The 1st International Workshop on
Cyber-Physical Security for Critical Infrastructures Protection
Co-located with ESORICS 2020
Important dates
Submission: Jul 12 '20
Notification: Aug 7 '20
Camera-ready: Aug 20 '20
Submission site
Organization
General Chairs
Habtamu Abie, Norwegian Computing Center, Norway
Silvio Ranise, Fondazione Bruno Kessler (FBK), Italy
PC Chairs
Luca Verderame, University of Genova, Italy
Enrico Cambiaso, National Research Council (CNR), Italy
Rita Ugarelli, SINTEF, Norway
Gabriele Giunta, Engineering Ingegneria Informatica, Italy
Isabel Praça, GECAD/ISEP, Portugal
Federica Battisti, Università degli Studi Roma Tre, Italy
Program Committee
Dieter Gollmann, Hamburg University of Technology, Germany
Sokratis Katsikas, Norwegian University of Science and Technology, Norway
Javier Lopez, University of Malaga, Spain
Fabio Martinelli, IIT-CNR, Italy
Einar Arthur Snekkenes, Norwegian University of Science and Technology, Norway
Omri Soceanu, IBM Research, Israel
Stamatis Karnouskos, SAP Research, Germany
Reijo Savola, VTT Technical Research Centre of Finland, Finland
Alessandro Armando, University of Genoa, Italy
Alessio Merlo, University of Genoa, Italy
Cristina Alcaraz, University of Malaga, Spain
Giovanni Livraga, University of Milan, Italy
Gustavo Gonzalez-Granadillo, Atos Spain, Spain
Stefan Poslad, Queen Mary University of London, UK
Shouhuai Xu, University of Texas at San Antonio, USA
Christos Xenakis, University of Piraeus, Greece
Mauro Conti, University of Padua, Italy
Denis Caleta, Institute for Corporate Security Studies, Slovenia
Ali Dehghantanha, University of Guelph, Canada
Dušan Gabrielčič, Institute Jozef Stefan, Slovenia
Nikolaus Wirtz, Institute for Automation of Complex Power Systems RWTH Aachen University, Germany
Theodore Zahariadis, The National and Kapodistrian University of Athens, Greece
Adrien Bécue, AIRBUS Cyber Security, France
Lorenzo Sutton, Engineering Ingegneria Informatica spa, Italy
Harsha Ratnaweera, Norwegian University of Life Sciences, Norway
Volodymyr V. Tarabara, Michigan State University, USA
Christos Makropoulos, National Technical University of Athens, Greece
Alessandro Neri, Università degli Studi Roma Tre, Italy
Christos Makropoulos, National Technical University of Athens, Greece
Stefano Panzieri, Università degli Studi Roma Tre, Italy
David Tipping, Cornell University, Australia
Dionysis Nikolopoulos, National Technical University of Athens, Greece
Véronique Legrand, Cnam, France
Ioan Constantin, Orange Romania, Romania
Tim Stelkens-Kobsch, German Aerospace Center (DLR), Germany
Matteo Mangini, Network Integration and Solutions S.r.l., Italy
Mirjam Fehling-Kaschek, Fraunhofer Institute for High-Speed Dynamics, Germany
Vasileios Kazoukas, Center for Security Studies (KEMEA), Greece
Post proceedings are now available online
The Springer LNCS volume 12618 that contains revised and selected papers from last year edition of the workshop is now available.
Special issue
We are happy to announce that a special issue of the Journal of Cybersecurity and Privacy entitled "Cyber-Physical Security for Critical Infrastructures" is planned as a follow up to the workshop.
The submission will be open and we encourage the authors of papers presented at the workshop to extend their work and submit them to the special issue.
The deadline for manuscript submissions is March 31, 2021. All the information concerning the special issue can be found at the following page: https://www.mdpi.com/journal/jcp/special_issues/Cyber-Physical_Security.
