PCSCI

3rd International Workshop on Physical and Cyber Security in Interdependent Critical Infrastructures
  • Date
    Jul 30, 2024
  • Location
    SR05
  • Duration
    10:30 — 12:00
Workshops Lettering

Workshop Chairs

Workshop Chairs Logo Workshop Chairs Logo Workshop Chairs Logo
  • → Stefan Schauer
  • → Aljosa Pasic
  • → Gilda De Marco

Accepted Paper

Towards Availability of Strong Authentication in Remote and Disruption-Prone Operational Technology Environments
Mohammad Nosouhi (Deakin Cyber Research and Innovation Centre, Deakin University, Geelong, Australia, Australia), Divyans Mahansaria (Tata Consultancy Services (TCS) Ltd., Kolkata, India, India), Zubair Baig (Deakin Cyber Research and Innovation Centre, Deakin University, Geelong, Australia, Australia), Lei Pan (Deakin Cyber Research and Innovation Centre, Deakin University, Geelong, Australia, Australia), Robin Doss (Deakin Cyber Research and Innovation Centre, Deakin University, Geelong, Australia, Australia), Keshav Sood (Deakin Cyber Research and Innovation Centre, Deakin University, Geelong, Australia, Australia), Debi Prasad Pati (Tata Consultancy Services (TCS) Ltd., Kolkata, India, India), Praveen Gauravaram (Tata Consultancy Services (TCS) Ltd., Brisbane, Australia, Australia)
Full Paper
Implementing strong authentication methods in a network requires stable connectivity between the service providers deployed within the network (i.e., applications that users of the network need to access) and the Identity and Access Management (IAM) server located at the core segment of the network. This becomes challenging when it comes to Operational Technology (OT) systems deployed in a remote area, as they often get disconnected from the core segment of the network owing to unavoidable network disruptions. As a result, weak authentication methods and shared credential approaches are still adopted in these OT environments, exposing system vulnerabilities to increasingly sophisticated cyber threats. In this work, we propose a solution to enable highly available multi-factor authentication (MFA) services for OT environments. The proposed solution is based on Proof-of-Possession (PoP) tokens generated by an IAM server for registered users. The tokens are securely linked to user-specific parameters (e.g., physical security keys, biometrics, PIN, etc.), enabling strong user authentication (during disconnection time) through token validation. We deployed the Tamarin Prover software-based toolkit to verify security of the proposed authentication scheme. For performance evaluation, we implemented the designed solution in real-world settings. The results of our analysis and experiments confirm the efficacy of the proposed solution.
Workshop PCSCI
SOVEREIGN - Towards a Holistic Approach to Critical Infrastructure Protection
Georg Becker (DCSO GmbH, Germany), Thomas Eisenbarth (Universität zu Lübeck, Germany), Hannes Federrath (Universität Hamburg, Germany), Mathias Fischer (Universität Hamburg, Germany), Nils Loose (Universität zu Lübeck, Germany), Simon Ott (Fraunhofer AISEC, Germany), Joana Pecholt (Fraunhofer AISEC, Germany), Stephan Marwedel (Airbus Commercial Aircraft, Germany), Dominik Meyer (Helmut Schmidt Universität, Germany), Jan Stijohann (Langlauf Security Automation, Germany), Anum Talpur (Universität Hamburg, Germany), Matthias Vallentin (Tenzir GmbH, Germany)
Full Paper
In the digital age, cyber-threats are a growing concern for individuals, businesses, and governments alike. These threats can range from data breaches and identity theft to large-scale attacks on critical infrastructure. The consequences of such attacks can be severe, leading to financial losses, threats to national security, and the loss of lives. This paper presents a holistic approach to increase the security of critical infrastructures. For that, we propose an open, self-configurable, and AI-based automated cyber-defense platform that runs on specifically hardened devices and own hardware, can be deeply embedded in critical infrastructures and provides full visibility on network, endpoints, and software. In this paper, starting from a thorough analysis of related work, we describe the vision of our SOVEREIGN platform in the form of an architecture, discuss individual building blocks, and evaluate it qualitatively with respect to our requirements.
Workshop PCSCI

Detail PCSCI 02/05

Topics of interest include, but are not limited to 03/05

  • Physical & Cyber Threats in Critical Infrastructures and their Supply Chains
  • Effects of Societal Events like Pandemics on Critical Infrastructures and Supply Chains
  • Assessing Threats and Risks in Critical Infrastructures and their Supply Chains
  • Security Aspects of Cyber-Physical Systems
  • Concepts and Solutions for Physical & Cyber Situational Awareness
  • Simulating the Propagation of Threats and their Impacts
  • Concepts towards Hybrid Situational Awareness
  • Identifying and Measuring Impacts on the Society
  • Identifying and Measuring Cascading Effects
  • Legislative Aspects for Critical Infrastructures under GDPR and the NIS Directive

Workshop Chairs 04/05

Workshop Chairs

Workshop Chairs Logo
Stefan Schauer
AIT Austrian Institute of Technology, Austria
Workshop Chairs Logo
Aljosa Pasic
Eviden, Spain
Workshop Chairs Logo
Gilda De Marco
Insiel S.p.A., Italy

Program Committee

Abdelkader Shaaban | AIT Austrian Institute of Technology GmbH, Austria
Max Kesselbacher-Pirker | AIT Austrian Institute of Technology GmbH, Austria
Laurens Bouwer | HEREON, Germany
Manuel Egger | AIT Austrian Institute of Technology GmbH, Austria
Sandra König | Research Driven Solutions, Ireland
Martin Latzenhofer | AIT Austrian Institute of Technology GmbH, Austria

Submission 05/05

Important Dates

Extended Submission Deadline May 12, 2024
Author Notification May 29, 2024
Proceedings Version Jun 18, 2024
ARES EU Projects Symposium Jul 30, 2024
Conference Jul 30 — Aug 02, 2024
Join ARES 2025!

Join us at ARES 2025 in Ghent, Belgium