Events

Abstract: After cryptocurrencies, smart contracts are the second major innovation of the blockchain era. Leveraging the immutability and accountability of blockchains, these event-driven programs form the basis of a new form of digital economy with tokens, wallets, exchanges, and markets, but facilitate also new models of peer-to-peer organizations. To judge the long-term prospects of particular projects and the technology in general, […]

Abstract: As the number of commercial IoT devices grows, so do cyberattacks that target and exploit vulnerabilities on them. Given that some of the attack vectors used in the wild against IoT devices might be novel or not well understood, it is important to have up-to-date threat intelligence regarding them, in order to be able to coordinate quick remediation steps on devices […]

Abstract: During the past two years, we have been hacking (and securing) industrial robots. They are complex cyber-physical systems, they are used in critical installations, and they entail almost every possible risk, from safety to economical damage.

In this talk we will review the main results from our research: a complete attacker and threat model for industrial robots; robot-specific cyberattacks that violate the […]

Abstract: Theoretical results in cryptography and distributed computing are always proved relative to some formal model that is intended to accurately capture the real world. We focus here on the effect of different network models on the feasibility of various tasks related to consensus. First, we highlight assumptions about the power of adaptive adversaries in distributed protocols, noting that while […]

Abstract: This talk gives an overview of two recently developed general classes of practical techniques for validating compilers – equivalence modulo input (EMI) testing, and skeletal program enumeration (SPE) – and a continuous, extensive effort in applying/adapting them to find and report thousands of bugs across a range of production and research compilers for C/C++ (GCC, Clang/LLVM, ICC, CompCert), Scala, Rust, […]

Abstract: In the talk, I will discuss two subjects of crucial importance for critical infrastructures: safety and security. Solutions provided by several ‘smart’ ideas: smart grids, smart cities, smart production, depend on exchange of data. Frequently, broadcasts of raw data is used, which is not secure at all. In the wrong hands data can reveal sensitive information and may also be […]

Title: Safety and Security of Infrastructures.

Abstract: In the talk, I will discuss two subjects of crucial importance for critical infrastructures: safety and security.  Solutions provided by several ‘smart’ ideas: smart grids, smart cities, smart production, depend on exchange of data. Frequently, broadcasts of raw data is used, which is not secure at all. In the wrong hands data can reveal […]

Abstract: This new laboratory will be able to reproduce water infrastructures such as district heating, water distribution and wastewater collection as well as their interconnection with the power grid. This modular laboratory will allow the users to configure different topologies and scenarios. Thus, it will make possible to test control strategies in a realistic environment before the real implementation. Therefore, the […]

Abstract: Security-critical infrastructures like the power grid have substations whose controllers are vulnerable to attacks, including zero-day attacks. Attacks against the control code of a power grid station can be catastrophic. Earlier detection of the attacks can prevent further damage. We propose a data-driven, deep learning architecture to detect anomalous behavior in a power-grid controller. The deep learning training is done on […]

Abstract: Runtime integrity assessments of software can be done using cyclic networks of monitors that periodically compute checksums of the code in memory. One problem is that these checkers are comparatively easy to spot: programs usually don’t read their own code. Oblivious hashing has been proposed as a more stealthy technique to perform state inspection for integrity assessments – but is restricted […]