Co-located with the 28th European Symposium on Research in Computer Security (ESORICS 2023)
The Hague, The Netherlands, September 25-29, 2023

Scope & Topics

CPS4CIP’23 is the fourth workshop dedicated to cyber-physical security for protecting critical infrastructures that support finance, energy, health, air transport, communication, gas, and water. The secure operation of these critical infrastructures is essential to the security of a nation, its economy, and the public’s health and safety. Security incidents in critical infrastructures can directly lead to a violation of users’ safety and privacy, physical damages, significant economic impacts on individuals and companies, and threats to human life while decreasing trust in institutions and questioning their social value. Because of the increasing interconnection between the digital and physical worlds, these infrastructures and services are more critical, sophisticated, and interconnected than ever before. This makes them increasingly vulnerable to attacks, as confirmed by the steady rise of cyber-security incidents, such as phishing or ransomware, but also cyber-physical incidents, such as physical violation of devices or facilities in conjunction with malicious cyber activities.

To address all these challenges, the CPS4CIP workshop has the objective of bringing together security researchers and practitioners from the various verticals of critical infrastructures (such as the financial, energy, health, air transport, communication, gas and water domains) to rethink cyber- physical security in the light of latest technology developments, e.g., Cloud Computing, Blockchain, Big Data, Artificial Intelligence (AI), Internet-of-Things (IoT). Specifically, value will be given to contributions focusing on the interplay between the digital and physical aspects of security problems and capable of fostering new, intelligent, collaborative and more dynamic approaches to detect, prevent and mitigate security incidents, such as:

1. intelligent monitoring and data collection of security-related information;
2. predictive analytics over the collected data based on AI techniques (such as machine learning) that enable the identification of complex attack patterns;
3. triggering of preventive and mitigation measures in advance of or shortly after the occurrence of an attack;
4. allowing all stakeholders to collaborate in vulnerability assessment, risk analysis, threat identification, threat mitigation, and compliance.

Topics of Interest

CPS4CIP invites submissions that present innovative ideas, proof of concepts, use cases, experience reports, and results from a variety of topics relevant to the security of critical infrastructures and services. Topics of interest include, but are not limited to:

• AI, machine learning for predictive security of critical infrastructures
• Integrated (cyber & physical) security
• Collaborative risk assessment/mitigation in supply chains
• Confronting complex threats and their cascading effects
• Adaptive anomaly detection
• Blockchain solutions for cyber and data security of critical infrastructures
• Risk Assessment and Management
• Identification, assessment, and mitigation of cyber-physical threats
• Automated vulnerability assessment and penetration testing services
• Privacy-preserving data collection and analytics
• Dynamic security knowledge base
• Measuring Security Levels in critical infrastructures
• Adaptive security-related data collection
• Critical infrastructure resilience
• AI CCTV analytics
• Security compliance services
• Automation for detection, prevention, and mitigation measures
• Privacy-enhancing technologies
• Cyberthreat intelligence and cyberdeception techniques
• Explainability/interpretability of AI - based security mechanisms and services
• Robust AI for CIP
• Adaptive threat hunting and intelligence

Important Dates

• Submission deadline: 03.07.2023 17.07.2023 (extended)
• Notification to authors: 03.08.2023
• Camera-ready versions: 20.08.2023

Support

The workshop is supported by the projects of the European Cluster for Securing Critical Infrastructures (ECSCI), namely

ECSCI Running projects:

• AI4CYBER
• ATLANTIS
• CyberSEAS
• DYNABIC
• eFORT
• EU-HYBNET
• FeatureCloud
• IRIS
• PRAETORIAN
• PRECINCT
• SUNRISE

ECSCI ended projects supported by coordinators:

• FINSEC
• ANASTACIA
• CyberSANE
• DEFENDER
• EnergyShield
• ENSURESEC
• IMPETUS
• InfraStress
• PHOENIX
• RESISTO
• SAFECARE
• SAFETY4RAILS
• SATIE
• SealedGRID
• SecureGas
• SmartResilience
• SOTER
• SPHINX
• STOP-IT
• 7SHIELD

Horizon Europe project based on ECSCI:

• EU-CIP (European Knowledge Hub and Policy Testbed for Critical Infrastructure Protection)

And three national projects:

• NORCICS (Norwegian Center for Cybersecurity in Critical Sectors) project funded by the Research Council of Norway under the Center for Research-based Innovation (SFI)
• RESTABILISE4.0 (Restabilise and Energy: Specialization of Enabling Technologies for Balancing Energy Infrastructures and Systems) project Confunded by START4.0 - Competence Center for security and optimization of strategic infrastructures
• CybAlliance (International Alliance for Strengthening Cybersecurity and Privacy in Healthcare) project funded by the Research Council of Norway under the INTPART International Partnerships for Excellent Education, Research and Innovation program