SecIndustry

3rd Workshop on Cybersecurity in Industry 4.0
  • Date
    Jul 30, 2024
  • Location
    SR06
  • Duration
    10:30 — 16:30
Workshops Lettering

Workshop Chairs

Workshop Chairs Logo Workshop Chairs Logo Workshop Chairs Logo Workshop Chairs Logo
  • → Sandeep Pirbhulal
  • → Habtamu Abie
  • → Halvor Holtskog
  • → Sokratis Katsikas

Accepted Paper

Vulnerability detection tool in source code by building and leveraging semantic code graph.
Sabine Delaitre (Bosonit group, Spain), José Maria Pulgar Gutiérrez (DocExploit, Spain)
Full Paper
DocExploit team creates innovative and high-quality cybersecurity solutions to meet the increasing security needs of the digital transformation process and Industry4.0.

DocExploit activity focuses on developing different tools to ensure the security of software applications and container environment: the first and core tool is DocSpot which detects vulnerabilities in application source code, Docdocker scans for vulnerabilities in containers and SirDocker manages and monitors containers efficiently and securely. In addition, we project to develop DocIoT (part of firmware), DocAPI (secure API) and DocAir (runtime security) to offer a comprehensive cybersecurity suite over the software supply chain and to support developers holding security as a key component over the Software Development life-cycle.

To prevent cybersecurity attacks, DocExploit wants to improve the quality and security of software mainly by leveraging knowledge graph technology. We design reliable tools by building a semantic graph-based abstraction of the code from the compiler state and reach high accuracy by developing different static code analyzers optimizing the detection of software vulnerabilities in the source code and dependencies. Those mechanisms allow for drastically reducing false positives.

