Schedule

Introduction Leila de Floriani

12:00 PM U.S. Eastern Time (4:00 PM UTC): Keynote Speech by Stefano Zanero on “Crouching hacker, killer robot? Removing fear from cyber-physical security”

This session consists of an welcome message from the IEEE Computer Society President and a keynote address “Crouching hacker, killer robot? Removing fear from cyber-physical security” by Stefano Zanero.

Cyber-physical systems are attracting a lot of attention: attacks on connected cars received a lot of media exposure, as did attacks on industrial control systems, airplanes or medical devices.

A lot of this interest is driven by vulnerability research (often in the form of “stunt hacking”). While engaging and attractive, does this research really help to answer the fundamental question of how to embed security analysis in design?

Why are we failing? What are the root causes? How do we do better and move beyond instilling fear?

 

2:00 PM U.S. Eastern Time (6:00 PM UTC): Graduate Programs and Certification in Cybersecurity

Participants will gain information in this session about how a graduate degree and certification in cybersecurity will help them advance their careers and strengthen their ability to advance the field.

 

6:00 AM U.S Eastern Time (10:00 AM UTC): Security of Cyber-Physical Systems

This session focuses on tools, techniques, methods, and architectures employed in security and privacy-aware design of Cyber-Physical Systems (CPS) with the emphasis on connected things (IoT) and embedded intelligent systems design in general.

Constrained resources, long missions, event-driven communication and interaction with a physical process often characterize such systems. Examples of such embedded platforms are automotive ECUs, industrial PLCs, or (consumer) IoT nodes. Given the nature of these platforms, RAMS (Reliability, Availability, Maintainability, and Safety and Security) parameters are highly important in the field. This session emphasizes in particular the security aspects of design, manufacturing, deployment, operation and maintenance on Cyber-Physical Systems and their components.

• Anirban Sengupta “Hardware Security of Integrated Circuits for DSP and Image Processing Applications”
• This topic will delve deep into the threat models and defense mechanisms against hardware Trojans and IP piracy. This topic discusses the hardware security of consumer electronics (CE) devices, focusing primarily on threat models and defense mechanisms against two major attacks: hardware Trojans and IP piracy. Further, other hardware-related IP attacks on CE design will be discussed along with its security mechanism. Design for security will be emphasized for CE community designers and practitioners who focus on IP core security.
• Madhusudan Singh ““Cyber Security for Symbiotic Vehicular Networks”
  • This talk investigates security, standardization, security method and process for vehicle communication. The primary objective is vehicle-communication security for vehicle-to-vehicle (V2V) communication and vehicle to infrastructure (V2X), to work with intelligent vehicles and intelligent transportation environment and concentrate on research work for, Cryptography, Embedded security, hardware security for intelligent vehicles.
• Swarup Bhunia ““Security of the Internet of Things: Are We Paranoid Enough?””
  • Security has become a critical design challenge for modern electronic hardware. With the emergence of the Internet of Things (IoT) regime that promises exciting new applications from smart cities to connected autonomous vehicles, security has come to the forefront of the system-design process. Recent discoveries and reports on numerous security attacks on microchips and circuits violate the well-regarded concept of hardware trust anchors. It has prompted system designers to develop a wide array of design-for-security and test/validation solutions to achieve high-security assurance for electronic hardware, which supports the software stack. At the same time, emerging security issues and countermeasures have also led to interesting interplay between security, verification and interoperability. Verification of hardware for security and trust at different levels of abstraction is rapidly becoming an integral part of the system design flow. The global economic trend that promotes outsourcing of design and fabrication process to untrusted facilities coupled with the prevalent practice of system on chip design using untrusted third-party intellectual property blocks (IPs), has given rise to the critical need of trust verification of IPs, system-on-chip design, and fabricated chips. The talk will also cover a spectrum of security challenges for IoTs and describe emerging solutions in creating secure trustworthy hardware that can enable IoT security for the mass.

 

10:00 AM U.S Eastern Time (2:00 PM UTC): Advancements in Information Security Algorithms

Cybersecurity is only as strong as its algorithms. As cyberattacks become more sophisticated, algorithms require advancements to keep up. This session will focus on advancements in various information security methods, such as cryptography, steganography, watermarking etc.

