cyber Security Guidelines • Financial mechanism, incentives and regulatory
framework • Outlining Cybersecurity standards Ruth Davis, Head of Programme Cyber, Criminal Justice
and National Security, techUK
14.50 Organisational and Technical Security Challenges • Are you ready to manage and securely maintain millions
of devices? • What does Moore’s law tell us? • Software ages! Are you prepared? • Did you plan for an emergency upgrade of hundred
thousands of security components? • Is the public and are your MPs prepared for a rough smart
grid learning curve facing more power disruptions andless reliability?
• R&D challenges Eric Luiijf MSc, Principal Consultant, TNO
15.30 Afternoon Tea
Cyber Security and Telecom Solution: The Dutch Experience
15.50 An Integrated Approach to Cybersecurity within Enexis –lessons learned
• Which challenges is Enexis facing with it’s cybersecurityroadmap (IT/OT/Smartmeters)?
• Aligning Corporate Strategy with the cybersecurityapproach
• How to identify internal and external stakeholders andsatisfying their (security) needs
• Lesson’s learned from security monitoring in the OT domain • A practical approach to embedding security in a Private
Virtual Network Operator environment (PVNO) Mauriche Kroos, Security Officer, ENEXIS B.V
Data Strategies for Clouds and Smart Grids
16.30 Data Driven Strategies for Prioritizing Malicious Code Threatswithin Cloud and Smart Grids infrastructures
Session Details to be announced Alessandro Parisi, Ethical Hacker, Data Scientist, HackingWisdom.com, StartITHub.com
17.10 Chairman's Closing Remarks and Close of Day Two
Official Silver Media Partner
Official Leading Media Partner
Supported by
www.smartgridcybersecurity.co.uk
HALF-DAY POST CONFERENCE AM WORKSHOPWednesday 11th March 2015
08.30 – 12.30Marriott Regents Park Hotel, London, UK
A: Rolling out standards and sharedinfrastructure for a Secure Smart Grid -
Pros and Cons of different models
Workshop Leader:Søren Peter Nielsen, Managing Consultant, Nine Consult
A/S and Danish Government Representative
Overview of workshop:When it comes to reaching the goal of securing thecommunication between all critical factors in the electricitysector a big question is how well the approach toimplementation can be copied between different countries.
There are many factors that will influence the models forsecurity architecture, roll-out, legislation, funding,governance etc. This workshop will present characteristics ofmodels applied in different countries and open for adiscussion of pros and cons of the different models.
Why you should attend this workshop:• Most countries face the challenge of implementing secure
standardized communications in the energy sector toenable open transparent markets and to counter cyberthreats.
• This workshop will provide a forum to discuss different rolloutmodels, and exchange experiences:
• Authorities and regulators should attend to get inspirationabout the regulatory and governance requirements indifferent scenarios.
• TSO’s and DSO’s should attend to get a more clear pictureof their roles and responsibilities depending on the type ofroll-out
• Service Providers and Suppliers should attend to learnabout their market opportunities and the types of newrequirements to expect.
Programme:08.30 Registration & Coffee
09.00 Welcome and Introduction
09.10 Presentation of different models for a rollout ofsecure standardized communications infrastructurewith examples from different countries initiatives
10.10 Morning Coffee
10.30 Break out into smaller groups to discuss pros andcons of the different models
11.30 Interactive Q & A session
12.30 Close of Workshop
About the workshop leader:Søren Peter Nielsen has 30+ years with bridgingtechnology and business in the ICT sector. He hasbeen a key player in the execution of the DanishGovernment strategies for digitization of thepublic sector and has solid experience with
Shared Services, ICT infrastructure and EnterpriseArchitecture. Since 2010 Søren has been working with theutilization of ICT in the Energy sector. In 2011 he lead the workto produce recommendations for the Danish GovernmentSmart Grid strategy in the areas of new services, consumerengagement, standards and security. Søren currently worksas a consultant on various projects in the Energy sectorincluding the CHPCOM project.
About CHPCOM:CHPCOM brings the futures Smart Grid solutionsfor data communication to and fromdecentralized combined heat and powerplants close to the demand of today.