In this workshop paper, we will introduce the different tools composing the suite we are developing to foster developers' autonomy and security automation over the software supply chain. The vulnerability detection tool in the source code, by leveraging the knowledge graph technology, will be detailed. The related work comes from BALDER a national R&D project. Finally, we describe the contributions to improving security in software and IoT applications, and expose the expected benefits.
Workshop SecIndustry
Gateway to the Danger Zone: Secure and Authentic Remote Reset in Machine Safety
Sebastian N. Peters (Technical University of Munich & Fraunhofer AISEC, Germany), Nikolai Puch (Technical University of Munich & Fraunhofer AISEC, Germany), Michael P. Heinl (Technical University of Munich & Fraunhofer AISEC, Germany), Philipp Zieris (Technical University of Munich & Fraunhofer AISEC, Germany), Mykolai Protsenko (Fraunhofer AISEC, Germany), Thorsten Larsen-Vefring (TRUMPF Werkzeugmaschinen SE + Co. KG, Germany), Marcel Ely Gomes (TRUMPF Werkzeugmaschinen SE + Co. KG, Germany), Aliza Maftun (Siemens AG, Germany), Thomas Zeschg (Siemens AG, Germany)
Full Paper
The increasing digitization of modern flexible manufacturing systems has opened up new possibilities for higher levels of automation, paving the way for innovative concepts such as Equipment-as-a-Service. Concurrently, remote access has gained traction, notably accelerated by the COVID-19 pandemic. While some areas of manufacturing have embraced these advancements, safety applications remain localized. This work aims to enable the remote reset of local safety events. To identify necessary requirements, we conducted collaborative expert-workshops and analyzed relevant standards and regulations. These requirements serve as the foundation for a comprehensive security and safety concept, built around a Secure Gateway. It uses secure elements, crypto-agility, PQC, and certificates for secure and authentic communication. To show the applicability, we implemented a prototype, which utilizes a gateway, cameras, and light barriers to monitor the danger zone of a robot and thus enable remote reset via public Internet. The real-world limitations we faced, were used to refine our requirements and concept iteratively. Ultimately, we present a secure and safe solution that enables the remote acknowledgment of safety-critical applications.
Workshop SecIndustry
A SOAR platform for standardizing, automating operational processes and a monitoring service facilitating auditing procedures among IoT trustworthy environments
Vasiliki Georgia Bilali (Institute of Communication & Computer Systems (ICCS), Greece), Eustratios Magklaris (Institute of Communication & Computer Systems (ICCS), Greece), Dimitrios Kosyvas (Institute of Communication & Computer Systems (ICCS), Greece), Lazaros Karagiannidis (Institute of Communication & Computer Systems (ICCS), Greece), Eleftherios Ouzounoglou (Institute of Communication & Computer Systems (ICCS), Greece), Angelos Amditis (Institute of Communication & Computer Systems (ICCS), Greece)
Full Paper
Advanced Threat Intelligence Orchestrator (ATIO) is a sophisticated middleware solution designed to enhance unified threat management (UTM) monitoring processes by adhering Security Orchestration Automation Response (SOAR) capabilities. This paper provides a detailed overview of ATIO, highlighting its multitasking capabilities towards coordinating information from different types of tools, usually bringing with them different types of data. Also, it gives some details on the system implementation and some indicative operational workflows. Central to ATIO's functionality is its ability to concurrently or sequentially automate the execution and processing steps of multiple workflows, while adhering to cyber security standards, organization policies and regulations. The design of ATIO is flexible, accommodating various interconnected services and tools to meet specific requirements, as well as diverse infrastructure interfaces, accommodating different specifications seamlessly adhering standardized formats and Cyber Threat Information (CTI) languages, such as STIX2.1. This integration enhances interoperability and expands the scope of cyber-threat intelligence operations by enabling connectivity with various systems and diversified data types. Moreover, ATIO automation nature, boosting detection and acknowledge efficiency and responsiveness in threat intelligence operations. It enables users to alter and filter workflow steps, preparing information for correlation and tracking cyber threat information (CTI) effectively. Additionally, ATIO includes robust mechanisms for monitoring user actions within the system, ensuring accountability and providing valuable insights into operational activities.
Workshop SecIndustry
An IEC 62443-security oriented domain specific modelling language
Jolahn Vaudey (Inria, France), Stéphane Mocanu (Grenoble INP, France), Gwenaël Delaval (Université Grenoble alpes, France), Eric Rutten (Inria, France)
Full Paper
As the historically isolated industrial control systems become increasingly connected, the threat posed by cyberattacks soars. To remedy this issue, industrial standards dedicated to the cybersecurity of ICS have been developed in the last twenty years, namely the IEC 62443 series. These standards provides guidelines to the creation and maintenance of a secure ICS, from the concept phase to its eventual disposal. This standard notably assume a specific Zone/Conduit model for systems, as a basis for building the security program. This model currently lacks computer-aided design tools, which are essential to the adoption of a standard. In this paper, we will present a domain specific modeling language, able to describe IEC 62443 compliant systems. Our main contributions are the DSL's syntax, which tries to formalize the informal model found in the standard, and the validation rules applied to it that ensure the described installations are secure by design, according to a set of hypotheses.
Workshop SecIndustry
EmuFlex: A Flexible OT Testbed for Security Experiments with OPC UA
Alexander Giehl (Fraunhofer, Germany), Michael P. Heinl (Fraunhofer AISEC, Germany), Victor Embacher (Fraunhofer AISEC, Germany)
Full Paper
Things (IIoT) like the Open Platform Communications Unified Architecture (OPC UA) were developed with security in mind. However, their correct implementation in operational technology (OT)
environments is often neglected due to a lack of appropriate monetary and human resources, especially among small and mediumsized enterprises. We present a flexible, inexpensive, and easy to use testbed enabling OT operators to experiment with different security scenarios. Our testbed is purely virtual so that procurement and construction of physical or hybrid test environments is not required. It can be operated as a web-hosted service and leverages Docker as well as OPC UA. The testbed therefore combines usability and support for modern technologies enabling future-oriented security studies as well as flexible usage across verticals and company boundaries.
Workshop SecIndustry
Using Artificial Intelligence in Cyber Security Risk Management for Telecom Industry 4.0
Ijeoma Ebere-Uneze (Royal Holloway, University of London, United Kingdom), Syed Naqvi (Liverpool John Moores University, United Kingdom)
Full Paper
The intensity and sophistication of cyberattacks have informed the need for artificial intelligence (AI) solutions for cyber security risk management (CSRM). We have studied the impact of using AI for CSRM in Telecommunication Industry 4.0 (TI4.0). This case study is used to develop an AI-enabled approach for enhanced protection of TI4.0. The services and the infrastructure provided by the TI4.0 are characterized by complexities due to the rapid evolution of associated technologies. This has continued to increase the attack surface and expose the industry to more cyber security risks. This article shows how the use of AI impacts CSRM in the TI4.0. Our work provides insights into the application of AI in mitigating cyber security risks. We have found that AI can enhance CSRM and, its effectiveness is determined by the quality of data that it was trained with; the training it received as well as the security of the AI solution.
Workshop SecIndustry