Program
Friday, 18th September 2020
09:00 – 09:45 WELCOME by workshop chairs & KEYNOTE 1
Chairs: Habtamu Abie & Silvio Ranise
Digital Twins in Industrial Ecosystems: Challenges, Security Issues and Countermeasures
Cristina Alcaraz, University of Málaga
09:45 – 10:45 SESSION 1: Security Threat Intelligence
Chairs: Habtamu Abie & Silvio Ranise
Privacy-Preserving CCTV Analytics for Cyber-Physical Threat Intelligence
Abstract video link: https://www.youtube.com/watch?edufilter=NULL&v=Gbr9d7tLYKY
Jürgen Neises, Adrien Besse and Jean-Baptiste Rouquier
TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
Abstract video link: https://youtu.be/oM9se6e1HV0
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta and Alessandro Tomasi
Cyber Threat Monitoring Systems - Comparing attack detection performance of ensemble algorithms
Eva Maia, Bruno Reis, Isabel Praça, Adrien Becue, David Lancelin, Samantha Dauguet Demailly and Orlando Sousa
FINSTIX: a Cyber-Physical Data Model for Financial Critical Infrastructures
Abstract video link: https://youtu.be/-eRYoizOSBg
Giorgia Gazzarata, Ernesto Troiano, Luca Verderame, Maurizio Aiello, Ivan Vaccari, Enrico Cambiaso and Alessio Merlo
10:45 - 11:00 BREAK
11:00 – 11:45 SESSION 2: Data Anomaly detection: Predict & Prevent
Chairs: Isabel Praça
Inferring anomaly situation from multiple data sources in Cyber Physical Systems
Abstract video link: https://youtu.be/9chmYUnJB-w
Sara Baldoni, Giuseppe Celozzi, Alessandro Neri, Marco Carli and Federica Battisti
Fusing RGB and Thermal Imagery with Channel State Information for Abnormal Activity Detection using Multimodal Bidirectional LSTM
Abstract video link: https://youtu.be/iSN3Y92ZTh0
Nikolaos Bakalos, Athanasios Voulodimos, Nikolaos Doulamis, Anastasios Doulamis, Kassiani Papasotiriou and Matthaios Bimpas
A Cloud-Based Anomaly Detection for IoT Big Data
Omri Soceanu, Allon Adir, Lev Greenberg, Ehud Aharoni and Habtamu Abie
11:45 - 12:00 BREAK
12:00 – 12:30 SESSION 3: Computer Vision & Dataset for Security
Chairs: Federica Battisti
An advanced Framework for Critical Infrastructure Protection using computer vision technologies
Abstract video link: https://youtu.be/dxMirSzbziQ
Krishna Chandramouli and Ebroul Izquierdo
A Comprehensive Dataset from a Smart Grid Testbed for Machine Learning based CPS Security Research
Abstract video link: https://youtu.be/HcSYNoxoEZk
Chuadhry Mujeeb Ahmed and Nandha Kumar
12:30 - 13:30 BREAK
13:30 - 14:00 KEYNOTE 2
Chairs: Federica Battisti
Cyber physical security in automotive: the new challenge for smart cities
Abstract video link: https://youtu.be/ldo63FrRbHg
Federica Pascucci, Roma Tre University
14:00 – 14:45 SESSION 4: Security Management & Governance
Chairs: Rita Ugarelli
Cross-Domain Security Asset Management for Healthcare
Abstract video link: https://youtu.be/3xWq0PNLkQc
Federico Stirano, Francesco Lubrano, Giacomo Vitali, Giuseppe Varavallo, Paolo Petrucci and Fabrizio Bertone
Towards a global CIs’ cyber-physical security management and joint coordination approach
Abstract video link: https://youtu.be/FYORiS4vKXE
Vasiliki Mantzana, Eftichia Georgiou, Anna Gazi, Ilias Gkotsis, Ioannis Chasiotis and Georgios Eftychidis
Toward a Context-Aware Methodology for Information Security Governance Assessment Validation
Abstract video link: https://youtu.be/W1TR0QmsxZE
Marco Angelini, Silvia Bonomi, Claudio Ciccotelli and Alessandro Palma
14:45 - 15:00 BREAK
15:00 – 15:30 SESSION 5: Impact Propagation & Power Traffic Analysis
Chairs: Luca Verderame
Impact Propagation in Airport Systems
Corinna Koepke, Kushal Srivastava, Louis Koenig, Natalie Miller, Mirjam Fehling-Kaschek, Kelly Burke, Matteo Mangini, Isabel Parca, Alda Canito, Olga Carvalho, Filipe Apolinario, Nelson Escravana, Nils Carstengerdes and Tim Stelkens-Kobsch
A Comparative Analysis of Emulated and Real IEC-104 Spontaneous Traffic in Power System Networks
Abstract video link: https://youtu.be/irEVXh3v7_c
Chih-Yuan Lin and Simin Nadjm-Tehrani
15:30 - 16:00 CLOSING & PLANNING
Chairs: Habtamu Abie & Silvio Ranise
Keynotes
Tile: Digital Twins in Industrial Ecosystems: Challenges, Security Issues and Countermeasures
Speaker: Cristina Alcaraz
Abstract: Increasingly, we are witnessing how the new information technologies are being introduced into industrial systems to modernize their ecosystems and optimize services. One of the most novelty technologies in this field is precisely the Digital Twin, which allows to simulate states of the physical world, predict behaviour and improve the quality of the product, service or system (e.g., a manufacturing system, a Smart Grid system or a nuclear plant). However, in this adaptation we must also be aware of: (i) the new challenges that this technology could require for its implementation in complex and critical systems; (ii) the security issues that this technology could bring in critical contexts; and (iii) the countermeasures that we should be considered in the future.
