Inmetro - National Institute of Metrology, Quality and Technology
Lucila Maria de Souza Bento
Federal University of Rio de Janeiro
CyberSecurity is a critical issue for the viability of the Internet of Things and Industry 4.0. Security breaches lead to serious impacts on the well-being of the citizen, on the operation of industries, and on the stability of nations. The impact of security breaches in all dimensions of the Society has led more and more countries to understand CyberSecurity as an State issue - and therefore to investigate strategies to address CyberSecurity in a systematic and effective manner.
SecStandards Special Session at the IEEE International Workshop on Metrology for Industry 4.0 and IoT aims at discussing how to address CyberSecurity via the use of international standards. SecStandards seeks advances in two dimensions, as we discuss next.
Security Requirements. How to establish standards and requirements for equipment, systems and professionals in the area of security. How to assess the risks associated with each field of application. How to define the sectors in which the State must intervene by establishing mandatory safety requirements.
Security Assessment. How to verify compliance with safety requirements by equipment, systems and professionals. Which tests are most effective to characterize the fulfillment of such requirements. Which conformity assessment schemes are best suited to each scenario. How to attest the competence of professionals and laboratories to carry out security assessment activities.
In this sense, SecStandards seeks original contributions on the following themes:
Standards and Conformity Assessment
- Security standards for software and smart devices
- Conformity assessment methods for cybersecurity
- Information security management systems standards
- Risk assessment standards
- Accreditation of security assessment laboratories
Risk Management and Critical Infrastructure Applications
- Water and Sewage
- Financial System
- Public Security and Civil Defense
- Cryptography Standards
- Software Applications
- Smart Devices
- Management Systems
- Professional Competence
- Security in new paradigms: Cloud, IoT, Cyber-Physical
- Privacy and Confidentiality Requirements
- Static code analysis
- Dynamic software analysis
- Software Testing
- Code obfuscation
- Software incorruptibility
- Software watermarks
- Software validation
- Reference datasets
- Side-channel attacks and countermeasures
- Fault attacks and countermeasures
- Hardware tampering and tamper-resistance
- Hardware and software reverse engineering
- Trusted computing platforms
- Secure storage devices
- Cryptographic processors and co-processors
- True and pseudorandom number generators
- Physical unclonable functions
Raphael Machado is a researcher in the National Institute of Metrology, Quality and Technology, in Brazil. He has a PhD in Systems and Computer Engineering and co-authored more than one hundred scientific papers in journals and conferences. He obtained several grants and prizes, including the Rio de Janeiro Young Scientist Grant and the Research Productivity Grant. He organized several national and international conferences and workshops in the areas of theoretical computer science and information security. He is a leader for the development of national standards for CyberSecurity in Brazil, coordinating a joint effort of dozens of government agencies, laboratories and industries for the establishment of adequate requirements and tests for this field.
Lucila Maria de Souza Bento holds a PhD in Informatics at the Federal University of Rio de Janeiro (2015), a Master's degree in Informatics also from the Federal University of Rio de Janeiro (2012) and is a Technologist in Computer Systems at the Fluminense Federal University (2010). Lucila is a researcher at Inmetro, the Brazilian National Institute of Metrology, Quality and Technology, Lucila was a Postdoc at COPPE - UFRJ. She was a Visiting Professor of the Postgraduate Program in Informatics at the Mathematics Institute at the Federal University of Rio de Janeiro, on the Artificial Intelligence field, and Academic Director of the Clavis Information Security Group (Grupo Clavis Segurança da Informação). Lucila works with security analysis of embedded devices related to Conformity Assessment. Her research interests includes algorithms, data structures, graph theory, artificial intelligence, and information security.