CPS4CIP 2021

The 2nd International Workshop on Cyber-Physical Security for Critical Infrastructures Protection

Date: 8 October 2021

Location: Online

Official Website

Co-located with the ESORCIS 2021 Conference, CPS4CIP 2021 is the second workshop dedicated to cyber-physical security for protecting critical infrastructures that support finance, energy, health, air transport, communication, gas, and water. The secure operation of these critical infrastructures is essential to the security of a nation, its economy, and the public’s health and safety. Security incidents in critical infrastructures can directly lead to a violation of users’ safety and privacy, physical damages, significant economic impacts on individuals and companies, and threats to human life while decreasing trust in institutions and questioning their social value. Because of the increasing interconnection between the digital and physical worlds, these infrastructures and services are more critical, sophisticated, and interconnected than ever before. This makes them increasingly vulnerable to attacks, as confirmed by the steady rise of cyber-security incidents, such as phishing or ransomware, but also cyber-physical incidents, such as physical violation of devices or facilities in conjunction with malicious cyber activities.

To address all these challenges, the CPS4CIP workshop has the objective of bringing together security researchers and practitioners from the various verticals of critical infrastructures (such as the financial, energy, health, air transport, communication, gas, and water domains) to rethink cyber-physical security in the light of latest technology developments; e.g., Cloud Computing, Blockchain, Big Data, AI, Internet-of-Things (IoT). Specifically, the workshop encourages contributions focusing on the interplay between the digital and physical aspects of security problems and capable of fostering new, intelligent, collaborative, and more dynamic approaches to detect, prevent and mitigate security incidents, such as:

  1. Intelligent monitoring and data collection of security-related information.
  2. Predictive analytics over the collected data based on AI techniques (such as machine learning) that enable the identification of complex attack patterns.
  3. Triggering of preventive and mitigation measures in advance of or shortly after the occurrence of an attack.
  4. Allowing all stakeholders to collaborate in vulnerability assessment, risk analysis, threat identification, threat mitigation, and compliance.

Agenda

General Welcome by Habtamu Abie

Keynote chaired by Silvio Ranise
Invited Talk Title: Analyzing the Impact of Software Supply Chain Vulnerabilities on Critical Infrastructures by Daniel dos Santos, Sr. Research Manager – Forescout Technologies

SESSION 1: Resilience chaired by Silvio Ranise

  • Resilience quantification for critical infrastructure: Exemplified for airport operations by Corinna Köpke, Kushal Srivastava, Natalie Miller and Elena Branchini
  • PRECINCT – A collaborative Ecosystem Platform for increased resilience of connected Critical Infrastructures by Jenny Rainbird, Inlecom Commercial Pathways
  • CyberSANE – Cyber Security Incident Handling, Warning and Response System for the European Critical Infrastructures by Eleni – Maria Kalogeraki, Ubitech & Thanos Karantjias, Maggioli

SESSION 2: Threat and Vulnerability chaired by Habtamu Abie

  • Severity level assessment from semantically fused video content analysis for physical threat detection in ground segments of space systems by Gerasimos Antzoulatos, Georgios Orfanidis, Panagiotis Giannakeris, Giorgos Tzanetis, Grigorios Kampilis-Stathopoulos, Nikolaos Kopalidis, Ilias Gialampoukidis, Stefanos Vrochidis, and Ioannis Kompatsiaris
  • Diminisher: A Linux Kernel based Countermeasure for TAA Vulnerability by Ameer Hamza, Maria Mushtaq, Khurram Bhatti, David Novo, Florent Bruguier and Pascal Benoit
  • The Rise of ICS Malware: A Comparative Analysis by Yassine Mekdad, Giuseppe Bernieri, Mauro Conti and Abdeslam El Fergougui

SESSION 3: ECSCI Projects Presentations I chaired by Rita Ugarelli, SINTEF

  • SOTER – human factors in cybersecurity by Robin Renwick, Trilateral Research
  • EnergyShield by Otilia Bularca, SIMAVI
  • ENSURESEC – Securing the e-commerce ecosystem from cyber, physical and cyber-physical threats by Luís Júdice Sousa, INOV

SESSION 4: ECSCI Projects Presentations II chaired by Habtamu Abie

  • 7SHIELD project – A holistic framework to protect Ground Segments of Space Systems against cyber, physical and natural complex threats by Gerasimos Antzoulatos, Centre for Research and Technology-Hellas (CERTH)
  • SPHINX – A Universal Cyber Security Toolkit for Health-Care Industry by Stylianos Karagiannis, PDMFC

Panel: CONCLUSION & PLANNING chaired by Habtamu Abie & Silvio Ranise

For more information about SPHINX participation on the event read here.