2024 INTERSCT. Conference
Introduction
With the Internet-of-Things (IoT) we are seamlessly connecting the cyber and the physical worlds extending the risk area to safety requiring a broader perspective on security. IoT is turning out to be one of the weakest spots in our infrastructure. With billions and in the near future potentially trillions of devices, the security risks are growing at great rates. Our economic and societal forces are creating a perfect storm, a pervasive infrastructure of trillions of IoT devices which on one hand will oversee our lives and economy, and on the other hand will be completely unmanageable from a security perspective.
To compound the risk, IoT systems are often devised and engineered in places where we have no control on, and unless we want to basically surrender our digital sovereignty by only relying on foreign solutions for our national cyber security, we need to find a way to secure them regardless of provenance and built-in malicious intents.
We cannot secure something we cannot manage, we need to rethink the security paradigm, delegating part of the security management to the system that needs to autonomously adapt to the changing environment, while remaining under our supervision, and rethink accordingly all our security technologies. We need to be able to design, develop and manufacture IoT systems-of-systems in a fundamentally different way enabling the overall system to become robust, resilient and trustworthy, even in the presence of individual IoT devices that are insecure or even compromised in a Zero-trust environment and providing the right ecosystem for their wide adoption within industry. We actually need to be able to design, develop and manufacture new types of IoT devices with security-by-design, security-by-default, robustness and resilience in mind; while continuously preserving all safety requirements, these devices must pro-actively manage their security, actively respond to attacks, recover from attacks, resume and restore themselves to a predefined level of operation following an attack etc.,
During the 2024 INTERSCT. Conference on cyber security of Internet-of-Things, on 28 May at Eindhoven University of Technology, we will address many of these issues with an impressive line-up of invited speakers, panelists, and moderators. There will be keynote addresses by Mr. Bart Groothuis, two series of parallel sessions related to the various work packages in the NWO NWA INTERSECT project (Design, Defense, Attack, and Governance), a series of plenary sessions related to the state-of-the-art in cyber security of Internet-of-Things, as well as a networking lunch and a networking reception at the end of the event.
Tentative programme
08:45 Reception + Networking
Coffee/Tea in Auditorium, Voorhof
09:25 Opening
Opening by prof. dr. Sandro Etalle in Auditorium, Blauwe Zaal
09:30 First series of parallel sessions related to WPs
WP2 Session on "Design"
Location: Auditorium, Blauwe Zaal
- Introduction by dr. Erik Poll (RU)
- Casper Schellekens (Fontys) on “Security Patterns for IoT in Practice“
- Sezen Acur (TNO) and Swarna Kumarswamy-Das (TNO) on “SOS! Security and Safety for Systems of Systems“
WP3 Session on "Defense"
Location: Auditorium, Senaatszaal
- Introduction by dr. Jerry den Hartog (TU/e)
- Stash Kempinski (TU/e and Secura) on “Attacking Operational Technology without the need for specialized knowledge: the rise of a new threat actor profile“
- Remi Hendriks (UT) on “Detection of ECMP load balancing on internet scale“
- Reza Esmaili (HvA) and Lindomar Minguel on “Ecosystem Digital Security region Amsterdam-Amstelland – An experience in security ecosystem building“
10:45 Break
Coffee/Tea in Auditorium, Voorhof
11:15 Second series of parallel sessions related to WPs
WP4 Session on "Attack"
Location: Auditorium, Blauwe Zaal
- Introduction by prof. dr. ir. Herbert Bos (VU)
and dr. Cristiano Giuffrida (VU) - Ringo Groenewegen (VU/TNO) on “Cryptanalysis Of Des: Backscattering As A Side-Channel“
- Luca Müller (RUG/TNO) on “Formalizing Coverage-guided Greybox Fuzzing with Deep Reinforcement Learning“
WP5 Session on "Governance"
Location: Auditorium, Senaatszaal
- Introduction by prof. dr. Michel van Eeten (TUD)
- Lorenz Kustosch (TUD) on “Patching Up: Stakeholder Experiences of Security Updates for Connected Medical Devices“
- N.N. (Philips) on patching medical devices
- Mattis van ‘t Schip (RU) on “The Cyber Resilience Act and Open-Source Software: Status Quo“
12:30 Lunch + Networking
Location: Auditorium, Voorhof
13:45 Plenary sessions
Location: Auditorium, Blauwe Zaal
13:45 Keynote address
by Mr. Bart Groothuis, Member of European Parliament on ‘European cyber security law making: does Brussels sufficiently address the challenges ahead?‘
Bart Groothuis (1981) is a member of the European Parliament on behalf of the Dutch People’s Party for Freedom and Democracy (VVD), which is part of the liberal political group Renew Europe. He is a member of the Industry, Research and Energy committee and a substitute member for the committee Security and Defence. In parliament, he focuses on cybersecurity, especially in his role as Rapporteur of the NIS II Directive, the energy transition and disinformation & foreign interference. Before Bart became member of the European Parliament in February 2020, he was head cybersecurity for the Dutch Ministry of Defence.
14:30 Presentation
by Mr. Ben Kokx (Philips) on “New and upcoming legislation and regulations for cyber security of products with a digital component”.
Ben Kokx has over twenty years of security and privacy experience within Philips. For the last decade, as Directory Product Security, he is responsible for security related standards & regulations and the global Philips Product Security Policy and Process Framework. Ben is a healthcare and IoT security expert who leads and participates in several industry associations and standard development organizations. Ben is, as the convenor of CEN/CENELEC JTC 13/WG 6 on product security, closely involved with the development of security standards to be used in European legislation.
15:15 Presentation
by Mr. Ruben van Well (Politie, Cybercrime)
16:00 Presentation
by to be determined
16:45 Closing
by prof. dr. Sandro Etalle (TU/e)
17:00 Reception + Networking
Location: Auditorium, Voorhof
Opportunities for collaboration
During the 2024 edition of the INTERSCT. Conference on cyber security of Internet-of-Things, there will again be opportunities to discuss possibilities for collaboration with organizations that are not a member of the INTERSECT public-private partnership. If you would be interested in a short meeting during the event to discuss such possibilities, please let us know via the registration.
FAQ
- TU/e is located next to the NS Eindhoven railway station
- TU/e is easily accessible via car. We recommend parking P1.