ARU CSNRG, OWASP Cambridge, BCS Cybercrime IoT & ICS/SCADA Forensics Workshop 2018

           ARU  OWASP


BCS logo




Anglia Ruskin University, Cambridge CB1 1PT
10th January 2018, 09:30 - 16:00

Hosted by:

Cyber Security & Networking Research Group, Anglia Ruskin University; British Computer Society (BCS), Cybercrime Forensics Special Internet Groups; UK Society Forum Cambridge Cluster, and OWASP (Open Web Application Security Project) Cambridge Chapter.

Industry pundits have predicted that we are about to experience the fourth industrial revolution (Industry 4.0), which is the future of industrial production based on the “Internet of Things” (IoT). As with all previous industrial major transitions, this leads to exciting opportunities but also great challenges. The “perfect world” is that IoT is expected to offer advanced connectivity of devices, systems, and services that goes beyond machine-to-machine (M2M) communications. The interconnection of these embedded devices will potentially usher in automation in nearly all fields, resulting in improved efficiency, accuracy and economic benefit in addition to reduced human intervention. However, integrating IoT technologies within an organisation means loosening access to the IT infrastructure, thus making it more susceptible to errors and vulnerable to attack. This is a scary proposition as intruders will not stop trying to find new ways of infiltrating business networks.

To better understand these infiltrations a cyber forensics program is necessary, but this can be a challenging task when being applied to nontraditional environments such as IoT and industrial control systems. Modern IT networks, through data exchange mechanisms, data storage devices and general computing components provide a good foundation for creating a landscape used to support effective cyber forensics. However, modern control systems environments are not easily configurable to accommodate forensics programs. Nonstandard protocols, legacy architectures that can be several decades old, and irregular or extinct proprietary technologies can all combine to make the creation and operation of a cyber forensics program anything but a smooth and easy process.

PA Consulting and 7Safe's cyber experts will be delivering talks around the following key themes:

  • Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester - Aleksander Gorkowienko 
  • Live hacking Industrial Control Systems with the ICS Demonstrator​ - Karl Williams.

PA Consulting & 7Safe ICS Demonstrator

[Photo: PA Consulting & 7Safe ICS Demonstrator] 

Talk by Aleksander Gorkowienko of PA Consulting & 7Safe

Aleksander Gorkowienko is a qualified IT security professional with over 14 years of practice in IT, working across numerous industry sectors. With primary focus on Proactive Cyber Security and Social Engineering, he has been leading multiple projects, authoring security related tools and courses and speaking on security conferences, such as “Black Hat”. He is CREST certified and has proven experience in IT architecture risk analysis, risk management, threat modelling and also practical exploitation and software development best practices. Aleksander is utilising diverse technical skills with practical knowledge how to successfully apply security principles and guidelines to complex modern IT and OT projects.


Securing sub-sea control systems from targeted cyber-attack: vulnerabilities found by an experienced pen tester

7Safe has recently helped to remediate serious security vulnerabilities in a sub-sea control system for a global provider of industrial solutions of oil and gas that will be deployed on a Floating, Production, Storage and Offloading vessel (FPSO). 


Aleksander ‘Aleks’ Gorkowienko conducted simulated attacks - demonstrating that an attacker could connect to the network and carry out Man-In-The-Middle attacks, change time data coming from the ship GPS system and to intercept and modify network traffic whilst remaining virtually unnoticed. As a result, the client was satisfied that we had enabled them to significantly harden their system and in so doing protect their prestigious reputation in the Oil & Gas industry.

Aleks will outline how he approached this task in collaboration with the development engineers and what lessons have been learned from penetration testing. 

Talk and demonstration by Karl Williams, Principal Consultant - PA Consulting, “ICS Demonstrator”

Karl Williams is a Principal Consultant with PA Consulting’s Energy & Utilities Cyber team and has extensive experience in conducting and delivering complex assignments on Industrial Control Systems (ICS) across energy and transport Critical National Infrastructure (CNI) clients. 

 Karl Williams of PA Consulting 


ICS Demonstrator

The PA Consulting Energy & Utilities Cyber team developed the ICS Demonstrator to support industry operating with ICS in place. The tool uses real life ICS equipment and networks to provide demonstrations of potential cyber-attacks, security testing of ICS/OT devices and the integration and testing of security solutions. Currently the OT on the rig has been configured to simulate the cooling process found within a nuclear reactor but its flexible architecture means that it can be changed to simulate other industrial processes much like those found in gas and power generation plants. Combined with our test rig and our CREST-approved cyber security arm, 7safe, we have the capability to carry out comprehensive testing on a range of products, devices and systems, highlight where vulnerabilities lie and recommend risk reducing controls. The demonstrator rig has already been In front of various multi-sector clients, government bodies and regulators and has been well received at many industry conferences and workshops this year.

Provisional Agenda

09:30 – 10:00

Registration & Refreshments (LAB006).


10:00 – 10:05

Welcome from the OWASP Cambridge Chapter Leader, Adrian Winckles, Director of Cyber Security & Networking Research Group, Anglia Ruskin University (LAB002).


10:05 – 11:00

Ken Munro, Pen Test Partners.


11:00 – 11:30

Aleksander Gorkowienko, PA Consulting & 7Safe: “Securing sub-sea control systems from cyber-attack: vulnerabilities found by an experienced penetration tester”.


11:30 – 12:00

Karl Williams, PA Consulting “Live hacking Industrial Control Systems with the ICS Demonstrator”.


12:00 – 13:00

Maxim Silin, Technical Architect, GSK – TBC.


13:00 – 14:00

Lunch & Networking (LAB006).




Please register for this free event online at:

The meeting will be held in the Lord Ashcroft Building, Room LAB002 (Breakout Room LAB006 for networking & refreshments).

Please enter through the Helmore Building and ask at reception.
Anglia Ruskin University
Cambridge Campus
East Road

Please note that there is no parking on campus. Get further information on travelling to the university.