-- CALL FOR PARTICIPATION --

==============================================================================
CyberICPS 2017 (in conjunction with ESORICS 2017):
3rd Workshop on The Security of Industrial Control Systems & of Cyber-Physical Systems
Oslo, Norway — September 15, 2017
==============================================================================

WWW: http://www.ds.unipi.gr/cybericps2017/

Overview
------------------------------------
CyberICPS brings together researchers, engineers and governmental actors with an interest in the security of Industrial Control Systems and Cyber Physical Systems in the context of their increasing exposure to cyber-space, by offering a forum for discussion on all issues related to their cyber security. The workshop was held for the first time in conjunction with ESORICS 2015 and has attracted a wide international audience from both the academic and industrial communities.

The 3rd Workshop on The Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2017) will be held in Oslo, Norway, on September 15, 2017.

Registration
------------------------------------
Early Registration for all ESORICS Workshops 2017 and for ESORICS itself is open, but will end soon. Early bird registration deadline is ***August, 15th 2017***

Registration rates:
https://www.ntnu.edu/web/esorics2017/registration

If an invitation letter is needed (e.g. VISA) the letter will be provided after the registration. To do this, it is necessary to send an email to the organizing committee at: esorics2017@ntnu.edu

Venue page:
https://www.ntnu.edu/web/esorics2017/venue

Travel and accommodation page:
https://www.ntnu.edu/web/esorics2017/travel-accomodation

We hope to see you in Oslo, Norway!


Program
------------------------------------
The 12 papers of CyberICPS 2017 are distributed in 4 sessions.

Following is the list of paper presentations for the workshop. For the programs of other ESORICS workshops, please consult their corresponding websites:

* SECPRE 2017: https://samosweb.aegean.gr/secpre2017/
* SecSE 2017: http://secse.org
* CBT 2017: http://www.deic.uab.cat/~jherrera/CBT/
* DPM 2017: http://deic.uab.cat/conferences/dpm/dpm2017/
* STM 2017: http://stm2017.di.unimi.it
* QASA 2017: http://www.iit.cnr.it/qasa2017/
* SIoT 2017: http://siot-workshop.org

For the main ESORICS conference program please consult https://www.ntnu.edu/web/esorics2017/program

CyberICPS 2017 Program
----------------------------------------------------------
## Friday, September 15, 2017 ##

09:00 – 10:30: Session 1: Protecting Industrial Control and Cyber-Physical Systems
- “Towards End-to-End Data Protection in Low Power Networks”. Vasily Mikhalev, Laurent Gomez, Frederik Armknecht and José Márquez.
- “Development of an Embedded Platform for Secure CPS Services”. Vincent Raes, Vincent Naessens and Jan Vossaert.
- “Introducing Usage Control in MQTT protocol for IoT”. Antonio La Marra, Fabio Martinelli, Paolo Mori, Athanasios Rizos and Andrea Saracino. (SHORT PAPER)

10:30 – 11:00 Coffee break

11:00 – 12:30 Session 2: Threats, Vulnerabilities and Risks
- “Towards security threats that matter”. Katja Tuma, Riccardo Scandariato, Mathias Widman and Christian Sandberg.
- “A Methodology to Assess Vulnerabilities and Countermeasures Impact on the Missions of a Naval System”. Bastien Sultan, Fabien Dagnat and Caroline Fontaine.
- “STRIDE to a secure Smart Grid in a hybrid cloud”. Bojan Jelacic, Daniela Rosic, Imre Lendak, Marina Stanojevic and Sebastijan Stoja.

12:30 – 14:00 Lunch

14:00 – 15:30 Session 3: Cyber Attacks in Industrial Control and Cyber-Physical Systems
- “Stealthy Deception Attacks Against SCADA Systems”. Amit Kleinmann, Avishai Wool, Ori Amichay, David Tenenbaum, Ofer Bar and Leonid Lev.
- “On Ladder Logic Bombs in Industrial Control Systems”. Naman Govil, Anand Agrawal and Nils Ole Tippenhauer.
- “Enforcing Memory Safety in Cyber-Physical Systems”. Eyasu Getahun Chekole, John Henry Castellanos, Martín Ochoa and David Yau.

15:30 – 16:00 Coffee break

16:00 – 17:30 Session 4: Detecting Attacks in Industrial Control and Cyber-Physical Systems
- “Supporting the Human in Cyber Defence”. Kirsi Helkala, Benjamin J. Knox, Øyvind Jøsok, Rigardo G. Lugo, Stefan Sütterlin, Geir Olav Dyrkolbotn and Nils Kalstad Svendsen.
- “CRBP-OpType: A Constrained Approximate Search Algorithm for Detecting Similar Attack Patterns”. Ambika Shrestha Chitrakar and Slobodan Petrovic.
- “Multistage Downstream Attack Detection in a Cyber Physical System”. Rizwan Qadeer, Carlos Murguia, Chuadhry Mujeeb Ahmed and Justin Ruths. (SHORT PAPER)





----------------------------------------------------------------------------------------

-- CALL FOR PAPERS --

==================================================================
3rd Workshop on the Security of Industrial Control Systems and
of Cyber-Physical Systems (CyberICPS 2017)
==================================================================
in conjunction with ESORICS 2017

http://www.ds.unipi.gr/cybericps2017/

Oslo, Norway, September 11-15, 2017

*** Submission Deadline Extended to June 30th - Hard Deadline ***

CyberICPS is the result of the merging of the CyberICS and WOS-CPS workshops that were held for the first time in conjunction with ESORICS 2015.

