SPECIAL SESSION #14

Cybersecurity Standards and Technologies for IoT and Industry 4.0 (SecurityStandards)

ORGANIZED BY

Alan Alan Oliveira

Alan Oliveira

Faculty of Sciences of the University of Lisbon, Portugal

José José Cecílio

José Cecílio

Faculty of Sciences of the University of Lisbon, Portugal

Lucila Lucila Bento

Lucila Bento

State University of Rio de Janeiro, Brazil

Machado Raphael Machado

Raphael Machado

Clavis Information Security, Brazil

ABSTRACT

CyberSecurity is a critical issue for the viability of the Internet of Things and Industry 4.0. Security breaches lead to serious impacts on the well-being of the citizen, on the operation of industries, and on the stability of nations. The impact of security breaches in all dimensions of the Society has led more and more countries to understand CyberSecurity as a State issue - and therefore to investigate strategies to address CyberSecurity in a systematic and effective manner.

SecurityStandards Special Session at the IEEE International Workshop on Metrology for Industry 4.0 and IoT aims at discussing how to address CyberSecurity via the use of international standards. SecurityStandards seeks advances in two dimensions, as we discuss next.

Security Requirements. How to establish standards and requirements for equipment, systems and professionals in the area of security. How to assess the risks associated with each field of application. How to define the sectors in which the State must intervene by establishing mandatory safety requirements.

Security Assessment. How to verify compliance with safety requirements by equipment, systems and professionals. Which tests are most effective to characterize the fulfillment of such requirements. Which conformity assessment schemes are best suited to each scenario. How to attest the competence of professionals and laboratories to carry out security assessment activities.

In this sense, SecurityStandards seeks original contributions on the following themes:

Standards and Conformity Assessment

  • Security standards for software and smart devices
  • Conformity assessment methods for cybersecurity
  • Information security management systems standards
  • Risk assessment standards
  • Accreditation of security assessment laboratories

Risk Management and Critical Infrastructure Applications

  • Energy
  • Water and Sewage
  • Transportation
  • Communication
  • Financial System
  • Public Security and Civil Defense

Security Requirements

  • Cryptography Standards
  • Software Applications
  • Smart Devices
  • Management Systems
  • Professional Competence
  • Security in new paradigms: Cloud, IoT, Cyber-Physical
  • Privacy and Confidentiality Requirements

Software Security

  • Static code analysis
  • Dynamic software analysis
  • Software Testing
  • Code obfuscation
  • Software incorruptibility
  • Software watermarks
  • Software validation
  • Reference datasets

Hardware Security

  • Side-channel attacks and countermeasures
  • Fault attacks and countermeasures
  • Hardware tampering and tamper-resistance
  • Hardware and software reverse engineering
  • Trusted computing platforms
  • Secure storage devices
  • Cryptographic processors and co-processors
  • True and pseudorandom number generators
  • Physical unclonable functions

ABOUT THE ORGANIZERS

Alan Oliveira de Sá holds a Ph.D. in Informatics at the Federal University of Rio de Janeiro (2019), received the M.Sc. degree in electronic engineering at the State University of Rio de Janeiro (2015) and graduated in electronic engineering at the Rio de Janeiro Federal Center for Technological Education (2006). He is currently Professor at the Department of Informatics, Faculty of Sciences of the University of Lisbon, and integrated member of the LASIGE - Computer Science and Engineering Research Centre. His research interests include cybersecurity, defense systems, control systems, and intelligent systems.

José Cecílio completed his PhD in Computer Engineering at the University of Coimbra in 2013 and is currently an assistant professor at the Faculty of Sciences of the University of Lisbon. José Cecílio is an integrated researcher at the Large Scale Computer Systems Laboratory (LASIGE). His research interests relate to Wireless Sensor Networks, the Internet of Things, Embedded Systems, Distributed Systems and Communication Networks. He is involved in several research projects associated with remote monitoring, the internet of things, adaptive and safety-critical CPS, and reliable and energy-efficient systems. He advised several MSc students at the Faculty of Sciences of the University of Lisbon during the last five years. Currently, he is advising two PhD students and several MSc students.

Lucila Maria de Souza Bento, holds a Ph.D. in Informatics at the Federal University of Rio de Janeiro (2015), a Master's degree in Informatics also from the Federal University of Rio de Janeiro (2012) and is a Technologist in Computer Systems at the Fluminense Federal University (2010). She is currently Professor at the Institute of Mathematics and Statistics of the State University of Rio de Janeiro. Her research interests include algorithms, graph theory, artificial intelligence, and cybersecurity.

Raphael Machado is Chief Scientist at Clavis Information Security and is Professor at Fluminense Federal University, in Rio de Janeiro, Brazil. He holds a Ph.D. in Systems and Computer Engineering and co-authored more than one hundred scientific papers in journals and conferences. He obtained several grants and prizes, including the FAPERJ Rio de Janeiro Young Scientist Grant and the CNPq Research Productivity Grant. He organized several national and international conferences and workshops in Computer Science.