Secure Rail 2016 Sessions


*This is the 2017 schedule. The 2018 schedule will be available in December 2017.


2017 CEUs

Wednesday April 5

8:00 AM – 9:00 AM

Railroad Cyber Risk Management Panel

Risk management (primarily cyber) is changing for railroads. With the increase of the Internet and Things (IoT) and Positive Train Control (PTC), are railroads able to properly secure and manage these changes in technology? This panel discussion will take a look at how railroads and vendors are working to manage and decrease these risks.

 Track: Secure Rail

 Presented by: J. Alex Lang, Chief Information Officer Carload Express, Biff Myre, Director, Solutions OnX Managed Services, Inc., Ron Schlecht, Managing Partner BTB Security, Nick Chodorow, CIO The Belt Railway Company of Chicago

 Learning Objectives:
1. Learn how shortline railroaders are coping with and addressing cybersecurity risks
2. Review how PTC vendors are handling cybersecurity
3. Understand what can be done to manage security of the Internet of Things (IoT)
4. Review how a non-Class 1 railroad ensures they aren't the breach point

 Audience:

 CEU: 0.1

View session: Railroad Cyber Risk Management Panel

9:00 AM – 9:30 AM

(Cancelled) Partnering with Local Emergency Responders

 Track: Secure Rail

 Presented by: Chip Greiner, Chief of Police Morristown & Erie Railway

 Learning Objectives:

 Audience:

 CEU: 0.1

View session: (Cancelled) Partnering with Local Emergency Responders

9:30 AM – 10:00 AM

Wednesday Morning Networking Break

 Track: Secure Rail

 Presented by: TBA ,

 Learning Objectives:

 Audience:

 CEU: 0.1

View session: Wednesday Morning Networking Break

10:00 AM – 10:30 AM

Track Intrusion Detection Systems using Multi-Sensor Analytics

Platform and track safety and security are prime concerns for many transit agencies worldwide. Accurately detecting and providing real-time situational analysis for people and objects who enter or fall into the track bed is crucial to transit safety and security. The talk will examine how the use of multi-sensor technologies, including real-time LIDAR and video analytics, create a robust solution that enables rapid analysis, feedback and response to track intrusion.

 Track: Secure Rail

 Presented by: Scott Carns, Vice President of Operations Duos Technologies, Inc.

 Learning Objectives:
1. Review using multi-sensor deployments for robust and accurate detections
2. Verify how to increase situational awareness and rapid response with centralized monitoring and routing
3. Learn about synergistic value added capabilities

 Audience:

 CEU: 0.1

View session: Track Intrusion Detection Systems using Multi-Sensor Analytics

10:30 AM – 11:30 AM

TSA Office of Security Operations (OSO) Surface Outreach Programs

I-STEP brings public and private sector partners together to conduct exercises, train, share information, and address transportation security issues to protect travelers, commerce, and infrastructure. I-STEP is the only federal exercise program to focus on the security nexus of the transportation environment. As a result, it not only reduces risk to individual systems, but the entire transportation network.

 Track: Secure Rail

 Presented by: Hans D. Hayes, Transportation Security Inspector, OSO Compliance Transportation Security Administration, Edward Malinowicz, Transportation Security Inspector, OSO Compliance Transportation Security Administration, Edison Velez, Transportation Security Inspector, OSO Compliance Transportation Security Administration

 Learning Objectives:
1. Understand TSA's Baseline Assessment for Security Enhancement (BASE)
2. Review TSA's Risk Mitigation Activities for Surface Transportation (RMAST)
3. Explain TSA's Exercise Information System (Exis) Program

 Audience:

 CEU: 0.1

View session: TSA Office of Security Operations (OSO) Surface Outreach Programs

11:30 AM – 1:00 PM

Wednesday Lunch and Exhibits

 Track: Secure Rail

 Presented by: Secure Rail Conference,

 Learning Objectives:

 Audience:

 CEU: 0.1

View session: Wednesday Lunch and Exhibits

1:00 PM – 1:30 PM

Assessing Security Risk in Rail Transit

Identifying, assessing and addressing security risk in a rail transit environment requires a process that takes into consideration the likelihood of a threat - or vulnerability of the target to the threat - and the consequence of the incident. It differs from assessing safety risk in that the methodology must consider the element of intent to do harm. Agencies do not have unlimited resources, therefore using a process that helps inform where the greatest potential risk lies can assist in prioritizing the use of those limited resources. It is also critical to understand what elements are actually under the control of the rail agency. Rarely can they impact the threat itself, but they have substantial opportunity to impact the vulnerability of the agency to the threat, and therefore impact the outcome.

