8th ACM Cyber-Physical System Security Workshop
(CPSS 2022)

held in conjunction with ACM AsiaCCS'22
Nagasaki, Japan, May 30 - June 2, 2022

Dates | CFP | Submission | Organizers | Program | Registration | Venue | Contact | Proceedings | CPSS

Important Dates

Submissions Due:
Camera-ready Due:
  December 3, 2021   December 17, 2021 (23:59 AoE)
 February 8, 2022
 March 7, 2022   April 3, 2022
 May 30, 2022

Call for Papers  

Cyber-Physical Systems (CPS) of interest to this workshop consists of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome. Topics of interest include, but are not limited to:

  • Attack detection for CPS
  • Authentication and access control for CPS
  • Autonomous vehicle security
  • Availability and auditing for CPS
  • Blockchain for CPS security
  • Data security and privacy for CPS
  • Deception technologies for CPS
  • Digital twins for CPS
  • Embedded systems security
  • Formal methods in CPS
  • Industrial control system security
  • IoT security
  • Legacy CPS system protection
  • Lightweight crypto and security
  • Maritime cyber security
  • Recovery from cyber attacks
  • Security and risk assessment for CPS
  • Security architectures for CPS
  • Security by design for CPS
  • Smart grid security
  • Threat modeling for CPS
  • Transportation system security
  • Vulnerability analysis for CPS
  • Wireless sensor network security

Submission Instructions

Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, workshop, or conference with proceedings. The review process is single-blinded, i.e., the papers should not be anonymized. Submissions must be in double-column ACM SIG Proceedings format, and should not exceed 12 pages. We also welcome position papers describing work in progress, Systematization of Knowledge papers (distinguished with “SOK:” in the title), and papers describing novel testbeds. Only pdf files will be accepted. Authors of accepted papers must guarantee that their papers will be presented at the workshop. At least one author of the paper must be registered at the appropriate conference rate. Accepted papers will be published in the ACM Digital Library. There will also be a best paper award.

Paper submission site: Easychair Link.


Steering Committee
Dieter Gollmann (Hamburg University of Technology, Germany)
Ravishankar Iyer (UIUC, USA)
Douglas Jones (UIUC, USA)
Javier Lopez (University of Malaga, Spain)
Jianying Zhou (SUTD, Singapore) – Chair

Program Chairs
Alvaro Cardenas (University of California Santa Cruz, USA)
Daisuke Mashima (Illinois at Singapore Pte Ltd and National University of Singapore, Singapore)

Web Chair
Muhammad M. Roomi (Illinois at Singapore Pte Ltd, Singapore)

Publicity Chair
Sang-yoon Chang (University of Colorado Colorado Springs, USA)
Subhash Lakshminarayana (University of Warwick, UK)

Publication Chair
Ertem Esiner (Illinois at Singapore Pte Ltd, Singapore)

Program Committee
Ali Abbasi (Ruhr-University Bochum, Germany) Cristina Alcaraz (University of Malaga, Spain)
Daniele Antonioli (EURECOM, France) Federica Battisti (University of Padova, Italy)
Binbin Chen (SUTD, Singapore) Shalabh Jain (BOSCH, US)
Sokratis Katsikas (NTNU, Norway) Marina Krotofil (Maersk, UK)
Nicola Laurenti (University of Padova, Italy) Javier Lopez (UMA, Spain)
Michail Maniatakos (New York University, Abu Dhabi) Aditya Mathur (SUTD, Singapore)
Simin Nadjm-Tehrani (Linköping university, Sweden) Martín Ochoa (ETH Zürich, Switzerland)
Federica Pascucci (Università degli Studi Roma Tre, Italy) Liliana Pasquale (University College Dublin, Ireland)
Radha Poovendran (University of Washington, US) Awais Rashid (University of Bristol, UK)
Indrakshi Ray (Colorado State University, US) Anne Remke (WWU Münster, Germany)
Rodrigo Roman (University of Malaga, Spain) Neetesh Saxena (Cardiff University, UK)
Martin Strohmeier (University of Oxford, UK) Rui Tan (Nanyang Technological University, Singapore)
Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security, Germany) Johanna Ullrich (SBA Research, Austria)
Mark Yampolskiy (Auburn University, US) Katsunari Yoshioka (Yokohama National University, Japan)
Chia-Mu Yu (National Chung Hsing University, Taiwan) Stefano Zanero (Politecnico di Milano, Italy)
Sencun Zhu (The Pennsylvania State University, US) Saman Zonouz (Rutgers University, US)


The use of differential privacy for energy data
Prof. Anna Scaglione (Cornell Tech, Cornell University, New York)

In the last ten years the energy sector as significantly increased its data collection capabilities. Along with that, the issue of data privacy has been exacerbated, particularly due to a growing amount of measurements collected in distribution systems. These data can reveal users behavior and expose retail market vulnerabilities, such as times of congestion in the system. At the same time, allowing the analysis of measurements data can help in the development of third parties technologies for responsive loads, in buildings and in electrified transportation, and can spur greater investment in the deployment renewable energy, by highlighting market opportunities. Finally, because the tie-lines of the physical grid allows failures to spread across management boundaries, we argue that sharing information across such boundaries and with government agencies can alert about security threats. The electric power sector is trying to codify policies, such as the 15 x 15 rule, to regulate the publication of utility data statistics. As we explain in this talk, the approach is ineffective in protecting privacy if repeated queries are allowed. In fact, that is exactly the type of issue that differential privacy mechanisms are designed to address. In this talk we will review the differential privacy framework and focus on its tailored application to querying electric power systems data. Specifically, we will provide examples in which differentially private mechanisms can be optimized for queries of interest in the energy sector, in the sense of giving the best trade-off in terms of privacy and accuracy of the query response. We will also show that the use of such mechanisms can help design differentially private databases for further analysis and for research.