Biography: Prof. Cristina Alcaraz is an Associate Professor in the Computer Science Department at the University of Málaga. She has been awarded two competitive postdoctoral fellowships: Marie-Curie in 2012 and Ramón-y-Cajal in 2015, and was a guest researcher at NIST (2011–2012) visiting later the Royal Holloway (2012–2014, under the Marie-Curie fellowship), UCBM (2017, Rome) and the University of Piraeus (2019, Athens). She has been involved in European (e.g., FACIES, SealedGRID and CyberSec4Europe) and national research projects (e.g., SADECEI-4.0, SADCIP, PERSIST, PISCIS, SECRET, TIGRIS), focusing on topics related to CIP (security in Smart Grids, SCADA systems, cyber-physical systems and Industry 4.0) and Digital Twins security. So far, she has more than 75 publications and serves on international conference committees and on Editorial Boards of journals in CIP and information security.
Title: Cyber physical security in automotive: the new challenge for smart cities
Speaker: Federica Pascucci
Abstract: The advent of the Internet of things and connected technologies has enabled large changes in real-life applications. Autonomous car, that was a main dream in science fiction for a long time, is becoming a real consumer-level object as several companies start developing their own models. While autonomous vehicles have the potential to reshape transport and society, reducing air pollution and traffic congestion, one of the major issues facing developers is their security. Since autonomous cars are cyber physical systems, security vulnerabilities turn to be far more dangerous than malicious email or stolen private data. Malicious attacks to autonomous vehicle can physically harm passengers or pedestrians or compromise the transportation system. In this talk, the security issues related with vehicle-to-everything communication are addressed: this system will enable most of the services provided for the transportation system in future smart cities.
Biography: Federica PASCUCCI received the Laurea Degree (M.S.) in Computer Science and Control Engineering from University of Roma Tre in 2000 and the PhD Degree in Systems Engineering from the University of Rome “La Sapienza” in 2004. Since 2006, she is Assistant Professor of Robotics and Automatic Control at the University of Roma Tre. Her research interests are in the field of robotics, cyber-physical systems, analysis and design of networked embedded control systems, with applications to sensor actuators networks. She addresses resilient design of cyber-physical systems and critical infrastructures. He has published over 100 journal and conference papers and book chapters. With the MCIP-Lab group, she has been principal investigator in several European re- search projects (FP7 ECHORD, RISING, REFIRE) and in many national projects (RAMPS, EXPLORERS, Smart Environments, MISE-ENEA PAR projects).
Accepted papers
Corinna Koepke, Kushal Srivastava, Louis Koenig, Natalie Miller, Mirjam Fehling-Kaschek, Kelly Burke, Matteo Mangini, Isabel Parca, Alda Canito, Olga Carvalho, Filipe Apolinario, Nelson Escravana, Nils Carstengerdes and Tim Stelkens-Kobsch. Impact Propagation in Airport Systems
Jürgen Neises, Adrien Besse and Jean-Baptiste Rouquier. Privacy-Preserving CCTV Analytics for Cyber-Physical Threat Intelligence
Chih-Yuan Lin and Simin Nadjm-Tehrani. A Comparative Analysis of Emulated and Real IEC-104 Spontaneous Traffic in Power System Networks
Krishna Chandramouli and Ebroul Izquierdo. An advanced Framework for Critical Infrastructure Protection
Sara Baldoni, Giuseppe Celozzi, Alessandro Neri, Marco Carli and Federica Battisti. Inferring anomaly situation from multiple data sources in Cyber Physical Systems
Federico Stirano, Francesco Lubrano, Giacomo Vitali, Giuseppe Varavallo, Paolo Petrucci and Fabrizio Bertone. Cross-Domain Security Asset Management for Healthcare
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta and Alessandro Tomasi. TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
Eva Maia, Bruno Reis, Isabel Praça, Adrien Becue, David Lancelin, Samantha Dauguet Demailly and Orlando Sousa. Cyber Threat Monitoring Systems - Comparing attack detection performance of ensemble algorithms
Vasiliki Mantzana, Eftichia Georgiou, Anna Gazi, Ilias Gkotsis, Ioannis Chasiotis and Georgios Eftychidis. Towards a global CIs’ cyber-physical security management and joint coordination approach
Marco Angelini, Silvia Bonomi, Claudio Ciccotelli and Alessandro Palma. Toward a Context-Aware Methodology for Information Security Governance Assessment Validation
Chuadhry Mujeeb Ahmed and Nandha Kumar. A Comprehensive Dataset from a Smart Grid Testbed for Machine Learning based CPS Security Research
Nikolaos Bakalos, Athanasios Voulodimos, Nikolaos Doulamis, Anastasios Doulamis, Kassiani Papasotiriou and Matthaios Bimpas. Fusing RGB and Thermal Imagery with Channel State Information for Abnormal Activity Detection using Multimodal Bidirectional LSTM
Giorgia Gazzarata, Ernesto Troiano, Luca Verderame, Maurizio Aiello, Ivan Vaccari, Enrico Cambiaso and Alessio Merlo. FINSTIX: a Cyber-Physical Data Model for Financial Critical Infrastructures
Omri Soceanu, Allon Adir, Lev Greenberg, Ehud Aharoni and Habtamu Abie. A Cloud-Based Anomaly Detection for IoT Big Data
About the COVID-19 emergency
Being a colocated event, the workshop will follow the decisions of the ESORICS organizing committee, that at the moment are:
The safety and well-being of all conference participants is our priority. After evaluating the ongoing COVID-19 situation, the decision has been made to run ESORICS 2020 and the associated workshops as an all-digital conference experience, and it will now be an online event. Therefore, ESORICS 2020 will take place as entirely virtual. The conference and workshop dates remain the same: September 14 - 18, 2020.
