7th ACM Cyber-Physical System Security Workshop
(CPSS 2021)

held in conjunction with ACM AsiaCCS'21
Hong Kong, China, 7 June 2021


Dates | News | CFP | Organizers | Submission and final preparation | Keynotes | Registration | Venue | Program | Contact | CPSS

Important Dates

Submissions Due:
Notification:
Camera-ready Due:
January 27, 2021 AoE February 3rd, 2021 AoE
February 26, 2021
March 15, 2021


Paper submission site: Link Easychair

The 7th ACM Cyber-Physical System Security Workshop will take place together with the 16th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2021). It will be held on June 7th, 2021.

For more information: ACM ASIACCS 2021


*The event will be virtual*


*Information for Authors Presentation*: Please follow the instructions on the main conference website at this link to upload the presentation on the conference platform.


Call for Papers  


Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome. Topics of interest include, but are not limited to:

  • Attack detection for CPS
  • Authentication and access control for CPS
  • Autonomous vehicle security
  • Availability and auditing for CPS
  • Blockchain for CPS security
  • Data security and privacy for CPS
  • Digital twins for CPS
  • Embedded systems security
  • Formal methods in CPS
  • Industrial control system security
  • IoT security
  • Legacy CPS system protection
  • Lightweight crypto and security
  • Maritime cyber security
  • Recovery from cyber attacks
  • Security and risk assessment for CPS
  • Security architectures for CPS
  • Security by design for CPS
  • Smart grid security
  • Threat modeling for CPS
  • Transportation system security
  • Vulnerability analysis for CPS
  • Wireless sensor network security

Submission and Final Preparation Instructions


Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, workshop, or conference with proceedings. The review process is single-blinded, i.e., the papers should not be anonymized. Submissions must be in double-column ACM SIG Proceedings format, and should not exceed 12 pages. We also welcome position papers describing work in progress, Systematization of Knowledge papers (distinguished with “SOK:” in the title), and papers describing novel testbeds. Only pdf files will be accepted. Authors of accepted papers must guarantee that their papers will be presented at the workshop. At least one author of the paper must be registered at the appropriate conference rate. Accepted papers will be published in the ACM Digital Library. There will also be a best paper award.


Paper submission site: Link Easychair.


Organizers


Steering Committee

Dieter Gollmann (Hamburg University of Technology, Germany)
Ravishankar Iyer (UIUC, USA)
Douglas Jones (UIUC, USA)
Javier Lopez (University of Malaga, Spain)
Jianying Zhou (SUTD, Singapore) – Chair


Program Chairs

Mauro Conti (University of Padua, Italy)
Nils Ole Tippenhauer (CISPA, Germany)


Web Chair

Federico Turrin (University of Padua, Italy)

Publication Chair

Alessandro Brighente (University of Padua, Italy)


Publicity Chairs

Alessandro Brighente (University of Padua, Italy)
Federico Turrin (University of Padua, Italy)

Program Committee  
Ali Abbasi (Ruhr-University Bochum, Germany) Cristina Alcaraz (University of Malaga, Spain)
Lejla Batina (Radboud University, Netherlands) Federica Battisti (University of Padua, Italy)
Xiuzhen Cheng (George Washington University, USA) Yanick Fratantonio (CISCO Talos, Austria)
Sokratis Katsikas (NTNU, Norway) Marina Krotofil (ABB, UK)
Nicola Laurenti (University of Padua, Italy) Javier Lopez (University of Malaga, Spain)
Mihalis Maniatakos (New York University Abu Dhabi, UAE) Daisuke Mashima (Advanced Digital Sciences Center, Singapore)
Aditya Mathur (Singapore University of Technology and Design, Singapore) Martín Ochoa (AppGate Inc., Colombia)
Federica Pascucci (Università degli Studi Roma Tre, Italy) Radha Poovendra (University of Washington, USA)
Xi Qin (The University of Texas at Dallas, USA) Awais Rashid (University of Bristol, UK)
Rodrigo Roman (University of Malaga, Spain) Martin Strohmeier (University of Oxford, UK)
Johanna Ullrich (SBA Research, Austria) Chia-Mu Yu (National Chung Hsing University, Taiwan)
Indrakshi Ray (Colorado State University, USA) Stefano Zanero (Politecnico di Milano, Italy)
Sencun Zhu (The Pennsylvania State University, USA) Saman Zonouz (Rutgers University, USA)



Keynotes

Title: Towards Secure and Robust Autonomy Software in Autonomous Driving and Smart Transportation
Speaker: Prof. Qi Alfred Chen (University of California, Irvine, USA)

Abstract:
Autonomous Driving (AD) technology has always been an international pursuit due to its significant benefit in driving safety, efficiency, and mobility. Over 15 years after the first DARPA Grand Challenge, its development and deployment are becoming increasingly mature and practical, with some AD vehicles already providing services on public roads (e.g., Google Waymo One in Phoenix and Baidu Apollo Go in China). In AD technology, the autonomy software stack, or the AD software, is highly security critical: it is in charge of safety-critical driving decisions such as collision avoidance and lane keeping, and thus any security problems in it can directly impact road safety. In this talk, I will describe my recent research that initiates the first systematic effort towards understanding and addressing the security problems in production AD software. I will be focusing on two critical modules: perception and localization, and talk about how we are able to discover novel and practical sensor/physical-world attacks that can cause end-to-end safety impacts such as crashing into obstacles or driving off road. Besides AD software, I will also briefly talk about my recent research on autonomy software security in smart transportation in general, especially those enabled by Connected Vehicle (CV) technology. I will conclude with a discussion on defense and future research directions.