Detail SecIndustry 02/05

Topics of interest include, but are not limited to 03/05

  • Cybersecurity in Industry 4.0
  • Cybersecurity for 5G-enbaled industrial IoT
  • Digital twins for enhancing cybersecurity in Industry 4.0
  • Data analytics security
  • Security assurance in Industry 4.0
  • Cybersecurity for information technology (IT) and operational technology (OT)
  • Combining actual simulation and testing with continuing education
  • Demonstrating the possibilities in 5G and the results in an industrial setting with multiple threats and multi-actor operations.
  • 5G Sim Card security for IoT based Industry 4.0
  • Tests of different mechanisms to monitor and protect digital twin configurations of cyber-physical systems
  • Resilience in Industry 4.0
  • Resilience in critical Assets
  • Improving the understanding of how organizations and high-performance teams in times of crisis and how to standardize work processes to minimize risk.
  • Modules for continuing education and training based on master’s in industrial innovation and secure digitalization (MINDS)
  • Use cases for a collaborative effort involving stakeholders and for testing functionality
  • Demonstration cases through a collaborative effort involving stakeholders
  • Demonstration cases describe how and where the use cases are to be tested in practice
  • Domain specific knowledge and set ups for the laboratory production lines equal to real production lines
  • 5G Beyond Security in Industry 4.0
  • Dynamic Risk Assessment for Industry 4.0
  • Improving supply chain resilience in industry 4.0

Workshop Chairs 04/05

Workshop Chairs

Workshop Chairs Logo
Sandeep Pirbhulal
Norwegian Computing Center, Norway
Workshop Chairs Logo
Habtamu Abie
Norwegian Computing Center, Norway
Workshop Chairs Logo
Halvor Holtskog
Norwegian University of Science and Technology, Norway
Workshop Chairs Logo
Sokratis Katsikas
Norwegian University of Science and Technology, Norway

Program Committee

Cristina Alcaraz | University of Malaga, Spain
Shaukat Ali | Simula Research Laboratory, Norway
Manos Athanatos | Foundation for Research and Technology Hellas, Crete
Sabarathinam Chockalingam | Institute for Energy Technology, Norway
Mauro Conti | University of Padua, Italy
Hervé Debar | Télécom SudParis, France
Sabine Delaitre | BOSONIT – Sevilla – Spain
Joaquin Garcia-Alfaro | IMT (Institut Mines-Telecom), France
Martin Gilje Jaatun | University of Stavanger, Norway
Vasileios Gkioulos | Norwegian University of Science and Technology, Norway
Ilias Gkotsis | Satways Ltd, Greece
Dieter Gollmann | Hamburg University of Technology, Germany
Bjørn Axel Gran | Institute for Energy Technology, Norway
Siv Hilde Houmb | Norwegian University of Science and Technology, Norway
Nesrine Kaaniche | Télécom SudParis, France
Stamatis Karnouskos | SAP Research, Germany
Basel Katt | Norwegian University of Science and Technology, Norway
Maryline Laurent | Télécom SudParis, France
Wolfgang Leister | Norwegian Computing Center, Norway
Fabio Martinelli | IIT-CNR, Italy
Vasileios Mavroeidis | University of Oslo, Norway
Aida Omerovic | SINTEF, Norway
Kai Rannenberg | Goethe University Frankfurt, Germany
Reijo Savola | University of Jyväskylä, Finland
Ankur Shukla | Institute for Energy Technology, Norway
Ali Hassan Sodhro | Kristianstad University, Sweden
Mohsen Toorani | University of South-Eastern Norway, Norway
Rita Ugarelli | SINTEF, Norway
Stephen Wolthusen | Norwegian University of Science and Technology, Norway
Christos Xenakis | University of Piraeus, Greece
Shouhuai Xu | University of Colorado Colorado Springs, USA

Submission 05/05

Important Dates

Submission Deadline May 17, 2024
Author Notification May 29, 2024
Proceedings Version Jun 18, 2024
Conference Jul 30 — Aug 02, 2024
Join ARES 2025!

Join us at ARES 2025 in Ghent, Belgium