The conference proceedings will be published in the LNCS series as planned. Springer have committed to publishing LNCS proceedings even in the event that conferences are cancelled, held virtually, or postponed.
Scope
CPS4CIP’20 is the first workshop dedicated to the cyber-physical security for protecting critical infrastructures that support finance, energy, health, air transport, communication, gas, and water. The secure operation of these critical infrastructures is essential to the security of a nation, its economy, and the public's health and safety. Security incidents in the critical infrastructures can directly lead to a violation of users’ safety and privacy, physical damages, significant economic impacts on individuals and companies, and threats to human life while decreasing trust in institutions and questioning their social value. Because of the increasing interconnection between the digital and physical worlds, these infrastructures and services are more critical, sophisticated and interconnected than ever before. This makes them increasingly vulnerable to attacks, as confirmed by the steady rise of cyber-security incidents, such as phishing or ransomware, but also cyber-physical incidents, such as physical violation of devices or facilities in conjunction with malicious cyber activities.
To address all these challenges, the CPS4CIP workshop has the objective of bringing together security researchers and practitioners from the various verticals of critical infrastructures (such as the financial, energy, health, air transport, communication, gas and water domains) to rethink cyber-physical security in the light of latest technology developments; e.g., Cloud Computing, Blockchain, Big Data, AI, Internet-of-Things (IoT). Specifically, value will be given to contributions focusing on the interplay between the digital and physical aspects of security problems and capable to foster new, intelligent, collaborative and more dynamic approaches to detect, prevent and mitigate security incidents, such as (i) intelligent monitoring and data collection of security-related information; (ii) predictive analytics over the collected data based on AI-based (i.e., deep learning mechanisms) that enable the identification of complex attack patterns; (iii) triggering of preventive and mitigation measures in advance of the occurrence of the attack; (iv) allowing all stakeholders to collaborate in vulnerability assessment, risk analysis, threat identification, threat mitigation, and compliance.
The workshop will provide a forum for dissemination, demonstration and discussion of original scientific and experimental results of cyber-physical security of critical infrastructures and services.
Topics of Interest
CPS4CIP invites submissions that present innovative ideas, proof of concepts, use cases, experience reports, and results from a variety of topics relevant to the security of critical infrastructures and services. Topics of interest include, but are not limited to:
AI, deep learning for predictive security of Critical Infrastructures
Integrated (cyber & physical) security
Collaborative risk assessment/mitigation in supply chains
Complex threats and their cascading effects
Adaptive anomaly detection
Blockchain solutions for cyber and data security of critical infrastructures
Risk Assessment and management
Identification, assessment, and mitigation of cyber-physical threats
Automated vulnerability assessment and penetration testing services
Privacy preserving data collection and analytics
Dynamic security knowledge base
Measuring Security Levels in critical infrastructures
Adaptive security-related data collection
AI CCTV analytics
Security compliance services
Automation for detection, prevention and mitigation measures
Submission Guidelines
Submissions are to be made to the submission web site in pdf format. At least one author of each accepted paper is required to register and present their work at the workshop; otherwise the paper will not be included in the proceedings.
Submitted papers must not substantially overlap with papers that have been published or that have been simultaneously submitted to a journal or a conference with proceedings. Submissions should be at most 16 pages long (full paper), or 8 pages (short paper) including the bibliography and appendices, and should follow the LNCS style.
Pre-proceedings will be made available at the workshop. Accepted conference papers are planned to be published by Springer in the LNCS collection.
Support
The workshop is supported by the projects of the European Cluster for Securing Critical Infrastructures (ECSCI), namely