The international standards for data communication forDistributed Energy Resources (DER) have been underway for10 years. First and foremost it has been the electrotechnicalstandardisation organisation IEC, who has been leading thisdevelopment and now the major part of the standards areready for use. CHPCOM takes the standards from the paperand into actual use. The standards are validated throughactual use in production among a number of power plants,balancing responsibles, DSO’s and the Danish TSO.www.chpcom.dk/en
HALF-DAY POST CONFERENCE PM WORKSHOPWednesday 11th March 2015
13.30 – 17.30Marriott Regents Park Hotel, London, UK
Smart Meter Vulnerabilities and Privacy inSmart Grid Projects: A lesson from Brazil
Jose Reynaldo Formigoni Filho, InformationSecurity Manager, CPqD
The workshop will closely explore :• Threat Assessment in Smart Meters• Possible Attacks in Brazilian Power Companies• Methodology of Vulnerability Assessment • Security Tests• Laboratory Certification
Why you should attend this workshop:Anyone likely to be involved in the preparation ofscientific material for an outward license or inevaluating inward licensing opportunities will benefitfrom this workshop, which will cover all the keyscientific drivers and issues that need to beconsidered
Programme:13.30 Registration & Coffee
14.00 Introduction and Threat Assessment in Smart Meters
14.30 Possible Attacks in Brazilian Power Companies
15.30 Coffee Break
16.00 Methodology of Vulnerability Assessment
17.00 Security Tests and Laboratory Certification
17.30 End of Workshop
About the workshop leader: José Reynaldo Formigoni Filho finished his Master´sDegree in Systems Engineering in 1995 andBachelor´s Degree in Electrical Engineering in 1984.Presently, he is the manager of the information andcommunication security department at CPqDFoundation, Brazil. His department has the followingR&D projects: (i) Biometric authentication (voice and facial), (ii) Security technologies for mobileenvironments, (iii) Security of SDR (Software DefinedRadio) and (iv) Vulnerability analysis of smartmeters. He is responsible for the provision ofspecialized security information services likevulnerability analysis, cryptography, and securecommunication for mobile systems, for the followingsectors: financial, utilities, government, military andtelecommunications. www.cpqd.com
SPONSORSHIP AND EXHIBITIONOPPORTUNITIESSMi offer sponsorship, exhibition, advertisingand branding packages, uniquely tailored tocomplement your company’s marketingstrategy. Prime networking opportunities exist toentertain, enhance and expand your clientbase within the context of an independentdiscussion specific to your industry.
Should you wish to join the increasing number ofcompanies benefiting from sponsoring ourconferences please call:
Sadia Malick on +44 (0) 20 7827 6748 oremail: [email protected]
EUROPEAN SMART GRID CYBER SECURITYConference: 9th - 10th March 2015, Marriott Regents Park Hotel, London UK Workshops: 11th March 2015
4 WAYS TO REGISTER
FAX your booking form to +44 (0) 870 9090 712
PHONE on +44 (0) 870 9090 711
ONLINE at www.smartgridcybersecurity.co.uk
If you have NOT received registration confirmation within 48 hours of registering, please call +44 (0) 870 9090 711
POST your booking form to: Events Team, SMi Group Ltd, 2nd Floor South,
Harling House, 47-51 Great Suffolk Street, London, SE1 0BS
Payment: If payment is not made at the time of booking, then an invoice will be issued and must be paidimmediately and prior to the start of the event. If payment has not been received then credit card detailswill be requested and payment taken before entry to the event. Bookings within 7 days of event requirepayment on booking. Access to the Document Portal will not be given until payment has been received.
Substitutions/Name Changes: If you are unable to attend you may nominate, in writing, another delegateto take your place at any time prior to the start of the event. Two or more delegates may not ‘share’ aplace at an event. Please make separate bookings for each delegate.
Cancellation: If you wish to cancel your attendance at an event and you are unable to send a substitute,then we will refund/credit 50% of the due fee less a £50 administration charge, providing that cancellationis made in writing and received at least 28 days prior to the start of the event. Regretfully cancellation afterthis time cannot be accepted. We will however provide the conferences documentation via theDocument Portal to any delegate who has paid but is unable to attend for any reason. Due to theinteractive nature of the Briefings we are not normally able to provide documentation in thesecircumstances. We cannot accept cancellations of orders placed for Documentation or the DocumentPortal as these are reproduced specifically to order. If we have to cancel the event for any reason, thenwe will make a full refund immediately, but disclaim any further liability.
Alterations: It may become necessary for us to make alterations to the content, speakers, timing, venueor date of the event compared to the advertised programme.