About the speaker:
Qi Alfred Chen is an Assistant Professor in the Department of Computer Science at the University of California, Irvine. His research interest spans software security, systems security, and network security. Currently, his research focuses on security problems in autonomous CPS/IoT systems (e.g., autonomous driving and intelligent transportation). His works have high impacts in both academic and industry with over 30 research papers in top-tier venues across security, mobile systems, transportation, software engineering, andmachine learning areas; a nationwide USDHS US-CERT alert, and multiple CVEs; over 50 news articles by major news media such as Forbes, Fortune, and BBC News; and vulnerability report acknowledgments from USDOT, Apple, Microsoft, Comcast, Daimler, etc. Recently, his research triggered over 30 autonomous driving companies such as Tesla, GM, Baidu, and Daimler to start security vulnerability investigations; some confirmed to work on fixes. He serves as reviewers for various top-tier venues such as Usenix Security, ACM CCS, NDSS, TIFS, TDSC, T-ITS, etc., and co-found the AutoSec workshop (co-located with NDSS'21). His group won the 1st place in the first AutoDriving Security CTF (part of BCTF) in 2020. Chen received his Ph.D. from the University of Michigan in 2018.


Title: High we Fly: Wireless Witnessing and Crowdsourcing for Air-Traffic Communication Security
Speaker: Prof. Christina Pöpper (New York University Abu Dhabi, UAE)

Abstract:
In this talk I will address aviation security and secure surveillance/control that are crucial for the safety of air traffic. Two wireless systems widely deployed in this context are the Global Positioning System (GPS) and ADS-B (Automatic Dependent Surveillance Broadcast). I will discuss why wireless systems like GPS and ADS-B are hard to fully secure and I will present novel mechanisms to improve air-traffic-related security at the intersection of these two systems. In particular, I will talk about Crowd-GPS-Sec, a system to detect and localize GPS spoofing attacks on moving airborne targets such as UAVs or commercial airliners, as well as ADS-B-Trust, an approach to leverage machine learning for ADS-B and GPS attack detection. These systems demonstrate the potential of sensor-based crowdsourcing and wireless witnessing for attack detection purposes in a typically rather closed industry sector.

About the speaker:
Christina Pöpper is a tenure-track faculty in Computer Science at New York University, Abu Dhabi (NYUAD) where she is heading the Cyber Security & Privacy Lab (CSP-lab). She is also the Co-PI of Research of the Center for Cyber Security at NYUAD. Before joining NYUAD, she was Assistant Professor and Head of the Information Security Group at Ruhr-University Bochum, Germany. Christina holds a Ph.D. in Computer Science from ETH Zurich and previously worked at the European Space Agency. Her research interest is in cyber security and privacy. Focus areas are wireless and communication security, including secure localization, aviation security, and cellular network security, as well as privacy and anonymity in communication networks. Christina has been a member of the steering committee of ACM WiSec, the ACM Conference on Security and Privacy in Wireless and Mobile Networks, since 2018, was TPC co-chair in 2018, and is General Chair in 2021.

Program (Important note: Hong Kong Time)

08:50 - 09:00
Workshop Opening


09:00 - 09:55
Keynote: Prof. Qi Alfred Chen (University of California, Irvine, USA)

Session Chair: Nils Ole Tippenhauer

Towards Secure and Robust Autonomy Software in Autonomous Driving and Smart Transportation

10:00 - 10:55
Session 1: CPS Formalization and Protocols

Session Chair: Nils Ole Tippenhauer

  • 10:00 - 10:25 - Sepehr Amir-Mohammadian. A Semantic Framework for Direct Information Flows in Hybrid-Dynamic Systems.

  • 10:30 - 10:55 - Zheng Yang, Chao Yin, Chenglu Jin, Jianting Ning, Jianying Zhou Lightweight Delegated Authentication with Identity Fraud Detection for Cyber-physical Systems.
10:55 - 14:00
Break


14:00 - 14:55
Keynote: Prof. Christina Pöpper (New York University Abu Dhabi, UAE)

Session Chair: Mauro Conti

High we Fly: Wireless Witnessing and Crowdsourcing for Air-Traffic Communication Security

15:00 - 15:55
Session 2: Side-Channel in CPS

Session Chair: Cristina Alcaraz

  • 15:00 - 15:25 - Ruize Wang,Huanyu Wang, Elena Dubrova, Martin Brisfors. Advanced Far Field EM Side-Channel Attack on AES.

  • 15:30 - 15:55 - Arman Bhalla, Ivo Sluganovic, Klaudia Krawiecka, Ivan Martinovic. MoveAR: Continuous Biometric Authentication for Augmented Reality Headsets.
16:00 - 16:55
Session 3: Communication Security in CPS

Session Chair: Federica Battisti

  • 16:00 - 16:25 - Joshua Smailes, Daniel Moser, Matthew Smith, Martin Strohmeier, Vincent Lenders, Ivan Martinovic. You talkin' to me? Exploring Practical Attacks on Controller Pilot Data Link Communications.

  • 16:30 - 16:55 - MiniV2G: An Electric Vehicle Charging Emulator. Luca Attanasio, Mauro Conti, Denis Donadel, Federico Turrin.
17:00 - 17:05
Closing Remarks


Contact


E-mail:           cpss21@easychair.org
CPSS Home:   http://jianying.space/cpss/


Updated: May, 2021