ICS-CSR is welcoming contributions that have a direct application or relevance to security aspects of Distributed Control Systems (DCS), Supervisory Control and Data Acquisition Systems (SCADA), Industrial Control Systems (ICS), Cyber Physical Systems (CPS), Industrial Internet of Things (IIoT), Smart City, or Industry 4.0.

This topic list is not meant to be exhaustive; ICS-CSR is interested in all aspects of computer security relating to ICS. Papers without a clear application to SCADA, Embedded Systems or Industrial Control, however, will be considered out of scope and may be rejected without full review.

Main Conference Themes

    Hardware Security Solutions
        Encryption, Authentication, Availability Assurance
        Resilient Systems
        Application Security
        Secure Firmware
        Communication Systems
        Timing Vulnerabilities in RT-Control Systems
        Security Implications of Feature Interactions
    System Security
        Security Architectures
        Safety-Security Interactions
        Intrusion Detection
        Security Monitoring
        Malware Analysis
        Cyber Security Engineering
        Vulnerability Assessment/Screening
        Secure Communication Protocols
        Metrics
        Anonymity
        Language-based Security
        Network Security
        Patching and Maintenance
    Digital Forensics and Response
        Hardware Forensics
        Incident Response
        Live Forensics
        Accountability
        Forensic Readiness
    Security Management
        Risk Management
        Security Metrics
        Governance and Policy
        Business Continuity
        Critical Infrastructure Protection
    Human Factors Security
        Awareness and Training
        Behavioural Modelling
        Threat Profiling

Special Session on Cyber Security of ICS for Smart Grid

The smart grid integrates modern ICT and industrial control systems into power systems to allow monitoring and control capability with the aim of improving the efficiency, reliability and safety of the grid. The increased connectivity of such an environment provides new and widely spread entry points and a greatly increased attack surface from a cyber security perspective. An entire industry has grown around security vulnerabilities in the IT domain. With the introduction of smart grid services, something similar is likely to happen in the energy domain, with a focus on the vulnerabilities of industrial control systems that underpin these services.

Until now grid operators have lived in a relatively protected stand-alone security environment. The software and communication protocols have been different than those used on the internet and largely unknown to hackers. However, new smart grid services like demand side management and secondary substation automation, introduce new attack surfaces, new financial incentives, and in many cases use Internet protocols, thus paving the way for cyber-attacks. Attacks have the potential to lead to grid instability, blackouts, fraud, loss of customer information and physical damage of the infrastructure with significant consequences in terms of loss of revenue and loss of public confidence and trust.

The cyber security issues for the smart grid need to be clearly understood and adequately addressed to ensure the successful operation of next-generation power systems. This special session provides a platform for researchers in academia, industry and government to discuss and address the cyber security of the industrial control systems that underpin the smart grid.

    Securing legacy industrial control systems in a modern smart grid
    Smart grid ICS threat analysis and modelling
    Cyber security risk management for smart grid
    Cyber-attack resilience and tolerance analysis
    Control strategies for the recovery of the smart grid under cyber attack
    Smart grid security analytics and intrusion detection
    Secure state estimation
    Cyber security for microgrids
    Cyber security for electrical substation automation
    Data security technologies for smart meters

Special Session on Cyber Security and Situational Awareness

Cyber situational awareness is receiving much attention. For example, it features prominently in national cyber and cyber security strategies being adopted all over the world. It is clear that decision-makers on the strategic level feel the need to know what is happening in "cyber space". Proper decisions require proper understanding of what is going on. In a world where ICS, SCADA and CPS are increasingly connected and exposed to the outside world, cyber situational awareness is becoming an indispensable part of operational excellence and prudent cyber security.

Situational awareness is commonly as "the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning and the projection of their status in the near future" (Endsley, 1988). Cyber situational awareness is the part of situational awareness which concerns the cyber environment. This necessarily involves both technical, cognitive, and organizational challenges. Large amounts of information must be collected, processed, understood, and communicated in a timely and meaningful way to the relevant decision-makers. As a result, cyber situational awareness ought to be studied from many different perspectives, with the overall situational awareness of the situation in mind. The track on cyber situational awareness welcomes submissions on the following topics (not necessarily exhaustive):

    Information exchange for cyber situational awareness
    Human-computer interaction, work flows and visualization for cyber situational awareness
    Training and exercises for cyber situational awareness
    Bridging the gap between the operational/technical and strategic/management levels
    Deception and cyber situational awareness
    Empirical evaluations of technical solutions for cyber situational awareness
    Uncertainty, strategic behavior and game theory related to cyber situational awareness
    Data fusion for cyber situational awareness

Submission and Guidelines

Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Papers must be clearly presented in English, must not exceed 10 pages, including tables, figures, references and appendixes and follow the EWIC formatting guidelines: http://ewic.bcs.org/category/15364. Accepted papers will be published in conference proceedings and indexed in the ACM digital library, DBLP amongst others.

All papers will be peer reviewed by members of the Programme Committee. Papers will be selected based on their originality, timeliness, significance, relevance, and clarity of presentation. Distinguished papers, after further revisions, will be considered for publication in a special issue. The program committee will select a Best Paper Award winner for this conference. Submission of a paper should be regarded as a commitment that, should the paper be accepted, at least one of the authors will register and attend the conference to present the work.

Submit your paper via EasyChair: https://www.easychair.org/conferences/?conf=icscsr2017

Instructions for Short/Positional Paper Submission:

We welcome the submission of short positional papers for short presentation or poster presentation during the conference. Positional papers must be clearly presented in English, must not exceed 4 pages, including tables, figures, references and appendixes and follow the EWIC formatting guidelines: http://ewic.bcs.org/category/15364. Accepted papers will be eligible for inclusion for presentation as a poster during the conference and selected papers will be included as an annex in the published conference proceedings.

Submit your short positional paper via EasyChair: https://www.easychair.org/conferences/?conf=icscsr2017 and use the prefix "POSITIONAL:" in the registration title.