 Track: Secure Rail

 Presented by: Pamela McCombe, Technical Manager, Transit and Rail Systems WSP/Parsons Brinckerhoff

 Learning Objectives:
1. Define a process and methodology to assess security risk
2. State the prioritization of the application of resources to impact security risk
3. Learn about the elements that comprise risk that are within the agency's control

 Audience:

 CEU: 0.1

View session: Assessing Security Risk in Rail Transit

1:30 PM – 2:00 PM

Deployable Small Form Factor Network Monitoring and Analysis Solution for Wayside PTC Network

This case study provides a deep-dive into CSX’s new rugged, small form factor deployable network monitoring and analysis solution used to analyze CSX’s wayside PTC network. The system utilizes enterprise technology from Net Scout that integrates with CSX’s enterprise level network monitoring and is packaged into a small transportable kit enabling rapid, in-field spot monitoring at a moment’s notice. The speakers will share requirements and environmental constraints, the solution architecture and detailed design and lessons learned. Attendees will learn how to build similar systems for themselves.

 Track: Secure Rail

 Presented by: Steven Bowen, Senior Commercial Business Development Manager PacStar, Jim Lubcke, Manager, Systems Solutions Integration CSX

 Learning Objectives:
1. Review a case study for networking troubleshooting, diagnostics at the wayside locations ensuring integrity and availability of PTC networks
2. VoIP and RoIP performance monitoring at the edge of the network
3. Environmental constraints in deploying technology at wayside locations
4. Methods to deploy enterprise commercial off the shelf (COTS) solutions for ruggedized operational IT solutions at the edge of the network

 Audience:

 CEU: 0.1

View session: Deployable Small Form Factor Network Monitoring and Analysis Solution for Wayside PTC Network

2:00 PM – 2:30 PM

Rail Security 15 years after 911. Are We Safer?

The rail industry has made significant strides in rail security, particularly with respect to the transportation of hazardous materials while in transit. This session will review the current state of rail security with an emphasis on legislative and voluntary actions to reduce vulnerabilities – particularly with respect to HazMat shipments. Despite the improvements, the world has changed in the past 15 years. The session will review specific vulnerabilities as they relate to recent terrorist tactics, and will put forth recommendations to further strengthen the U.S. rail network.

 Track: Secure Rail

 Presented by: Richard Flynn, Principal NorthEast Logistics Systems

 Learning Objectives:
1. Gain an understanding of current federal regulatory and rule-making requirements and the agencies designated to ensure compliance
2. Discuss how these legislative actions are administered on a day-to-day basis and gain an understanding of the risk-based approach formulated by federal agencies
3. Understand remaining vulnerabilities and suggested strategies to ensure continuous improvement – taking into account both rail network changes and evolving terrorist tactics

 Audience:

 CEU: 0.1

View session: Rail Security 15 years after 911. Are We Safer?

2:30 PM – 3:00 PM

Homeland Security Implications of Proposed Dallas-Houston HSR

A private corporation is proposing a high-speed intercity passenger train system to operate between Dallas and Houston using Japanese technology and methods. This project brings with it an array of unique and unprecedented homeland security issues with implications for law enforcement, cybersecurity, intelligence, privacy, screening, psychological and mental health effects, and community involvement. A modern high-speed rail system is a network of potential vulnerabilities, and terrorist groups have identified public transportation as desirable targets. Should there be separate homeland security standards for true high-speed rail?

 Track: Secure Rail

 Presented by: Steven Polunsky, Research Scientist Texas A&M Transportation Institute

 Learning Objectives:
1. Specify the project description that is unique and unprecedented in the U.S.
2. Learn about the potential vulnerabilities and likely threats of this project
3. Review the possible avenues for addressing vulnerabilities and threats

 Audience:

 CEU: 0.1

View session: Homeland Security Implications of Proposed Dallas-Houston HSR

3:30 PM – 4:30 PM

Corporate Risk – A New Perspective

Risk Management is perceived as the model risk structure for risk oversight and strategic risk assessment. In an ever-evolving environment that transcends insurance and claims, should a new risk model be considered that encompasses all facets of risk from environmental to terrorism?

 Track: Secure Rail

 Presented by: Laird Pitz, Vice President & Chief Risk Officer CP

 Learning Objectives:
1. Examine the evolution of risk management, its construct and reporting function in corporate structures
2. Does this work in the current risk environment
3. Explore an alternative risk structure and perspectives for managing risk going forward

 Audience:

 CEU: 0.1

View session: Corporate Risk – A New Perspective

4:30 PM – 5:00 PM

No Files, No Downloads, No Headaches: File and Asset Data Security of the Future

In an increasingly connected world, we demand information instantly. We get instant updates on news, traffic, and more. The locomotives that transport our families and materials should be monitored with that very same care. This lecture presents how streaming event recorder information protects railroads and crews by putting critical event recorder and video data in their hands instantly when they need it most. Learn how the concept of file-less data secures file security and reduces risk of unwanted distribution of data. All this real-time information and secure data delivers the health status of your PTC system to ensure that it is working properly to keep people safe.

 Track: Secure Rail

 Presented by: Larry Jordan, President Wi-Tronix

 Learning Objectives:
1. Understand how eliminating event recorder and video files/downloads significantly reduces file security issues and greatly improves technology security
2. Learn how to leverage your Positive Train Control (PTC) investment by remotely verifying and monitoring its health status
3. Understand how to reduce risk and keep crews safe with remote monitoring

 Audience:

 CEU: 0.1

View session: No Files, No Downloads, No Headaches: File and Asset Data Security of the Future

5:00 PM – 5:30 AM

Critical Incident on a Train

This presentation focuses on an in-depth training program designed for train crews, giving specific actions to take when a critical incident begins, through to when the train actually stops. The program instructs engineers on procedures regarding location of stop and radioing for assistance once an emergency is declared, and it provides crews with the emergency decision making skills to perform in a dangerous environment under pressure and stress.

 Track: Secure Rail

 Presented by: Paul Riggio, Commander Metra Police Department

 Learning Objectives:
1. Present an all hazard approach to a life threatening environment on a commuter rail coach car
2. Provide specific instructions on what a train crew can do during the 60 to 90 seconds it takes the train to stop to minimize loss of life
3. Learn how to empower train crews to take charge and employ emergency decision making skills during a life threatening incident on a train
4. Review a program written and designed for on board train crews already proficient in medical emergencies, evacuation, etc.

 Audience:

 CEU: 0.1

View session: Critical Incident on a Train

5:30 PM – 6:30 PM

Networking Reception

 Track: Secure Rail

 Presented by: Secure Rail Conference,

 Learning Objectives:

 Audience:

 CEU: 0.1

View session: Networking Reception

Thursday April 6

8:30 AM – 9:00 AM

How to Remotely Monitor Your Trackside Cabinets and Telecom Sites

You're responsible for mission-critical trackside and telecom facilities. Learn how to remotely monitor and control your equipment. Avoid wasteful (and sometimes even dangerous) site visits. Protect your revenue by maximizing uptime. Boost profitability by minimizing waste. By interviewing his clients, Andrew has assembled a collection of best practices that are used by industry-leading railroads worldwide. You may not need every one of his tips (maybe you don't have to deal with temperatures below -40 degrees), but you can directly benefit from these proven remote management techniques.

 Track: Secure Rail

 Presented by: Andrew Erickson, Director of Marketing DPS Telecom

 Learning Objectives:
1. Understand basic remote-monitoring architecture & methods
2. Discuss best practices for monitoring trackside enclosures
3. Identify best practices for monitoring telecom huts
4. Discover advanced techniques like generator-tank balancing for superior propane vaporization

 Audience:

 CEU: 0.1

View session: How to Remotely Monitor Your Trackside Cabinets and Telecom Sites

9:00 AM – 9:30 AM

Leveraging Internal Control and Audit to Address Cyber Threats and Risks

Modern rail systems face increasing cyber threats, which can negatively impact the safety and reliability of the infrastructure. This presentation will discuss how to integrate internal control and audit into the security framework to address the risks posed by these threats. Be prepared to meet the challenges of cyber-attacks.

 Track: Secure Rail

 Presented by: Immanuel Triea, Senior Director of Information Security Gannett Fleming, Inc.

 Learning Objectives:
1. Understand how internal control is constructed
2. Understand how risk assessment plays a part in internal control
3. Identify where audit fits into the security framework
4. Identify the different security audit mechanisms and evaluate how they contribute to the security framework

 Audience:

 CEU: 0.1

View session: Leveraging Internal Control and Audit to Address Cyber Threats and Risks

10:00 AM – 10:30 AM

How to Hack a Train, Safely: Rail Cyber Risk, Testing Methodologies and Techniques

In this talk, Jim McKenney will discuss how to gain support for cyber security testing, how to apply common frameworks to rail environment and discuss methodologies that could be used to asses cyber risk to operational environments such as rail.

 Track: Secure Rail

 Presented by: Jim McKenney, Solutions Architect - Operational Technology CSX

 Learning Objectives:
1. Discuss how to gain support for cyber security testing
2. Discuss how to apply common frameworks such as NIST’s Cyber Security Framework to field technologies
3. Discuss different methodologies that could be used to assess cyber risk to rail
4. Understand how to build, gain support for similar cyber risk programs

 Audience:

 CEU: 0.1

View session: How to Hack a Train, Safely: Rail Cyber Risk, Testing Methodologies and Techniques

10:30 AM – 11:00 AM

Securing people, assets and technology at Amsterdam Central Station

By using remotely controlled shunts, monitoring systems, predictive algorithms and a secured cloud system, not only has the safety of track workers increased significantly, but assets are better controlled. This has resulted in fewer failures, higher availability of track and less unforseen maintenance. Other effects: lower costs and greenhouse gas reduction.

 Track: Secure Rail

 Presented by: Ellen Linnenkamp , Managing Director Strukton Rail North America, Lex van der Poel, Director Dual Inventive

 Learning Objectives:
1. Review how to work safer
2. Learn how to use new technology to minimize (unnecessary) worker’s time in track, thus minimizing potential accidents/collisions
3. Understand how to optimally secure assets
4. Examine how to minimize the animosity between operations and maintenance and improve track worker and passenger safety

 Audience:

 CEU: 0.1

View session: Securing people, assets and technology at Amsterdam Central Station

11:00 AM – 11:30 AM

The Standard Dilemma

We often look to standards compliance as a mark of significant achievement. We demand attestation from our vendors and business partners. From a purely compliance and risk management standpoint, there is some merit to utilizing a standards-based approach. Certifications look good on paper and limit investigations from 3rd parties, but does this approach make us more or less secure?

 Track: Secure Rail

 Presented by: Nick Percoco, Chief Information Security Officer Uptake

 Learning Objectives:
1. Learn the back story behind the development of security standards designed to improve large populations of industry assets
2. Understand the differences between security and compliance and the implications of confusing the two
3. Learn methods to move beyond the typical security program approaches that yield little to no results towards their objectives
4. Identify ways to instill a greater purpose into those designing and building critical assets making the entire security program more effective

 Audience:

 CEU: 0.1

View session: The Standard Dilemma

11:30 AM – 1:00 PM

Thursday Lunch and Exhibits

 Track: Secure Rail

 Presented by: Secure Rail Conference,

 Learning Objectives:

 Audience:

 CEU: 0.1

View session: Thursday Lunch and Exhibits

1:00 PM – 1:30 PM

A Conceptual Risk Assessment Model for Maritime to Rail Intermodal Service

For more than 30 years, containerized ocean freight has been a significant growth segment for U.S. railroads and their intermodal operations, but it has also become a growing security concern for supply chain members as well as other stakeholders ; both public and private. This research first endeavors to identify those risk factors associated with ocean containers arriving at U. S. ports, then assigns weighting factors to establish a risk assessment tool, and subsequently link it to the rail corridor risk management system (RCRMS) developed by the Federal Railroad Administration.

