Tuesday, February 11

6:30 p.m. – 8:30 p.m. Welcome Reception
Whitehall Room – 2nd floor


Wednesday, February 12 – All sessions and panels are in Bluebonnet B, 2nd Floor

8:00 a.m. Continental Breakfast

Bluebonnet A

8:00 a.m. Registration Desk Opens

Bluebonnet Lobby

9:00 a.m. – 9:30 a.m. CREDC Overview and Update

David M. Nicol, CREDC PI, University of Illinois at Urbana-Champaign

9:30 a.m. – 10:00 a.m. Cybersecurity for Energy Delivery Systems (CEDS) division overview

Akhlesh Kaushiva, Program Manager, US Department of Energy

10:00 a.m. – 12:00 p.m. Panel: Industrial IOT security

There has been a lot of attention to attacks on consumer electronic devices. At the same time, there is an urgent need to focus on the cyber resilience of industrial systems that are involved in manufacturing components for the utility sector. With an increased appetite for smart industrial things, there is a need for increased cyber resilience or else it could place a company’s ecosystem at risk. This panel discussion will address the challenges and opportunities in realizing cyber resilient industrial things.

Session Chair: Sachin Shetty, Old Dominion University

·         Amin Hassanzadeh, Accenture Labs

·         Dmitry Ishchenko, ABB

12:00 p.m. – 1:00 p.m. Lunch

Bluebonnet A

1:00 p.m. – 2:30 p.m. Panel: Techniques and Technologies to Address Emerging Supply Chain Security Threats

Modern energy delivery systems are increasingly dependent on interconnected industrial control systems through an ecosystem of vendors, suppliers, distributors, integrators and consumers.  Infrastructure modernization activities and increased cyber threats have resulted in new supply chain security challenges for utilities and vendors. The panel will discuss innovations needed in improving state-of-the art process and technology to enhance identification, monitoring, auditing and realize supply chain security goals and secure EDS.

Session Chair: Adam Hahn, Washington State University

·         Dennis Gammel, SEL

·         Paul Skare, Pacific Northwest National Laboratory

·         Jeff Baumgartner, Berkshire Hathaway Energy

2:30 p.m. – 3:00 p.m. Break
3:00 p.m. – 3:15 p.m. Update on CREDC Education Efforts

·         Jana Sebestik, University of Illinois at Urbana-Champaign

CREDC pre-university education focuses on engaging and informing students, their teachers, and their families about the importance of a modern and efficient energy delivery system. We connect the science and engineering of circuits, power systems, cyber physical devices with the traditional school curriculum using hands-on and virtual interactive lessons and activities. CREDC Education also provides energy information for an informed public. We teach about the challenges of balancing energy costs and concerns about climate change and the environment, the effects of increasing amounts of renewable energy sources like wind and solar, and the increasing options for consumers to use energy efficiently and to use electronic devices to manage their energy consumption.

3:15 p.m. – 4:00 p.m. Accelerating Emerging Technologies to Industry Applications

·         Christine Hertzog, Electric Power Research Institute

EPRI has an extensive history of delivering innovative technologies and practices to successful adoption in electric utilities. Critical infrastructure is experiencing increasing cyber attacks. The Cyber Security Strategic Initiative intends to accelerate the innovation to implementation timeline to respond to shifting attack vectors. The EPRI CREDC Challenge is one tactic to streamline utility adoption of cyber security innovations. This presentation will describe current research activities and identify potential research and product opportunities to reduce cyber security vulnerabilities for critical infrastructure like electric utilities.

4:00 p.m. – 4:30 p.m. Proactive Cyber Risk Management in Industrial Internet of Things

·         Sachin Shetty, Old Dominion University

·         Amin Hassanzadeh, Accenture Labs

Oil and gas companies have benefitted from using Industrial Internet of Things (IIOT) sensors to track well production and pipeline operations. However, vulnerabilities in IIoT technologies can impact cyber resilience of the pipeline operations. Cyber resilience hinges on data driven analytics. Without data driven analytics, we cannot characterize the attack surface accurately which leads to incorrect estimation of impact of cyber threats. We present an attack graph driven approach that provides security administrators detailed insights into vulnerabilities responsible for cyber threats that cause the most disruption of services and data breaches and providing options to patch vulnerability vs application of security control.

4:30 p.m. – 4:45 p.m. Closing Remarks & Poster Session Instructions
5:00 p.m. – 7:30 p.m. Poster Session & Networking Reception
Bluebonnet A




Thursday, February 13 – All sessions and panels are in Bluebonnet B, 2nd Floor

7:30 a.m. Continental Breakfast

Bluebonnet A

7:30 a.m. Registration Desk Opens

Bluebonnet Lobby

8:30 a.m. – 9:00 a.m. Adapting Electric Power Threat Model Ontologies For Use With Oil & Gas Systems

·         Ken Keefe, Information Trust Institute

The EDS Threat Ontology CREDC team at UIUC has been working on developing a threat ontology for electric power distribution systems over the past year. The ontology, when coupled with a knowledge base of data about a specific system instance, is used to generate executable discrete-event simulation models that analyze a system’s cyber-physical threat landscape. Many semantic connections between components in a power system (e.g., feeder, line, relay) and components in an oil & gas system (e.g., tank-pump, pipeline, valve) can be made. This begs the question, “How can we utilize this work toward a cyber-physical threat ontology for electric power for a parallel project focused on oil & gas?” This talk will explain the model generation approach the CREDC team is using, where we currently are with our electric power distribution ontology, and set the stage to begin to answer this question.

9:00 a.m. – 11:00 a.m. Panel: What’s Next? Looking 5 to 10 years ahead

What is needed over the next 5 to 10 years to safely secure real-time environments in the wave of next generation threats?

Session Chair: Tom Frobase, Kitparts LLC

·         Topic 1: IT to OT walk through time; Carin Meyer, Meritage Midstream

·         Topic 2: Emulation of Real-Time Environments; Deniz Gurkan, University of Houston

·         Topic 3: IOT 4.0; Al J. Rivero, Rajant Corporation, LLC

11:00 a.m. – 11:15 a.m. Break
11:15 a.m. – 12:15 p.m. Anticipating the Legislative and Regulatory Cyber Landscape

There is a significant amount of activity and conversation taking place around the role of federal and state government bodies in cybersecurity; as well as the impact of existing, pending and future legislation on cybersecurity postures within critical infrastructure.    Regulation is typically created to incent certain behaviors or address issues and/or policy disconnect(s) in the marketplace.  Should there be more or less regulation and what impact is it currently having on behavior? Is there an opportunity for better collaboration? This panel will discuss recent legislation in the state of Texas as well as other state actions and federal government developments that impact utilities and other critical infrastructure entities as well as the future of cyber regulation.

Session Chair: Dominic Saebeler, Whitler & Company

·         Michael Allgeier, Electric Reliability Council of Texas (ERCOT)

·         Scott Smith, City of Bryan, Texas

·         Chris Humphreys, The Anfield Group

12:15 p.m. Closing remarks
12:30 p.m. – 1:30 p.m. Working lunch

Bluebonnet A

12:30 p.m. – 1:30 p.m. Breakout Session – Facilitated by CREDC leadership

By Invitation Only. Lunch will be provided.

Cougar Room