Pentesting the Smart Grid

Black Hat USA 2011

Presented by: Justin Searle
Date: Thursday August 04, 2011
Time: 13:45 - 18:00
Location: Milano I - IV
Track: Applied Knowledge Workshop Alpha

This workshop will take a deep dive into the penetration testing of the hardware and network protocols of three of the most important systems of the Smart Grid, namely smart meters, SCADA, and synchrophasors. We'll look at the common features provided by AMI meters, dissect the ANSI c12 family of protocols they use, and the systems they connect to. Next we'll look the most common SCADA protocols used in the Smart Grid (DNP3 and IEC 61850), the devices they control, and the infrastructure used for substation automation. Finally we'll look at synchrophasor architectures, look at their most common protocol (C37.118), and discuss how they are used in Wide-Area Monitoring, Protection, and Control (WAMPAC). To wrap up the workshop, we'll play with embedded hardware pentesting techniques and introduce a new live Linux distro created for this purpose.

Justin Searle

Justin Searle is a Senior Security Analyst with InGuardians, specializing in the penetration testing of web applications, networks, and embedded devices, especially those pertaining to the Smart Grid. Justin is an active member of ASAP-SG (Advanced Security Acceleration Project for the Smart Grid) and led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628. Previously, Justin served as JetBlue Airway’s IT Security Architect, and has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities and corporations. Justin has presented at top security conferences including Black Hat, DEFCON, ToorCon, ShmooCon, and SANS. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudnum.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats