Mälardalen University is hosting a series of workshops on cybersecurity with speakers from well known organizations in both industry and academia.
Below are the links to the latest recordings:
- Automotive Security: to br(e)ak(e) is easier than to patch
Stefano Zanero (Politecnico di Milano university) - Can Language Models Help to Design more Cybersecure Software?
Miroslaw Staron (Chalmers) - Access Control in Dynamic Industrial Automation and Control Systems
Björn Leander (MDU, ABB) - Access On the Power of Smart Contracts—The Good and The Bad
Ghada Almashaqbeh (University of Connecticut) - Integrating Design-time and Run-time Methods for Detecting Cyber-Attacks:
Marjan Sirjani (Mälardalen University)
Abstracts and speakers
Automotive Security: to br(e)ak(e) is easier than to patch
Stefano Zanero (Politecnico di Milano university)
Abstract: First, we will present a selective denial-of-service attack against the CAN standard which does not involve the transmission of any complete frames for its execution. This type of attack is obviously not detectable via frame-level analysis, which makes most currently proposed detection systems useless. As the attack is based on CAN protocol weaknesses, all CAN bus implementations by all manufacturers were, and are, vulnerable.
After showing a proof-of-concept, we will move on to the much harder part of proposing a possible countermeasure for detecting and preventing such an attack, along with our implementation experience and some thoughts around this and other attacks that may arise from the CAN bus protocol itself.
We will also outline our research on anomaly detection for CAN networks based on LSTM autoencoders, as well as our evaluation of the best combination of different IDS techniques to increase detection performances in real world scenarios.
We will also briefly discuss our upcoming research accepted at CCS 2022, related to CAN polyglots.
Bio: Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor at the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching “Computer Security” and “Digital Forensics and Cybercrime” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 90 scientific papers and books. He is a Senior Member of the IEEE and sits in the Board of Governors of the IEEE Computer Society; he is a lifetime senior member of the ACM, which has named him a Distinguished Speaker; and has been named a Fellow of the ISSA (Information System Security Association). Stefano is also a co-founder and chairman of Secure Network, a leading cybersecurity assessment firm, and a co-founder of BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.
Can Language Models Help to Design more Cybersecure Software?
Miroslaw Staron (Chalmers)
Abstract: Working with cybersecurity entails analysis of source code and identifying vulnerabilities in the code base. Usually, this is done using dedicated tools and/or during dedicated testing scenarios. The analyses are based on pre-defined rules, developed by cybersecurity specialists and security engineers. However, the number of cybersecurity threats grows faster than the number of tools and rules defined in them. In this talk, we explore the idea of using modern language models (e.g., GPT-3) to design tools for identifying vulnerabilities based on parsing source code provided in CVE/CWEs. As these models have shown large potential for identifying similarities in other use cases (e.g., to identify design patterns), there is a potential for use of these models to find cybersecurity vulnerabilities in source code.
Bio: Miroslaw Staron is a Professor in Software Engineering at the Department of Computer Science and Engineering at the University of Gothenburg, Sweden. He obtained his PhD in Software Engineering in 2005 from Blekinge Institute of Technology. His research interests are centered around industrial software engineering with the emphasis on software metrics, measurement processes and model driven software engineering. Dr. Staron has been collaborating with Ericsson, Volvo Information Technology, Telelogic, Volvo Car Corporation, RUAG Space and recently Saab AB.
Access Control in Dynamic Industrial Automation and Control Systems
Björn Leander (MDU, ABB)
Abstract: Industrial control systems are undergoing a transformation driven by business requirements as well as technical advances, aiming towards increased connectivity, flexibility and high level of modularity, which consequently implies a need to revise existing cybersecurity measures. Access control, being one of the major security mechanisms in any system, is largely affected by these advances. Certain system types will by their nature be dynamic, i.e., the composition and functionality of the system is not well defined at design time. This short talk will describe current challenges and provide some solutions in the area of access control policy formulation and enforcement in such dynamic systems.
