Full Description
This book constitutes the refereed proceedings of seven International Workshops which were held in conjunction with the 27th European Symposium on Research in Computer Security, ESORICS 2022, held in hybrid mode, in Copenhagen, Denmark, during September 26-30, 2022.
The 39 papers included in these proceedings stem from the following workshops:
8th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2022, which accepted 8 papers from 15 submissions;
6th International Workshop on Security and Privacy Requirements Engineering, SECPRE 2022, which accepted 2 papers from 5 submissions;
Second Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2022, which accepted 4 full papers out of 13 submissions;
Third Cyber-Physical Security for Critical Infrastructures Protection, CPS4CIP 2022, which accepted 9 full and 1 short paper out of 19 submissions; Second International Workshop on Cyber Defence Technologies and Secure Communications at the Network Edge, CDT & SECOMANE 2022, which accepted 5 papers out of 8 submissions; First International Workshop on Election Infrastructure Security, EIS 2022, which accepted 5 papers out of 10 submissions; and First International Workshop on System Security Assurance, SecAssure 2022, which accepted 5 papers out of 10 submissions.
Chapter(s) 5, 10, 11, and 14 are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com.
Contents
CyberICPS 2022.- Towards Comprehensive Modeling of CPSs to Discover and Study Interde-pendencies.- Coordinated Network Attacks on Microgrid Dispatch Function: An EPIC Case Study.- Adversarial Attacks and Mitigations on Scene Segmentation of Autonomous Vehicles.- Threat Sensitive Networking: on the Security of IEEE 802.1CB and (un)Ef-fectiveness of Existing Security Solutions.- The effects of the Russo-Ukrainian war on network infrastructures through the lens of BGP.- Cybersecurity Awareness for Small and Medium-Sized Enterprises (SMEs): Availability and Scope of Free and Inexpensive Awareness.- A Framework for Developing Tabletop cybersecurity Exercies.- A Hybrid Dynamic Risk Analysis Methodology for Cyber-Physical Systems.- SECPRE 2022.- OntoCyrene: Towards Ontology-Enhanced Asset Modelling for Supply Chains in the context of Cyber Security.- Measuring the adoption of TLS Encrypted Client Hello extension and its forebearin the wild.-SPOSE 2022.- SPOSE 2022.- Influencing Factors for Users' Privacy and Security Protection Behavior in Smart Speakers: Insights from a Swiss User Study.- Towards a Security Impact Analysis Framework: A Risk-based and MITRE Attack Approach.- Data Protection Officers' Perspectives on Privacy Challenges in Digital Eco-systems.- Rebooting IT-Security - How Organisations Can Encourage and Sustain Se-cure Behaviours.- CPS4CIP 2022.- Resilience, Risk Assessment, and Secure communications.- Towards Reverse Engineering of Industrial Physical Processes.- Solutions for Protecting the Space Ground Segments: From risk assessment to emergency response.- Modelling and Simulation of Railway Networks for Resilience Analysis.- HoneyChart: Automated Honeypot Management Over Kubernetes.- ComSEC: Secure communications for baggage handling systems.- Methodology for resilience assessment for rail infrastructure considering cyber-physical threats.- Cyber-Physical Systems Security, Standards, and Datasets.- Coverage-guided fuzzing of embedded systems leveraging hardware tracing.- Challenges and Pitfalls in Generating Representative ICS Datasets in Cyber Security Research.- Securing Cyber-Physical Spaces with Hybrid Analytics: Vision and Reference Architecture.- A Precision Cybersecurity Workflow for Cyber-physical Systems: The IoT Healthcare Use Case.- CDT& SECOMANE 2022.- A Revisitation of Clausewitz's thinking from the Cyber Situational Aware-ness perspective.- Examining 5G technology-based applications for military communications.- Design of a validation model of the cognitive state in military operations in cyberspace.- Design and validation of a threat model based on "Cyber Kill Chain" applied to human factors.- The cloud continuum for military deployable networks: challenges and op-portunities.- EIS 2022.- Ballot-Polling Audits of Instant-Runoff Voting Elections with a DirichletTree Model.- Non(c)esuch Ballot-Level Comparison Risk-Limiting Audits.- Election Infrastructure.- Why is Online Voting Still Largely a Black Box?.- Connecting Incident Reporting Infrastructure to Election Day Proceedings.- Council of Europe Guidelines on the Use of ICT in Electoral Processes.- Security Assurance Methodology.- SAEOn: An Ontological Metamodel for Quantitative Security Assurance Evaluation.- A Comparison-Based Methodology for the Security Assurance of Novel Systems.- Security Assurance Technique.- Automation of Vulnerability Information Extraction using TransformerBased Language Models.- Product Incremental Security Risk Assessment using DevSecOps Practices.- SLIME: State Learning In the Middle of Everything for Tool-Assisted Vulnerability Detection.
