Workshop Agenda

Note: Subject to change

Thursday, June 18, 2026

Masterclass / Workshop: The Influence of AI and ML Agents on ICS Cybersecurity in the Electric Sector

Day 3 of the Symposium focuses on one of the most urgent and rapidly evolving challenges facing the electric sector: the influence of AI and machine learning agents on industrial control system cybersecurity. This interactive workshop is designed for OT security practitioners and critical infrastructure operators who are ready to move beyond theory and examine the documented realities of AI-enabled cyber threats.

Drawing on recent research and real-world incidents, the program will explore how AI can accelerate reconnaissance, vulnerability discovery, and coordinated attacks across IT/OT environments, while also examining the governance, authentication, and operational guardrails required for responsible deployment of AI within critical energy systems. Structured around both the offensive and defensive dimensions of AI in ICS environments, the day emphasizes practical engagement, technical depth, and open discussion of the unresolved challenges utilities and operators must address now.

8:00 – 9:00 am
Welcome Coffee

9:00 – 10:15 am
Session 1: The Threat is Already Here
Making the case with evidence: what AI-enabled adversaries can now do to critical infrastructure, and why the current defender posture is insufficient. This is not an argument about future risk; it is a presentation of present capability.

Glasswing and Claude Mythos Preview
PNNL’s ALOHA (Agentic LLMs for Offensive Heuristic Automation) system
AI's chained attack problem and patching the gap
The Poland December 2025 event
The aggregation problem specific to energy

10:15 – 10:45 am
Networking Coffee Break

10:45 – 12:00 pm
Session 2: The Adversary's Toolkit
How AI-enabled attacks on OT environments actually work: reconnaissance, chaining, protocol exploitation, and cyber-physical simulation as a testing environment. The aim is not to provide an attack tutorial but to give defenders a precise understanding of the attack surface they are working against. Practitioners cannot design effective guardrails without knowing what they are guarding against.

AI-automated reconnaissance in OT environments
The IT/OT boundary as the primary entry point
Protocol-level vectors
OCPP and distributed energy resources
ALOHA in practice

12:00 – 1:00 pm
Lunch

1:00 – 2:15 pm
Session 3: The Integrity Stack -- Data, Models, Compute, and Provenance
A systematic examination of where the AI pipeline can be corrupted in OT deployments, and what that means for operators who are beginning to depend on AI-derived outputs for operational decisions.

Data provenance and poisoning
Model provenance and compute integrity
Cascading failure modes in non-deterministic systems
OCPP and distributed energy resources
Building AI capability that degrades gracefully when training assumptions fail

2:15 – 2:45 pm
Lunch

2:45 – 3:30 pm
Session 4: Guardrails, Governance, and Operational Practice
From architecture to action: governing AI agents in OT environments, and an open discussion of what practitioners are actually doing and what the hardest unsolved problems are.

Identifying and authenticating AI agents operating within or adjacent to OT systems
Input and output guardrails
Governance frameworks
Agents operating without human interaction
Workforce implications: what skills operators need as AI becomes part of the OT stack

3:30 – 4:00 pm
Open Discussion
What the room is actually doing, what is not yet solved, and what the priorities are

Workshop Agenda

Get in touch

Use this form to reach out to us concerning the Symposium. We will get back to you promptly!