• Leonel Sousa, “Modular Arithmetic based Circuits and Systems for Emerging Technologies and Applications in Cryptography”
  • Energy efficiency, limited power consumption and increased performance will drive the design of new architectures and arithmetic units.  Unconventional number systems, namely Residue Number Systems RNS), and modular arithmetic may hold the answer to these emerging challenges. In this talk we show how to use the RNS to improve cryptographic algorithms and engines, making them more efficient and more resistant to
    side-channel attacks, not only in the context of traditional cryptography but also of emerging post-quantum cryptography. Moreover, the potential of RNS to support the high-performance implementation of deep convolutional neural networks (DCNNs) is unveiled. Emerging technologies are also targeted in this talk, namely the implementation of RNS arithmetic units with reversible logic to improve density, speed and energy efficiency.
• Dharm Singh Jat, “Modified AES Algorithm for Strong Encryption and Enhanced Security”
  • Networks today are an inherent part of all defence or military organisations. Any loss of data from defence networks directly impacts the national security. Hence, this data has to be protected using strong encryption techniques. The Advanced Encryption Standard (AES), is a Federal Information Processing Standard (FIPS) for symmetric cryptography since 2001 and is the most popular encryption standard for securing data. However, the AES is known to be prone to brute force attacks and other forms of cryptanalysis. This address presents a conceptual model of a modified AES algorithm, which will make it more complex, less prone to brute force attacks, tweak the algorithm so it is not known to attackers, and introduce a near true randomness to make it stronger and ideal for use in defence networks.

 

2:00 PM U.S Eastern Time (6:00 PM UTC): Dealing with a Cyberattack

Cyberattacks can happen suddenly and without warning, which is why organizations need to be prepared at all times with how to cope with such events. Planning not just for the event itself, but also determining ways to return to normal after the attack.

This session will cover aspects of a cybersecurity life-cycle supporting the resilience, continuity of operations through the spectrum of the attack, and Return To Normal Operations of the enterprise. In addition, we include a discussion of the use of cyber forensics processes, procedures and tools to enhance our lessons learned and maintain preparedness.

 

• Nancy Mead, “Threat Modeling Research and Machine Learning”
  
  • This talk will focus on recent threat modeling research as it relates to machine learning. After revisiting our prior threat modeling research, new results from a 2018 student project on machine learning will be discussed. In this project, students assessed the robustness of machine learning models against adversarial examples. Recently, we have been considering the use of machine learning to identify attacker types in specific domains. So, on the one hand, we examined whether machine learning models are vulnerable to attack, and on the other hand, whether machine learning can help to identify attacker types.
• CRS Kumar, “Augmented Reality and Virtual Reality for Cyber Security Awareness Training”
  • Augmented Reality (AR) and Virtual reality (VR) can provide our minds with direct access to digital media in a way to enhance our perception. AR and VR are finding many interesting applications in Industry, Medical domain, Education, Psychology, Entertainment, Sports etc. However, designing, developing and testing compelling AR and VR experiences is an incredibly complex challenge. When AR and VR applications are done well, the results are brilliant and pleasurable experiences that go beyond what can be done in the real world. The AR/VR based Cyber Security awareness Training is not only improving the presentation but also gaining popularity through new avenues of gamification and visualization. The training of Cyber Security concepts can be made more interesting and enjoyable learning experiences through AR/VR. In this presentation, we discuss the latest developments in AR/VR based Cyber Security training and bring out case studies.

 

6:00 PM U.S Eastern Time (10:00 PM UTC): Access Control in a Touchless Society

During the Covid-19 pandemic, concern increased about the ability to pass the virus through touching infected objects. Even after treatment improves and a vaccine is developed the concern that the passing of illness through touch will persist. As access control becomes more important to ensure cybersecurity, the issue will begin to affect the way we verify identities.

This session will cover the challenges of rigorous access control in the post-Covid-19 era, with regard moving toward a touchless society. Biometrics metrics will need to evolve to deal with facemasks, and there will be a move to gait analysis, iris recognition, voice recognition etc.

 

• P.A. Subrahmanyam, “Decentralized Identities”
• Decentralized identities provide a basis for next generation of Identity & Access Management systems, and more broadly, for enabling “Trust over IP”.

  What are decentralized (self-sovereign) identities? Why are they interesting and important? Why the buzz? What is the history of their evolution? What are the domains in which they can be useful? What are the various standards activities and organizations involved in the development of this topic? What is the current state of art? What are the research issues that need to be addressed?

  This talk will provide an answer to these questions and more. We will also comment on how these concepts can be leveraged in the context of a contactless society that Covid-19 has thrust upon us. We hope to engage the audience in a dialog and seed collaborative projects.




• Andre Leon Sampaio Gradvohl, “Security Aspects in the Internet of Things and Wearable Computing”
  • In this presentation, we will talk about the IoT and Wearable Computing devices features, such as energy consumption, operating systems issues, how these devices communicate, and the network standards they use. After this initial background, we will approach the security aspects of IoT and Wearable Computing, ranging from user’s privacy concerns, possible attacks, and some solutions to overcome security issues.




• Eldon Caldwell, “Good Practices on the use of information technology, sensors and interconnectivity in e-business applications in times of the COVID 19 pandemic”
• This lecture presents the trends in the good use of information technology, sensors and interconnectivity in e-business applications to maintain or increase competitiveness in the current pandemic era of COVID 19. In particular, the practices that can be given to organizations are developed. the possibility of implementing business continuity strategies, increasing the quality of service and exploring new markets as a way of surviving in critical moments of social isolation and temporary closure of operations.