S4CIP’16: 1st Workshop on Safety & Security aSSurance

for Critical Infrastructures Protection

In conjunction with the 7th International Conference on Ambient Systems, Networks and Technologies
ANT 2016
Madrid, Spain (May 23-26 2016)

(pdf version)

aims & scope topics
invited speaker
submission guidelines

Aims & scope

Modern society heavily relies on large, heterogeneous and complex software-intensive systems to support all kinds of daily activities. Services such as urban transportation, logistics, health-care, data communication, railway, aerospace, and power distribution, to name a few, are becoming more and more dependent on the availability of such infrastructures. Any discontinuity of service may lead to serious problems, from severe financial losses to fatalities or injuries; the causes have different natures, either human errors, unexpected acts of nature, or intentional attacks like sabotage. Safety and security (S&S) assessments in critical infrastructures measure how these disruptions are handled and what is the impact suffered by the critical infrastructure under stress. These assessments are normally performed using analytical or simulation-based techniques often addressing one single specific aspect at a time rather than studying these infrastructures in a holistic manner.

This workshop aims at providing a forum for people from academia and industry to communicate their latest results on theoretical advances, industrial case studies, practical scenarios, and lessons learned in the assurance of S&S for critical infrastructures. Since the special interest on S&S assurance, a special focus will be put on model-based approaches; to the joint modelling and analysis of both cyber and physical aspects of critical infrastructures; and to the definition of unifying modelling and analysis methodologies. Research papers focused on safety or security assurance only are also welcome.

Topics of interest:

Invited Speaker

We are happy to host Boris Köpf as an invited speaker.

Boris is currently an assistant research professor at the IMDEA Software Institute. Boris joined IMDEA after completing his Ph.D. in the Information Security group of ETH Zurich and working as a postdoc in the Information Security and Cryptography Group of the Max Planck Institute for Software Systems. Before that, he studied mathematics at the Universidad de Chile, the Universidade Federal de Campinas, and the University of Konstanz, from which he received a M.Sc.

Boris KöpfReasoning about the trade-off between security and performance

Today’s software systems employ a wide variety of techniques for minimizing the use of resources such as time, memory, and energy. While these techniques are indispensable for achieving competitive performance, they can pose a serious threat to security: By reducing the resource consumption on average (but not in the worst case), they introduce variations that can be exploited by adversaries for recovering private information about users, or even cryptographic keys. In this talk I will give examples of attacks against a number of performance-enhancing features of software and hardware, and I will present ongoing work on techniques for quantifying the resulting threat and for choosing the most cost-effective defense.

Important dates (final)

Submission guidelines

Accepted papers will be included in the ANT proceedings published by Elsevier Science in the open-access Procedia Computer Science series on-line. At least one of the (co)author(s) of each accepted paper is required to register and attend the conference to present the work. PDF versions of papers should be submitted through EasyChair submission system. The maximum length is 6 pages formatted according to the guidelines of Procedia Computer Science: two additional pages may be added for a price. Please refer to the pages of ANT 2016 for more detail on this.

Submitted papers will be reviewed by three members of Program Committee (or their sub-reviewers) and selection of accepted papers will based on relevance, quality and originality. After the conference, extended versions of selected contributions will be consider for publication in a Special Issue of the International Journal of Critical Computer-Based Systems.

WorkShop Co-chairs

Technical Programme Committee

Post-conference information:

Valid HTML 4.01 Transitional