Data Protection: The SMi Group gathers personal data in accordance with the UK Data Protection Act1998 and we may use this to contact you by telephone, fax, post or email to tell you about other productsand services. Unless you tick here □ we may also share your data with third parties offeringcomplementary products or services. If you have any queries or want to update any of the data that wehold then please contact our Database Manager [email protected] or visit ourwebsite www.smi-online.co.uk/updates quoting the URN as detailed above your address on theattached letter.
Unique Reference Number
Our Reference LV U-036
Terms and Conditions of Booking
DELEGATE DETAILSPlease complete fully and clearly in capital letters. Please photocopy for additional delegates.
Title: Forename:
Surname:
Job Title:
Department/Division:
Company/Organisation:
Email:
Address:
Town/City:
Post/Zip Code: Country:
Direct Tel: Direct Fax:
Mobile:
Switchboard:
Signature: Date:I agree to be bound by SMi's Terms and Conditions of Booking.
ACCOUNTS DEPT
Title: Forename:
Surname:
Email:
Address (if different from above):
Town/City:
Post/Zip Code: Country:
Direct Tel: Direct Fax:
VENUE Marriott Regents Park Hotel, 128 King Henry's RoadLondon, NW3 3ST, United Kingdom
□ Please contact me to book my hotelAlternatively call us on +44 (0) 870 9090 711, email: [email protected] or fax +44 (0) 870 9090 712
□ Book by 28th November to receive £300 off the conference price□ Book by 30th January to receive £100 off the conference price
EARLY BIRDDISCOUNT
Payment must be made to SMi Group Ltd, and received before the event, by one ofthe following methods quoting reference U-036 and the delegate’s name. Bookingsmade within 7 days of the event require payment on booking, methods of paymentare below. Please indicate method of payment:
□ UK BACS Sort Code 300009, Account 00936418□ Wire Transfer Lloyds TSB Bank plc, 39 Threadneedle Street, London, EC2R 8AU Swift (BIC): LOYDGB21013, Account 00936418 IBAN GB48 LOYD 3000 0900 9364 18□ Cheque We can only accept Sterling cheques drawn on a UK bank.□ Credit Card □ Visa □ MasterCard □ American Express All credit card payments will be subject to standard credit card charges.
Card No: □□□□ □□□□ □□□□ □□□□Valid From □□/□□ Expiry Date □□/□□CVV Number □□□□ 3 digit security on reverse of card, 4 digits for AMEX card
Cardholder’s Name:
Signature: Date:I agree to be bound by SMi's Terms and Conditions of Booking.
Card Billing Address (If different from above):
DOCUMENTATIONI cannot attend but would like to purchase access to the following DocumentPortal/paper copy documentation Price Total□ Access to the conference documentation
on the Document Portal £499.00 + VAT £598.80□ The Conference Presentations – paper copy £499.00 - £499.00
(or only £300 if ordered with the Document Portal)
PAYMENT
VATVAT at 20% is charged on the attendance fees for all delegates. VAT is also charged on liveStreaming, on Demand, Document portal and literature distribution for all UK customers andfor those EU Customers not supplying a registration number for their own country here.______________________________________________________________________________________________
CONFERENCE PRICESI would like to attend: (Please tick as appropriate) Fee TotalUTILITY AND ACADEMIC COMPANIES□ Conference and 2 Workshops £2097.00 +VAT £2516.40□ Conference and 1 Workshop £1498.00 +VAT £1797.60□ Conference only £899.00 +VAT £1078.80□ 2 Workshops £1198.00 +VAT £1437.60□ 1 Workshop only £599.00 +VAT £718.80□ AM □ PM
COMMERCIAL ORGANISATIONS□ Conference and 2 Workshops £2697.00 +VAT £3236.40□ Conference and 1 Workshop £2098.00 +VAT £2517.60□ Conference only £1499.00 +VAT £1798.80□ 2 Workshops £1198.00 +VAT £1437.60□ 1 Workshop only £599.00 +VAT £718.80□ AM □ PM
PROMOTIONAL LITERATURE DISTRIBUTION □ Distribution of your company’s promotional literature to all conference attendees £999.00 + VAT £1198.80The conference fee includes refreshments, lunch, conference papers, and access to theDocument Portal. Presentations that are available for download will be subject todistribution rights by speakers. Please note that some presentations may not be availablefor download. Access information for the document portal will be sent to the e-mailaddress provided during registration. Details are sent within 24 hours post conference.