Bio: Björn Leander graduated as a M.Sc in Computer Science and Control Theory, from Luleå University of Technology in 2002. After working with many aspects of software development, he started at ABB in 2014, where he now works as a cybersecurity engineer at ABB Industrial Automation, Process Control Platform, working in R&D projects related to engineering and control. In 2019 he continued his academic career as an industrial PhD Student at Mälardalen University as part of the ARRAY postgraduate school. His research area is within the intersection of industrial automation systems, the industrial internet and cybersecurity, with an orientation toward access control.
Access On the Power of Smart Contracts—The Good and The Bad
Ghada Almashaqbeh (University of Connecticut)
Abstract: Cryptocurrencies and blockchain technology continue to build innovative computing models and economic tools that can reshape the services and systems around us. Fueled by the huge interest this technology received, researchers and practitioners alike are racing to build new applications and improve existing ones. Smart contracts facilitate this process; individuals can deploy arbitrary code on a blockchain, allowing for trustless collaboration between participants under terms enforced by the contract execution. More recently, the concept of oracles has been introduced; these are external services that supplement a smart contract with information about real-world events.
This talk will explore the role of smart contracts in two topics: The good, namely, distributed resource markets that facilitate a blockchain to build decentralized digital services, e.g., file storage and online content delivery. We will discuss the security and performance challenges such markets encounter. And the bad, namely, criminal smart contracts, where smart contracts combined with oracles can be used to orchestrate collaborative attacks against real world targets (such as DDoS, ransomware, murder, etc.). The talk will discuss this concept and a framework that we devised to show how such attacks can be performed.
Bio: Ghada Almashaqbeh is an assistant professor of Computer Science and Engineering at the University of Connecticut. Her research interests span cryptography, privacy, and systems security with a large focus on blockchains and their applications. Ghada received her PhD from Columbia in 2019. Before joining UConn, she spent a while exploring the entrepreneurship world; she was a Cofounder and Research Scientist at CacheCash, and then a Cryptographer at NuCypher. Ghada is an affiliated member at the Connecticut Advanced Computing Center (CACC) and the Engineering for Human Rights Initiative at UConn, and a scientific advisor for Sunscreen Tech and The Melon.
Integrating Design-time and Run-time Methods for Detecting Cyber-Attacks: Marjan Sirjani (Mälardalen University)
Abstract: In this talk I will explain our method for detecting cyber-attacks on CPS using formal verification at design time, and runtime monitoring during operation. We develop a monitor that uses an abstract digital twin, the so-called Tiny Twin, to detect false sensor data and faulty control commands. The Tiny Twin is a state transition diagram that represents the required behavior of the system, observable from the monitor point of view. We model the components of the system and the physical processes using Rebeca modeling language and use its model checker to generate the state space. The Tiny Twin is built automatically by reducing the state space, keeping the observable behavior of the system, and preserving the trace equivalence. Lingua Franca language is used to develop the system and run the simulations. I show the method using a few case studies. In our future work we will focus on causality and finding the sources of anomalies and vulnerabilities. We will also focus on human interactions with the systems and trustworthiness.
Bio: Marjan Sirjani is a Professor at Mälardalen University, and the leader of Cyber-Physical Systems Analysis research group. Her main research interest is applying formal methods in Software Engineering. She works on modeling and verification of concurrent, distributed, timed, and self-adaptive systems. Marjan and her research group are pioneers in building model checking tools, compositional verification theories, and state-space reduction techniques for actor-based models. She has been working on analyzing actors since 2001 using the modeling language Rebeca (http://www.rebeca-lang.org). Her research is now focused on safety and security assurance and performance evaluation of cyber-physical and autonomous systems. Marjan has been the PC member and PC chair of several international conferences including SEFM, iFM, Coordination, FM, FMICS, SAC, FSEN, and DATE. She is an editor of the journal of Science of Computer Programming.