In order to support dissemination activities in the IoT4CPS project, the AIT and SBA Research have organized the first Workshop on Industrial Security and IoT (WISI 2019). The workshop was hosted as part of the 14th edition of the ARES & CD-MAKE conference which took place in Canterbury, UK.
The first session started with a keynote speech by AIT cyber security expert Christoph Schmittner, who provided an overview on methods for ensuring security during the entire life cycle. He also provided insights into the current progress in security and safety standardization activities, with the specific specific regard to two main IoT4CPS application fields: smart mobility and smart production. The keynote session was concluded with an open discussion among all participants.
The first official paper was a contribution by representatives of the German Research Institute for AI. The authors emphasized on evaluating different methods to leverage network features in intrusion detection systems. They also highlighted the techniques of Matrix Profiles, which they use to detect irregularities in signals coming from industrial control systems. For the attacks that do not manifest through changes in physical signals, the authors propose to build a graph for representing the topology of the network. With this graph, one could understand the valid communication paths in the network, and thus detect any anomalies.
An application-oriented survey paper was submitted by our colleagues from the University of Timisoara, Romania. It was very informative to hear about the applicability of different Elliptic-Curve Libraries in automotive applications. The next paper on “Applicability of the IEC 62443 standard in Industry 4.0 / IIoT” triggered a vivid discussion between the authors and the audience. The participants mostly agreed that the challenges in achieving standard compliance are coming from the loose security zone boundaries in industrial IoT systems as well as remote software updates.
Two additional papers provided insights into the latest research results of the IoT4CPS project. The first one, entitled “Requirements and Recommendations for IoT/IIoT Models to automate Security Assurance through Threat Modelling, Security Analysis and Penetration Testing”, dealt with evaluating and improving state-of-the-art methods for security analysis. An additional contribution to the workshop was a submission from Salzburg Research, a partner in the IoT4CPS consortium, entitled “Federated Identity Management and Interoperability for Heterogeneous Cloud Platform Ecosystems”
We are satisfied to acknowledge that the WISI workshop gave a strong support for disseminating the IoT4CPS preliminary results and we look forward to continuing the research in Industrial IoT Security.