UPRC organized the first workshop on the 10th of September. The workshop took place in the laboratories of UPRC and was part of the international ICS-CSR 2019 Conference which took place in Athens. The workshop included three different sessions:
a) Zero Downtime: Blackout Edition is a game developed by OT security consultancy Limes Security, in order to raise awareness on OT / industrial control system security.
b) Introduction to Reverse Engineering: This workshop aimed to provide the basic knowledge and skills required for someone to begin his journey in reverse engineering. This workshop was organized by SealedGRID. Reverse engineering is the process of discovering the technological principles of a device, object, or system through analysis of its structure, function, and operation without using any specification or documentation. This workshop consisted of three chapters, the three basic ingredients for reverse engineering:
Knowledge: The background knowledge required to understand a disassembled binary. Here we focused mainly on the X86 architecture assembly language and how high-level language statements translate to series of assembly operations. Furthermore, we demonstrated architectural concepts of X86 focusing on memory allocation and management.
Skill: The toolbox of the reverse engineer. There was a presentation of the most popular tools used for reverse engineering, it was complemented with live demonstrations so that you will acquire the skills required to be able to tackle the challenge of the following chapter, “practice”.
Practice: Practice makes perfect. This was especially true in reverse engineering where one must analyze large quantities of difficult to read assembly code and try to make sense of it. A successful reverse engineer needs to invest large amounts of time in practice, that is why in this chapter the participants had the chance to apply what they learned through a challenge that will give them a glimpse of the actual reverse engineering processes.
c) ICS Challenges – Trials and Tribulations: This workshop will look at some of the challenges typically faced within ICS Security. Walkthroughs of a number of ICS-specific Capture the Flag challenges will be presented to the participants, followed by a roundtable discussion of their real-world applicability. The workshop will also include a collaborative session to identify where challenges and pain points coincide or diverge between different industry verticals.