About the speaker:
Anna Scaglione (M.Sc.'95, Ph.D. '99) is currently a professor in electrical and computer at Cornell Tech, the New York City campus of Cornell University, Prior to that she held faculty positions at Arizona State University, the University of California at Davis, Cornell University (the first time) and the University of New Mexico. She is IEEE fellow since 2011 and received the 2013, IEEE Donald G. Fink Prize Paper Award, the 2000 IEEE Signal Processing Transactions Best Paper Award the NSF CAREER grant (2002). She is co-recipient with her students of several best student papers awards at conferences and received the 2013 IEEE Signal Processing Society Young Author Best Paper Award with one of the PhD students. She was Distinguished Lecturer of the Signal Processing Society in 2019 and 2020, when most of her travel was cut short by the pandemic. Dr. Scaglione's expertise and research considers theoretical and applied problems is in statistical signal processing, communications theory and cyber-physical infrastructures for sustainable energy delivery systems, where her work has focused on addressing security and optimization challenges.

Fighting IoT Cyberattacks: Device Discovery, Attack Observation and Security Notification
Assoc. Prof. Katsunari Yoshioka (Yokohama National University, Japan)

IoT device security has become one of the most important and challenging topics in recent years. In this talk, I will describe an observation framework we have developed and implemented to actively and passively observe insecure IoT devices and attacks against them. Our engines have discovered a wide range of insecure and/or compromised devices from consumer-level to those deployed at infrastructures. I will also explain a series of security notifications we have made to inform the stakeholders including device operators, manufacturers, and owners via ISPs, security apps, and a web service.

About the speaker:
Katsunari Yoshioka is an Associate Professor in the Graduate School of Environment and Information Sciences, Yokohama National University, Japan. Before joining Yokohama National University, he was a researcher at the National Institute of Information and Communications Technology, Japan. His research interests cover a wide area of system security and network security including malware analysis and IoT security. For his works on network attack observation and security notifications, he has received various awards including the commendation for science and technology by the Ministry of Education, Culture, Sports, Science and Technology and the Culture of Information Security Award in Japan. He received a Ph.D. in Engineering from Yokohama National University.

Workshop Program (Important Note: Japanese Standard Time (JST))

08:30 – 08:45 Workshop Opening
08:45 – 09:45
Keynote 1 (Virtual Presentation)
Session Chair: Alvaro Cardenas (University of California, Santa Cruz)
The use of differential privacy for energy data
Prof. Anna Scaglione (Cornell Tech, Cornell University, New York)
09:45 – 10:00
10:00 – 11:30
Session 1: "Energy and Embedded Systems" (Virtual Presentations)
Session Chair: Jianying Zhou (Singapore University of Technology and Design)

  • Robust Anomaly based Attack Detection in Smart Grids under Data Poisoning Attacks
    Shameek Bhattacharjee, Mohammad Jaminur Islam and Sahar Abedzadeh.
  • Private and Secure Smart Meter Billing
    Mohammed Ababneh, Kartick Kolachala and Roopa Vishwanathan.
  • Detecting Secure Memory Deallocation Violations with CBMC
    Vinayak Prabhu, Mohit Singh, Indrajit Ray, Indrakshi Ray and Sudipto Ghosh.
11:30 – 13:30
13:30 – 14:30
Keynote 2 (In-person Presentation)
Session Chair: Daisuke Mashima (Illinois at Singapore Pte Ltd)
Fighting IoT Cyberattacks: Device Discovery, Attack Observation and Security Notification
Assoc. Prof. Katsunari Yoshioka (Yokohama National University, Japan)
14:30 – 15:30
Session 2: "IoT and Smart Manufacturing" (In-person Presentations)
Session Chair: Katsunari Yoshioka (Yokohama National University)
  • Robust, Effective and Resource Efficient Deep Neural Network for Intrusion Detection in IoT Networks
    Idris Zakariyya, Harsha Kalutarage and M. Omar Al-Kadri.
  • 3D-Mold’ed In-Security: Mapping Out Security of Indirect Additive Manufacturing
    Grant Parker, Eric MacDonald, Theo Zinner and Mark Yampolskiy.
15:30 – 16:00
16:00 – 17:30
Session 3: "Trustworthy CPS" (Virtual Presentations)
Session Chair: Cristina Alcaraz (University of Malaga)
  • Context-Aware Drone Detection
    Gabriele Oligeri and Savio Sciancalepore.
  • A False Sense of Security? Revisiting the State of Machine Learning-Based Industrial Intrusion Detection
    Dominik Kus, Eric Wagner, Jan Pennekamp, Konrad Wolsing, Ina Berenice Fink, Markus Dahlmanns, Klaus Wehrle and Martin Henze.
  • An REE-independent Approach to Identify Callers of TEEs in TrustZone-enabled Cortex-M devices
    Antonio Ken Iannillo, Sean Rivera, Darius Suciu, Radu Sion and Radu State.
Closing Remarks


E-mail:           acmcpss2022@easychair.org
CPSS Home:   http://jianying.space/cpss/

Updated: September 21, 2021