Presentation will discuss practical aspects of SCADA protocol security, and includes work from my MSc In Ethical Hacking & Cybersecurity dissertation "Enumeration and Attack Tools for the DNP3 SCADA Protocol Used in the Energy Industry"

Topics covered:
What SCADA protocols are and where are they used
Why some of them are inherently insecure
How threat actors have used SCADA protocols to compromise real OT systems
Technical coverage of DNP3 including:
* Overview of DNP3 protocol
* Demonstration of custom tools (replicating threat actor capabilities):
* How DNP3 can be enumerated
* MITM data manipulation attacks compromising data integrity
* Direct protocol injection commands
* Details on DNP3 specific security settings
General practical measures to improve the security of SCADA systems