Pre-Program – Connect Security World 2017
Connect Security World - Embedding Trust in IoT Systems and Connected Hardware | Sept. 25-27, 2017 – Marseille, France

Pre-Program

This version is continuously updated and enriched with additional speakers: keep posted!
Update: June 21, 2017
PROGRAM AT A GLANCE
DAY 1 – Monday Sept. 25 AFTERNOON
Connect Security World Smart Security Week Innovation Live
PLENARY GRAND OPENING
Keynotes & panels addressing transversal topics of the Smart Security Week conferences

2.00pm: EXHIBITION OPENING

Welcome Cocktail
DAY 2 – Tuesday Sept. 26
Track 1 Track 2  
 
IoT Networks: Security Architectures to address future Attacks Securing the IoT for the Entreprise
All-day: Exhibition & Demos
IoT Networks: Security Measures Securing the IoT for the Entreprise
 
Crypto Advances in IoT Context
Exhibition & Demos
Endpoint Security for Sensitive Transactions ARMOUR Workshop
Enabling Security & Trust in the large-scale IoT
Smart Security Week Awards Ceremony
Gala Evening
DAY 3 – Wednesday Sept. 27
IoT & Cybersecurity Convergence: What Can Standards Do?
Exhibition & Demos
PUFs for IoT Devices
IoT Security: Trusted ID & Certification
Exhibition & Demos

DAY 1 - Monday September 25 Afternoon

2.00pm – 6.30pm: Opening Session | 3.50pm – 4.30pm: Coffee & Refreshment Break – Networking – Exhibition

PLENARY GRAND OPENING
Cooperative Cybersecurity for our Connected World

The Opening adresses transversal topics of the Smart Security Week conferences.

Part 1 – Large Scale Cybersecurity Initiatives Worldwide
Day 1
25 Sep 2017

European Union Cybersecurity Strategy: a new framework to deal with new challenges

Cooperation between States & Cybersecurity Agencies

Donna Dodson

US NIST Cybersecurity Framework 1.1: Achievements & Road Ahead (Title TBD)

Public-Private Partnerships on Cybersecurity

Ammar Jaffri

Regional Conflicts VS Cyber Conflicts… Need for Regional Cooperation

• Regional Conflicts are natural and has a History of Conflicts due to Number of Reasons
• There is an urgent need to bridge the Gaps in Cyber Space as Terrorists are getting benefit
• Only Cooperation in Cyber Space and timely sharing of Information may create confidence
• Gaps may be identified which can be used to trigger any Cyber War between Countries

PANEL DISCUSSION: Forging an United Response to Universal Cyber Threats

Part 2 – Preparing to Cyber Attacks: Security Industry Responses to Protect Data, Assets and People
Day 1
25 Sep 2017

IoT Security: EU’s certification and labelling for connected devices

Raghu K Dev

Cognitive Security and Threat Intelligence (Title TBD)

Telco’s Role

Helmut Scherzer

Reload the Responsible Internet Citizen – The Internet of the Future

• Personal Identity Card with free Digital Signature
• Signature for Internet Communication
• Wiki-Reality
• Name the ‘dark side’ of the power
• Privacy Initiative
• Back to the responsible Citizen
• Reality Check

Alain Ducass

PANEL DISCUSSION – Next Massive Attacks of Biometric Databases: Are We Ready?

Smart Security Week Innovation Live
2.00pm: Exhibition Opening
Welcome Cocktail

DAY 2 - Tuesday September 26

9.00am - 1.00pm: Break-out Sessions | 10.50 - 11.20am: Coffee & Refreshments Break – Networking – Exhibition

Track 1: Technology Advances
IoT Networks: Security Architectures to address future Attacks
Day 1
26 Sep 2017
Michael Schloh von Bennewitz

IoT Vulnerabilities under the Radar

• Legacy and modern network protocols
• Recent embedded and IoT exploitations
• Speculative future attack vectors
• Interfaces and defense strategies

Raimo Kantola

Cooperative Security for the Internet and 5G

• New experimental security architecture for the Internet and 5G
• Replacing NATs with Customer Edge Switches
• Manage all flows with policy so that all network security functions are on network edge
• Detection and sharing of security intelligence is ubiquitous in trust domains

Raoul Wijgergangs

Securing the IoT

• Security threats to the IoT devices
• Protocols to prevent hacks to IoT systems beyond the device level
• Smart home market adoption in-line with consumer confidence in device security

Track 2: Implementation & Standards
Securing the IoT for the Entreprise
Day 1
26 Sep 2017
Janne Uusilehto

KEYNOTE

Rich Boyer

IoT and the Implications for Security Inside and Outside the Enterprise

• The “exonet”: the security environment of someone else’s infrastructure which your infrastructure is highly connected to
• The challenge of managing security of your infrastructure sitting in someone else’s security realm, but directly acting as a gateway into yours
• A new layer on top of IoT infrastructure that supports protected, distributed, exonet infrastructures to maintain separation from someone else’s risk acceptance

Martin Wimmer

Blueprints for Industrial IoT Security

• Industrial IoT (IIoT) and Operational Technology (OT) provide distributed systems. Distributed system security has a long history.
• Well-known security mechanisms address other domains e.g. Web applications accessed by humans.
• IIoT and OT demand new as well as adopted security mechanisms/solutions
• No single, one-fits-all solution for IIoT/OT security will emerge but there can be common blueprints

Sylvain Barbeau

Product Security in Complex System Engineering

• Most of security concepts and regulation come from IT world. Challenge: transpose to flight ready industrial objects,
• Novelty : apply security concepts and technologies to entire system engineering,
• Interest : “inject” complex system engineering process with security, return of experience

IoT Networks: Security Measures
Day 1
26 Sep 2017
Mikael Dautrey

Working around the Security Versus Privacy Dilemna

• