Workshop on Cybersecurity at Mälardalen University

Welcome to the second Software Center workshop on Cyber-Security at Mälardalen University: September 7, R Building (and online) At the Software Center/MDU workshop we will bring together experts from academia and industry to talk about the problems, challenges, and solutions in the domain of cybersecurity. The workshop is an open hybrid event and will take place in the Milos (in the morning) and Omega (in the afternoon) conference rooms at Mälardalen University, Västerås (online participation is also possible). Necessary information will be distributed after registration.

View the videos from the previous Cybersecurity workshop at Mälardalen University in the Software Center YouTube channel >>

Registration:

Please register at this link: https://forms.gle/gwK3x5q8H3cd4kWN7

Agenda & rooms:

10.00 – 12.00: Milos Conference Room

10:00 – 10:05 Marjan Sirjani (MDU): Welcome
10:05 – 10:30 Stefano Zanero (Politecnico di Milano university): Automotive Security: to br(e)ak(e) is easier than to patch
10:30 – 11:00 Miroslaw Staron (Chalmers): Can Language Models Help to Design more Cybersecure Software?
11:00 – 11:30 Pierre Kleberger (RISE): Interplay between Safety and Cybersecurity in Vehicle Development
11:30 – 12:00 Sara Abbaspour (MDU): Cyberattacks: Modeling, Analysis, and Mitigation

 Café Origo
12:00 to 13:30 Lunch and Mingling

13.30 – 17.00: Omega Conference Room
13:30 – 14:00 Marjan Sirjani (MDU): Integrating Design-time and Run-time Methods for Detecting Cyber-Attacks
14:00 – 14:30 Björn Leander (MDU, ABB): Access Control in Dynamic Industrial Automation and Control Systems
14:30 – 15:00 Ghada Almashaqbeh (University of Connecticut): Access On the Power of Smart Contracts—The Good and The Bad
15:00 – 15:15 Coffee Break
15:15 – 16:00 Panel and Discussion
16:00 – 16:45 Marsha Chechik (University of Toronto): A Software Engineer’s take on Safety, Assurance and Reliability
16:45 – 17:00 Marjan Sirjani (MDU): Closing

Find the way to Mälardalen University:

Map and directions in google maps >>

Presentations & speakers

Automotive Security: to br(e)ak(e) is easier than to patch: Stefano Zanero

Abstract: First, we will present a selective denial-of-service attack against the CAN standard which does not involve the transmission of any complete frames for its execution. This type of attack is obviously not detectable via frame-level analysis, which makes most currently proposed detection systems useless. As the attack is based on CAN protocol weaknesses, all CAN bus implementations by all manufacturers were, and are, vulnerable.

After showing a proof-of-concept, we will move on to the much harder part of proposing a possible countermeasure for detecting and preventing such an attack, along with our implementation experience and some thoughts around this and other attacks that may arise from the CAN bus protocol itself.

We will also outline our research on anomaly detection for CAN networks based on LSTM autoencoders, as well as our evaluation of the best combination of different IDS techniques to increase detection performances in real world scenarios.

We will also briefly discuss our upcoming research accepted at CCS 2022, related to CAN polyglots.

Bio: Stefano Zanero received a PhD in Computer Engineering from Politecnico di Milano, where he is currently an associate professor at the Dipartimento di Elettronica, Informazione e Bioingegneria. His research focuses on malware analysis, cyberphysical security, and cybersecurity in general. Besides teaching “Computer Security” and “Digital Forensics and Cybercrime” at Politecnico, he has an extensive speaking and training experience in Italy and abroad. He co-authored over 90 scientific papers and books. He is a Senior Member of the IEEE and sits in the Board of Governors of the IEEE Computer Society; he is a lifetime senior member of the ACM, which has named him a Distinguished Speaker; and has been named a Fellow of the ISSA (Information System Security Association). Stefano is also a co-founder and chairman of Secure Network, a leading cybersecurity assessment firm, and a co-founder of BankSealer, a startup in the FinTech sector that addresses fraud detection through machine learning techniques.

Can Language Models Help to Design more Cybersecure Software?
Miroslaw Staron

Abstract: Working with cybersecurity entails analysis of source code and identifying vulnerabilities in the code base. Usually, this is done using dedicated tools and/or during dedicated testing scenarios. The analyses are based on pre-defined rules, developed by cybersecurity specialists and security engineers. However, the number of cybersecurity threats grows faster than the number of tools and rules defined in them. In this talk, we explore the idea of using modern language models (e.g., GPT-3) to design tools for identifying vulnerabilities based on parsing source code provided in CVE/CWEs. As these models have shown large potential for identifying similarities in other use cases (e.g., to identify design patterns), there is a potential for use of these models to find cybersecurity vulnerabilities in source code.

Bio: Miroslaw Staron is a Professor in Software Engineering at the Department of Computer Science and Engineering at the University of Gothenburg, Sweden. He obtained his PhD in Software Engineering in 2005 from Blekinge Institute of Technology. His research interests are centered around industrial software engineering with the emphasis on software metrics, measurement processes and model driven software engineering. Dr. Staron has been collaborating with Ericsson, Volvo Information Technology, Telelogic, Volvo Car Corporation, RUAG Space and recently Saab AB.

Interplay between Safety and Cybersecurity in Vehicle Development: Pierre Kleberger

Abstract: In this talk, we look at the challenges in interplay between safety and cybersecurity and assess whether these processes can be aligned and improved for the automotive domain. We also assess cybersecurity mechanisms’ impact on safety – which mechanisms may improve safety or may actually have a negative impact on vehicle safety. Finally, we conclude by highlighting possible ways forward.

Bio: Pierre Kleberger is a researcher in the Dependable Transport Systems Unit at RISE. His main research area is in automotive cybersecurity and interplay between safety and cybersecurity. Pierre received his PhD from Chalmers University of Technology in 2015 working on securing vehicle diagnostics and in-vehicle networks of connected cars.

Cyberattacks: Modeling, Analysis, and Mitigation: Sara Abbaspour

Abstract: Industrial cybersecurity has risen as an important topic of research nowadays. The heavy connectivity by the Internet of Things (IoT) and the growth of cyberattacks against industrial assets cause this rise and attract attention to the cybersecurity field. While fostering current software applications and use-cases, the ubiquitous access to the Internet has also exposed operational technologies to new and challenging security threats that need to be addressed. As the number of attacks increases, their visibility decreases. An attack can modify the Cyber-Physical Systems (CPSs) quality to avoid proper quality assessment. They can disrupt the system design process and adversely affect a product’s design purpose.

In this talk, we explore our proposed approach on how to model, analyze, and mitigate cyberattacks in CPSs. We model the normal behavior of the application as well as cyberattacks with the help of the Microsoft threat modeling approach (STRIDE) and Threat Analysis and Risk Assessment (TARA). The results can be used to improve the system design to overcome the vulnerabilities.

Bio: Sara Abbaspour is an associated senior lecturer and researcher working in the Cyber-Physical Systems Analysis group at Mälardalen University in Västerås, Sweden. Her main research interests include safety and security-relevant cyber-physical systems; Debugging, testing and runtime verification of concurrent and parallel software. She was a Post Doc researcher from 2018 until 2020 at Mälardalen University. She has completed her PhD and defended her PhD thesis entitled “Concurrency Bugs: Characterization, Debugging and Runtime Verification” in 2018. Before starting PhD, she worked as a researcher and developer in various aspects of the industrial environment such as Mobile Development Systems, Smart Cards and RFID Technologies, Software System Testing and Multimedia Technologies.

Integrating Design-time and Run-time Methods for Detecting Cyber-Attacks: Marjan Sirjani

Abstract: In this talk I will explain our method for detecting cyber-attacks on CPS using formal verification at design time, and runtime monitoring during operation. We develop a monitor that uses an abstract digital twin, the so-called Tiny Twin, to detect false sensor data and faulty control commands. The Tiny Twin is a state transition diagram that represents the required behavior of the system, observable from the monitor point of view. We model the components of the system and the physical processes using Rebeca modeling language and use its model checker to generate the state space. The Tiny Twin is built automatically by reducing the state space, keeping the observable behavior of the system, and preserving the trace equivalence. Lingua Franca language is used to develop the system and run the simulations. I show the method using a few case studies. In our future work we will focus on causality and finding the sources of anomalies and vulnerabilities. We will also focus on human interactions with the systems and trustworthiness.

Bio: Marjan Sirjani is a Professor at Mälardalen University, and the leader of Cyber-Physical Systems Analysis research group. Her main research interest is applying formal methods in Software Engineering. She works on modeling and verification of concurrent, distributed, timed, and self-adaptive systems. Marjan and her research group are pioneers in building model checking tools, compositional verification theories, and state-space reduction techniques for actor-based models. She has been working on analyzing actors since 2001 using the modeling language Rebeca (http://www.rebeca-lang.org). Her research is now focused on safety and security assurance and performance evaluation of cyber-physical and autonomous systems. Marjan has been the PC member and PC chair of several international conferences including SEFM, iFM, Coordination, FM, FMICS, SAC, FSEN, and DATE. She is an editor of the journal of Science of Computer Programming.

Access Control in Dynamic Industrial Automation and Control Systems: Björn Leander

Abstract: Industrial control systems are undergoing a transformation driven by business requirements as well as technical advances, aiming towards increased connectivity, flexibility and high level of modularity, which consequently implies a need to revise existing cybersecurity measures. Access control, being one of the major security mechanisms in any system, is largely affected by these advances. Certain system types will by their nature be dynamic, i.e., the composition and functionality of the system is not well defined at design time. This short talk will describe current challenges and provide some solutions in the area of access control policy formulation and enforcement in such dynamic systems.

Bio: Björn Leander graduated as a M.Sc in Computer Science and Control Theory, from Luleå University of Technology in 2002. After working with many aspects of software development, he started at ABB in 2014, where he now works as a cybersecurity engineer at ABB Industrial Automation, Process Control Platform, working in R&D projects related to engineering and control. In 2019 he continued his academic career as an industrial PhD Student at Mälardalen University as part of the ARRAY postgraduate school. His research area is within the intersection of industrial automation systems, the industrial internet and cybersecurity, with an orientation toward access control.

Access On the Power of Smart Contracts—The Good and The Bad: Ghada Almashaqbeh

Abstract: Cryptocurrencies and blockchain technology continue to build innovative computing models and economic tools that can reshape the services and systems around us. Fueled by the huge interest this technology received, researchers and practitioners alike are racing to build new applications and improve existing ones. Smart contracts facilitate this process; individuals can deploy arbitrary code on a blockchain, allowing for trustless collaboration between participants under terms enforced by the contract execution. More recently, the concept of oracles has been introduced; these are external services that supplement a smart contract with information about real-world events.

This talk will explore the role of smart contracts in two topics: The good, namely, distributed resource markets that facilitate a blockchain to build decentralized digital services, e.g., file storage and online content delivery. We will discuss the security and performance challenges such markets encounter. And the bad, namely, criminal smart contracts, where smart contracts combined with oracles can be used to orchestrate collaborative attacks against real world targets (such as DDoS, ransomware, murder, etc.). The talk will discuss this concept and a framework that we devised to show how such attacks can be performed.

Bio: Ghada Almashaqbeh is an assistant professor of Computer Science and Engineering at the University of Connecticut. Her research interests span cryptography, privacy, and systems security with a large focus on blockchains and their applications. Ghada received her PhD from Columbia in 2019. Before joining UConn, she spent a while exploring the entrepreneurship world; she was a Cofounder and Research Scientist at CacheCash, and then a Cryptographer at NuCypher. Ghada is an affiliated member at the Connecticut Advanced Computing Center (CACC) and the Engineering for Human Rights Initiative at UConn, and a scientific advisor for Sunscreen Tech and The Melon.

A Software Engineer’s take on Safety, Assurance and Reliability: Marsha Chechik

Abstract: From financial services platforms to social networks to vehicle control, software has come to mediate many activities of daily life. Governing bodies and standards organizations have responded to this trend by creating regulations and standards to address issues such as safety, security and privacy. In this environment, the compliance of software development to standards and regulations has emerged as a key requirement. Compliance claims and arguments are often captured in assurance cases, with linked evidence of compliance. Evidence can come from test cases, verification proofs, human judgment, or a combination of these. That is, we try to build (safety-critical) systems carefully according to well-justified methods and articulate these justifications in an assurance case that is ultimately judged by a human.

Building safety arguments for traditional software systems is difficult — they are lengthy and expensive to maintain, especially as software undergoes change. Safety is also notoriously non-­compositional — each subsystem might be safe but together they may create unsafe behaviors. It is also easy to miss cases, which in the simplest case would mean developing an argument for when a condition is true but missing arguing for a false condition. Furthermore, many ML-based systems are becoming safety-critical. For example, recent Tesla self-driving cars misclassified emergency vehicles and caused multiple crashes. ML-based systems typically do not have precisely specified and machine-verifiable requirements. While some safety requirements can be stated clearly: “the system should detect all pedestrians at a crossing”, these requirements are for the entire system, making them too high-level for safety analysis of individual components. Thus, systems with ML components (MLCs) add a significant layer of complexity for safety assurance.

I argue that safety assurance should be an integral part of building safe and reliable software systems, but this process needs support from advanced software engineering and software analysis. In this talk, I outline a few approaches for development of principled, tool-supported methodologies for creating and managing assurance arguments. I then describe some of the recent work on specifying and verifying reliability requirements for machine-learned components in safety-critical domains.

Bio: Marsha Chechik is Professor in the Department of Computer Science, and Acting Dean in the Faculty of Information at the University of Toronto. She received her Ph.D. from the University of Maryland. Prof. Chechik’s research interests are in the application of formal methods to improve the quality of software. She has authored over 200 papers in formal methods, software specification and verification, computer safety and security and requirements engineering. Marsha Chechik is Program Chair of the 2023 International Conference on Formal Methods (FM’23).  She has been Program Committee Co-Chair of the 2021 International Conference on Foundations of Software Engineering (ESEC/FSE’21), 2018 International Conference in Software Engineering (ICSE’18), 2016 International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’16), the 2016 Working Conference on Verified Software: Theories, Tools, and Experiments (VSTTE16), the 2014 International Conference on Automated Software Engineering (ASE’14), the 2008 International Conference on Concurrency Theory (CONCUR’08), the 2008 International Conference on Computer Science and Software Engineering (CASCON’08), and the 2009 International Conference on Formal Aspects of Software Engineering (FASE’09). She is a Distinguished Member of ACM, a Vice Chair of ACM SIGSOFT, and holds a Bell University Chair in Software Engineering.