CIPSEC 4th Newsletter – Christmas 2018

From our last Newsletter, on March 2018, new milestones and new dissemination actions have been successfully achieved. At this stage of the project we have accomplished most of the objectives and goals proposed at the beginning of the project. A brief report of the main achievements of CIPSEC emphasizing into the dissemination and the technical aspects of the work that has been performed.




Eight new CIPSEC blog entries ( have been released with monthly periodicity:


On September 2018, we released four new videos in our CIPSEC YouTube channel. The first three of them are communication videos, promotional, useful for attendingdifferent kind of events, with three different duration, short medium and extended:

Apart from these more business oriented videos, and to raise more awareness aboutthe project, the CIPSEC Consortium has produced a fourth video this year, explaining in a friendly and understandable way (animation) the cybersecurity challenges that critical infrastructure operators are facing and how CIPSEC’s proposed solution is able to bridge the existing gaps.

Liaisons and related events

During the last six months, CIPSEC has been present in more than eight cybersecurity events. Some of the most notable ones are:

CIPSEC General Assembly Meetings
  • CIPSEC Sixth General Assembly meeting. The meeting was hosted by WoS in Barcelona in May 8-9, 2018, and it included a collocated presentation of theproject to CIPSEC’s external advisory board.

Training workshop

Co-located with the seventh general assembly, the CIPSEC Consortium organized a training session addressed to Deutsche Bahn staff, held in DB premises in Frankfurt on October 18.

Exploitation workshop

Taking advantage of the seventh general assembly the consortium also organized a CIPSEC exploitation workshop in Frankfurt on October 18-19, with around 20 participants. Partners presented the business plans for six individual commercial products, as well as the partners investigated the possible ways of joint exploitation.

3rd CIPSEC workshop

The 3rd CIPSEC Workshop International workshop on Information & Operational Technology (IT & OT) security systems, IOSec 2018 was organized by UoP in collaboration with TUD collocated with the 21st International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2018), on September 13, 2018, in Heraklion, Crete, Greece. The IOSec 2018 workshop technical program included 12 research papers, 5 of them from CIPSEC partners, as well as included an invited talk by Dr Petros Efstathopoulos from Symantec Research Labs (SRL).


During this period, the CIPSEC consortium achieved the publication of:

15 new conference/workshop papers or posters:

  • “A Flexible Leakage Trace Collection Setup for Arbitrary Cryptographic IP Cores” by A. Moschos, A.P. Fournaris, O. Koufopavlou from UoP on the IEEE International Symposium on Hardware Oriented Security and Trust 2018 (IEEE HOST 2018)
  •  “Reliable Monitoring of Cloud Services” by Heng Zhang, Jesús Luna García, Neeraj Suri and Rubén Trapero from TUD and ATOS in IEEE SmartComp 2018.
  • Trusted Hardware Sensors for Anomaly Detection in Critical Infrastructure System” by A. P. Fournaris, K. Lampropoulos, O. Koufopavlou from UoP, on the 7th International Conference on Modern Circuits and Systems Technologies (MOCAST) on Electronics and Commuications 2018.
  • “A Genetic Algorithm for Obtaining Memory Constrained Near-Perfect Hashing”, Dan Domnita and Ciprian Oprisa from BD presented at International Conference on Automation, Quality and Testing, Robotics.
  • “Flashlight: A Novel Monitoring Path Identification Schema for Securing Cloud Services”, Heng Zhang, Ruben Trapero, Jesus Luna, Neeraj Suri, presented on the ARES 2018 conference.
  • “A Composite Malicious Peer Eviction Mechanism for Super-P2P Systems”, Hatem Ismail, Stefanie Roos and Neeraj Suri from TUD on the Conference: 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications.
  • “Protecting Cloud-based CIs: Covert Channel Vulnerabilities at the Resource Level”, Tsvetoslava Vateva-Gurova, Salman Manzoor, Ruben Trapero and Neeraj Suri, from TUD and ATOS presented on the 3rd CIPSEC workshop (IOSec 2018).
  • “A Secure and Efficient File System Access Control Mechanism (FlexFS)”, Jihane3rd Najar and Vassilis Prevelakis from AEGIS presented on the CIPSEC workshop (IOSec 2018).
  • “Threat Modeling the Cloud: An Ontology Based Approach” Salman Manzoor, Tsvetoslava Vateva-Gurova, Ruben Trapero and Neeraj Suri from TUD and ATOS, presented on the 3rd CIPSEC workshop (IOSec 2018).
  • “Automated Measurements of Cross-Device Tracking”, Konstantinos Solomos, Panagiotis Ilia, Sotiris Ioannidis and Nicolas Kourtellis from FORTH, presented on the 3rd CIPSEC workshop (IOSec 2018).
  • “Full Content Search in Malware Collections”, Andrei Mihalca and Ciprian Oprisa from BD, presented on the 3rd CIPSEC workshop (IOSec 2018).
  • “InfoLeak: Scheduling-based Information Leakage” Tsvetoslava Vateva-Gurova, Salman Manzoor, Yennun Huang and Neeraj Suri from TUD, presented on the The 23rd IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2018).
  • “Security Analysis of the RaSTA Safety Protocol”, Markus Heinrich Jannik Vieten, Tolga Arul, Stefan Katzenbeisser from TUD on the IEEE Intelligence and Security Informatics (ISI) 2018.
  • Poster: “Andromeda: A Trusted Execution Framework for Android Based on Secure Enclaves” Dimitris Karnikis and Sotiris Ioannidis from FORTH, on the Parallel Architectures and Compilation Techniques (PACT18) conference.
  • Poster: “GHammer: A GPGPU Rowhammering Attack”, Georgios Anagnopoulos, Sotiris Ioannidis from FORTH, on the Parallel Architectures and Compilation Techniques (PACT18) conference.


3 journals publication:


1 Magazine publication:

  • “CIPSEC: A Commitment for the future of Critical Infrastructures”, Antonio Álvarez and Joaquín Rodríguez published in ERCIM News, October 2018.


  • UPC prepared the CIPSEC glossary (terms used in deliverables of the project until M18). A New release of this glossary is being prepared to appear at the end of this year.




Work packages and milestones



The main milestone of this work package in this period was:

Deliverable D2.5 covers three main topics: firstly, it documents the final version of the reference architecture, which was refined after being first published in D2.2 (M18). Secondly, it offers technical details regarding the first software release of the CIPSEC platform, i.e. the initial version of the CIPSEC Framework prototype. Finally, it addresses two important methodology aspects: the guidelines to be followed to integrate the components and the CIPSEC Framework extension, taking the architecture as a starting point.

In deliverable D2.6, justified the implementation of the CIPSEC framework. The main objective of this implementation is to allocate the different tools and to provide a full picture of the security level of the tested environment as well as offered mitigation,comprehensive security assessments of the critical infrastructure must be carried outboth before and after the deployment of the solution. This deliverable, also, presents a methodology and proposed tests to evaluate the security level of critical infrastructures. Finally, this deliverable presents the CIPSEC solution deployment and the prototype building phases that has been designed to demonstrate the CIPSEC framework.


From the last Newsletter, we have been progressing in the development of the unified framework. Now the CIPSEC dashboard allows to access registered users, for the time being we have four registered users, one for every one of the pilots and one for the prototype user. The tools included in the dashboard are:

  • Anomaly Detection Reasoner
  • Honeypots
  • Anti-malware
  • Jamming detector
  • Anonymization tool

The services included in the dashboard are:

  • Forensic service
  • Vulnerability
  • Contingency plan
  • Training courses
  • Updating and Patching


The main milestones of this work package for this period have been:

  • Adapted and optimized solution for the selected pilots verified by means of deliverables:
  • Final report on CIs intra/interdependencies analysis verified by means of the deliverable:
    • D3.8 CIPSEC Intra / Inter dependencies Analysis Report
      After the identification of possible cascading effect performed in D3.4, in this milestone and the corresponding deliverable we tried to identify some non-secondary aspects, that were not included in D3.4, such as dependability described as the measure of some features including security. The use of the agent-based model or ABM investigation tool is also proposed, deploying realistic scenarios of events that can intervene on critical infrastructures seen as Complex Adaptive System. The collection of information deriving from the analysis of Inter and Intra dependencies will be one of the bases for the definition of pilot tests before and after the adoption of CIPSEC solutions.

      CSI pilot: cascading effect due to the alteration of data

  • List of policies for the CIPSEC prototype verified by means of deliverable:
    • D3.9 Complete Complexity Analysis
      The main contribution of this milestone and the corresponding deliverable is the revision of the proposed CIPSEC architecture (general solution) and the comparison with the tailor-made CIPSEC solution (particular solution for each pilot) against security solutions which are based on individual products. The conclusion is that the CIPSEC framework is flexible enough to fit any critical infrastructure after tailoring and customizing it according to the particular needs and characteristics, as presented with potential examples as well as actual examples taken from the pilots. Secondly, we can spot several advantages of the CIPSEC solution compared to an individual products deployment, as mentioned above.

This WP focuses on the efforts required to build a working prototype to run onoperational CI scenarios, and the milestones achieved for this period have been:

  • Trials settings and configuration verified by means of the deliverable:
    • D4.1 Trial scenario definitions and evaluation methodology specification

      This milestone and deliverable focus on the detailed description and definition of test scenarios that show the performance and the capabilities of the CIPSEC framework, as well as, on a methodology for the evaluation and validation of the project results. In addition, in this document an initial planning of the CISEC framework deployment is performed that will be further refined in next WP4 deliverables and especially D4.4. The main methodology followed for preparing this test scenarios has been:

    • Establish a common and systematic way of describing test scenarios.
    • Adopt a methodology used to evaluate test results and the effectiveness of the CIPSEC framework.
    • Describe composite test scenarios that cover a wide range of the CIPSEC framework capabilities.
  • System ready for the experimentation verified by means of deliverable:

    • D4.2 System ready for validation activities

      To perform the final experimentation in the three pilots we need to identify the gaps between the planning of the tests (proposed in D4.1) to be carried out in the three pilots upon the deployment of the tools, and the final test reports (to be provided by D4.3), including all changes to the test specifications of the integrated products and services (the complete security framework).We also report the configuration of the deployed solutions per pilot. It is shown and documented that each deployed solution works correctly and is able to communicate with the CIPSEC framework.

      Trial Specifications for DB Pilot