Cyber-physical systems (CPS) are physical and engineered systems that interact with the physical environment, whose operations are monitored, coordinated, controlled and integrated by information and communication technologies. These systems exist everywhere around us, and range in size, complexity and criticality, from embedded systems used in smart vehicles, to SCADA systems in smart grids to control systems in water distribution systems, to smart transportation systems, to plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other Industrial Control Systems (ICS).

As ICS and CPS proliferate, and increasingly interact with us and affect our life, their security becomes of paramount importance. CyberICPS intends to bring together researchers, engineers and governmental actors with an interest in the security of ICS and CPS in the context of their increasing exposure to cyber-space, by offering a forum for discussion on all issues related to their cyber security.

CyberICPS invites submissions that present innovative ideas, proof of concepts, use cases, and results from a variety of topics relevant to ICS and CPS, including (but not limited to) the following ones:

Security governance
* Security policies
* Risk analysis and management
* Vulnerability assessment and metrics
* Awareness, training and simulation
* ICS/CPS security standards
* Privacy and Anonymity in ICS/CPS

System and network security
* Threat modeling
* Security architectures
* Access control
* Malware and cyber weapons
* Intrusion detection and visualisation
* Defense in depth
* Monitoring and real time supervision
* Applied cryptography
* Perimeter security
* Safety-security interactions
* Cyber security engineering
* Secure communication protocols
* Formal models for ICS/CPS security
* Hardware Security
* Resilient ICS/CPS
* Application Security
* Secure Firmware

Incident Response and Digital Forensics for ICS/CPS
* Forensics in ICS
* Incident Response
* Accountability

Case Studies
* Case studies in the energy, utility, chemical, transportation, manufacturing, and other industrial and critical infrastructure sectors.


Submissions
============

Submitted papers must not substantially overlap with papers that have been published or that have been simultaneously submitted to a journal or a conference with proceedings. Submissions should be at most 16 pages long, including the bibliography and well-marked appendices, and should follow the LNCS style (http://www.springeronline.com/lncs). Submissions are to be made to the submission web site at https://easychair.org/conferences/?conf=cpicssec2017. Only pdf files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits. Papers must be received by the deadline of July the 9th, 2017 (11:59 p.m. American Samoa time). Authors of accepted papers must guarantee that their papers will be presented at the workshop. Pre-proceedings will be made available at the workshop. All accepted papers will be published as joint post-proceedings by Springer in the Lecture Notes in Computer Science (LNCS) series.


Important dates
================

Submission deadline: 9 July 2017
Notification to authors: 6 August 2017
Camera ready due: 27 August 2017


Organization
=============

Program Committee Chairs
- Sokratis Katsikas, Norwegian University of Science and Technology - NTNU, Norway & University of Piraeus, Greece
- Frederic Cuppens, IMT Atlantique, France

General Chairs
- Nora Cuppens-Bulahia, IMT Atlantique, France
- Costas Lambrinoudakis, University of Piraeus, Greece

Technical Program Committee
- Cristina Alcaraz, University of Malaga, Spain
- Samiha Ayed, Devoteam, France
- Mauro Conti, University of Padua, Italy
- Mourad Debbabi, Concordia University, Canada
- Herve Debar, Telecom Sudparis, France
- David Espes, University of Brest, France
- Joaquin Garcia-Alfaro, Telecom SudParis, France
- Dieter Gollmann, Technical University of Hamburg, Germany
- Wael Kanoun, Nokia, France
- Jean Leneutre, Telecom ParisTech, France
- Javier Lopez, University of Malaga, Spain
- Masahiro Mambo, Kanazawa University, Japan
- Sjouke Mauw, University of Luxembourg, Luxembourg
- Weizhi Meng, Institute for Infocomm Research, Singapore
- Chris Mitchell, Royal Holloway, UK
- Jonathan Petit, Security Innovation, USA
- Juha Roning, University of Oulu, Finland
- Yves Roudier, EURECOM, France
- Pierangela Samarati, Università degli Studi di Milano, Italy
- Radu State, University of Luxembourg, Luxembourg
- Houbling Song, West Virginia University, USA
- Craig Valli, Edith Cowan University, Australia
- Jozef Vyskoc, VAF, Slovakia
- Khan Ferdous Wahid, Airbus Defence and Space GmbH, Germany
- Stephen Wolthusen, Royal Holloway, UK
- Stefano Zanero, Politecnico di Milano, Italy


PC chairs email
- Frederic Cuppens, frederic.cuppens@imt-atlatique.fr
- Sokratis Katsikas, sokratis.katsikas@ntnu.no