ICSS 2016 Industrial Control System Security Workshop, Held in conjunction with 32nd Annual Computer Security Applications Conference (ACSAC), Los Angeles, California, December 6, 2016 (Submissions due 19 September 2016) Supervisory control and data acquisition (SCADA) and industrial control systems monitor and control a wide range of industrial and infrastructure processes such as water treatment, power generation and transmission, oil and gas refining and steal manufacturing. Such systems are usually built using a variety of commodity computer and networking components, and are becoming increasingly interconnected with corporate and other Internet-visible networks. As a result, they face significant threats from internal and external actors. For example, in 2010 the Stuxnet malware was specifically written to attack SCADA systems and caused millions of dollars in damages. The critical requirement for high availability in SCADA and industrial control systems, along with the use of resource constrained computing devices, legacy operating systems and proprietary software applications limits the applicability of traditional information security solutions. The goal of this workshop is to explore new security techniques that are applicable in the control systems context. Papers of interest including (but not limited to) the following subject categories are solicited: Intrusion detection and prevention Malware Vulnerability analysis and risk management Digital forensics Virtualization Application security Performance evaluation of security methods and tools in control systems Cybersecurity Education For more information, please see https://www.acsac.org/2016/workshops/icss/