Special Session #8

Raphael Machado

Inmetro - National Institute of Metrology, Quality and Technology

CyberSecurity is a critical issue for the viability of the Internet of Things and Industry 4.0. Security breaches lead to serious impacts on the well-being of the citizen, on the operation of industries, and on the stability of nations. The impact of security breaches in all dimensions of the Society has led more and more countries to understand CyberSecurity as an State issue - and therefore to investigate strategies to address CyberSecurity in a systematic and effective manner.

SecStandards Special Session at the IEEE International Workshop on Metrology for Industry 4.0 and IoT aims at discussing how to address CyberSecurity via the use of international standards. SecStandards seeks advances in two dimensions, as we discuss next.
Security Requirements. How to establish standards and requirements for equipment, systems and professionals in the area of ​​security. How to assess the risks associated with each field of application. How to define the sectors in which the State must intervene by establishing mandatory safety requirements.
Security Assessment. How to verify compliance with safety requirements by equipment, systems and professionals. Which tests are most effective to characterize the fulfillment of such requirements. Which conformity assessment schemes are best suited to each scenario. How to attest the competence of professionals and laboratories to carry out security assessment activities.

In this sense, SecStandards seeks original contributions on the following themes:

Standards and Conformity Assessment

• Security standards for software and smart devices
• Conformity assessment methods for cybersecurity
• Information security management systems standards
• Risk assessment standards
• Accreditation of security assessment laboratories

Risk Management and Critical Infrastructure Applications

• Energy
• Water and Sewage
• Transportation
• Communication
• Financial System
• Public Security and Civil Defense

Security Requirements

• Cryptography Standards
• Software Applications
• Smart Devices
• Management Systems
• Professional Competence
• Security in new paradigms: Cloud, IoT, Cyber-Physical
• Privacy and Confidentiality Requirements

Software Security

• Static code analysis
• Dynamic software analysis
• Software Testing
• Code obfuscation
• Software incorruptibility
• Software watermarks
• Software validation
• Reference datasets

Hardware Security

• Side-channel attacks and countermeasures
• Fault attacks and countermeasures
• Hardware tampering and tamper-resistance
• Hardware and software reverse engineering
• Trusted computing platforms
• Secure storage devices
• Cryptographic processors and co-processors
• True and pseudorandom number generators
• Physical unclonable functions

Raphael Machado is a researcher in the National Institute of Metrology, Quality and Technology, in Brazil. He has a PhD in Systems and Computer Engineering and co-authored more than one hundred scientific papers in journals and conferences. He obtained several grants and prizes, including the Rio de Janeiro Young Scientist Grant and the Research Productivity Grant. He organized several national and international conferences and workshops in the areas of theoretical computer science and information security. He is a leader for the development of national standards for CyberSecurity in Brazil, coordinating a joint effort of dozens of government agencies, laboratories and industries for the establishment of adequate requirements and tests for this field.