 Track: Secure Rail

 Presented by: Gary Gordon, P.E., Adjunct Faculty Security Studies University of Massachusetts Lowell, Richard Young, Ph.D., FCILT, Professor of Supply Chain Management The Pennsylvania State University

 Learning Objectives:
1. Develop the awareness of the need for and application of an intermodal risk assessment tool
2. Engage industry stakeholders in identifying and filling gaps in intermodal risk assessment criteria
3. Raise the awareness of stakeholders of the need to move beyond modal-specific solutions
4. Encourage further research into the potential risks unique to intermodal traffic

 Audience:

 CEU: 0.1

View session: A Conceptual Risk Assessment Model for Maritime to Rail Intermodal Service

1:30 PM – 2:00 PM

(Cancelled) Global Threat Briefing

Enterprises expanding into international markets encounter fundamental differences in education, religion, societal interaction, security threats and political instability — all of which impact business and security decisions on a global scale. With expansion comes greater responsibility and risk, prompting CEOs to establish a strong and secure infrastructure internationally. Drawing from his global exposure and decorated military leadership experience, Dale Buckner discusses how international organizations must incorporate their security organization in every aspect of the enterprise — cyber security, physical security and personnel security. Buckner explores risks, security and trends correlated to enterprise operation with an international scope, specifically in emerging, sometimes hostile, markets and economies.

 Track: Secure Rail

 Presented by: Dale Buckner, President/CEO Global Guardian

 Learning Objectives:
1. Review the new global threats to personnel
2. Review the new global threats to infrastructure
3. Review the new global threats to communications (Cyber)
4. Learn about the paradigm changes to threats on a global basis

 Audience:

 CEU: 0.1

View session: (Cancelled) Global Threat Briefing

2:00 PM – 2:30 PM

A Cybersecurity Testbed for Rail Transportation Systems

The National Institute of Standards and Technologies (NIST) is developing a cybersecurity testbed for rail transportation systems. The goal of this testbed is to measure the performance of the rail transportation systems when instrumented with cybersecurity controls. The results will lead to the publication of best practices for the deployment of cybersecurity measures on the rail transportation systems.

 Track: Secure Rail

 Presented by: CheeYee Tang, Electronics Engineer NIST

 Learning Objectives:
1. Explain NIST's cyber security testbed for rail systems
2. Discuss how to use the cyber security framework profile for the rail industry
3. Give an introduction to NIST Publication SP800-82, Guide to Industrial Control Systems (ICS) Security

 Audience:

 CEU: 0.1

View session: A Cybersecurity Testbed for Rail Transportation Systems

2:30 PM – 3:00 PM

IoT Enabled Rail People/Product/Property Secure Chain of Custody

In the near future, we anticipate thousands of computers operating for each and every human being. Ensuring that these machines (i.e. computers) are operating to serve the needs of humanity begins with enabling them to establish and maintain secure and trusted relationships with one another. It is essential that the automated identification of assets (people-product-property) is enabling these assets to establish mutual trust and maintain relationships. This session will help provide background that supports the importance of IoT in the rail and intermodal transportation corridor.

 Track: Secure Rail

 Presented by: Stewart Skomra, President & CTO TeMeDa LLC

 Learning Objectives:
1. Review Internet of Things awareness: how IoT-enabled rail can and is driving operational and business model innovations for rail and intermodal transportation
2. Understand what is a secure chain-of-custody and why it is central to our ever-evolving and technologically advancing rail and intermodal transportation ecosystem
3. Gain understanding of automatic identification technologies and their role in establishing and maintaining a secure chain-of-custody
4. Learn the historical-current-future state of wireless telecommunications industry technologies and their roles in rail and supporting secure chain-of-custody
5. Find out what the future will bring as pervasive machine intelligence serves our human experience

 Audience:

 CEU: 0.1

View session: IoT Enabled Rail People/Product/Property Secure Chain of Custody

3:00 PM – 3:30 PM

Onboard Locomotive Security Methods

With the advancement of security in the IT space, customers want to extend their data center out to their remote assets, including locomotives. This session explores the various security methods and fundamentals that can be deployed and monitored on locomotives. By extending embedded security principles to locomotive platforms such as AAR S-9101 standard hardware, the software can become part of an overall cyber-security strategy for the railroad.

 Track: Secure Rail

 Presented by: Mark Kraeling, Product Architect GE Transportation

 Learning Objectives:
1. Learn about network security methods applicable to mobile assets
2. Gain an understanding of how security could be deployed for an IT-centric mobile data center on locomotives
3. Discuss the various embedded security fundamentals and learn about their applicability to networks
4. Show demonstrations of network and unwanted intrusions and how security rules and methods can detect and intercept them

 Audience:

 CEU: 0.1

View session: Onboard Locomotive Security Methods


 

2017 Sponsors

PLATINUM





GOLD





SILVER