Critical Infrastructures (Communication, Transportation, Banking, e-Commerce, Utilities etc) increasingly and inextricably depend on IT-technologies to provide for both functionality and efficiency. However, the cost of the IT-reliance is the consequent exposure of the Critical Infrastructure (CI) to IT-based security vulnerabilities. The state of the practice often has different CI’s developing customized security solutions to meet their specific needs. While this is judicious, the CI’s can benefit from sharing approaches to intrusion detection, threat classification, diagnostics, mitigation schema, security architectures and many others. The goal of the CIPSEC 2nd Workshop (denoted as S-CI Workshop2017 ) was to bring together viewpoints from diverse CI’s to explore the commonalities of security problems and solutions for advancing the collective science and practice of CI security protection.
The S-CI Workshop was organized as a full day Workshop for the ARES 2017 conference, held in Regio Calabria on 29th of August 2017. ARES is a European conference primarily focused on Availability, Reliability and Security that has gained over the years a good reputation on European Security and Cryptography research community and has strong ties with European Project related Research since it dedicates each year specific slots for European project dissemination actions (hosting the ARES European Union Project Symposium).
The S-CI 2017 workshop technical program included two invited talks by CIPSEC members as well as six contributed peer reviewed research papers organized in two technical sessions, The first Keynote Speech provided a very helpful overview of known unknown of the cybersecurity research domain, giving guidelines and providing business evaluation potentials in the cyber security market while the second keynote speech was focused on how cybersecurity is implemented in a very characteristic critical infrastructure system, the German Railway interlocking mechanism, and what are the current problems and liabilities of such an approach. Apart from the keynotes, on the S-CI 2017 workshop first technical session, research work was presented related to cybersecurity issues on critical infrastructures focusing on DICE trusted computing remote attestation for IoT devices, built-in cyber-security mechanisms for wide surveillance systems and approaches on how to protect Future Maritime Communication. The second technical session was focused on cybersecurity tools for CIS and included works on ciphers for Failure Recovery on ITS Systems, DDOS attack resilient tools for wide Area Monitoring Systems and Anomaly Detection tools for Simulated ISE-60870-5-104 Traffic. There was vivid interest from the Workshop audience and an interesting exchange of ideas was made with questions asked during and after all Workshop’s speeches.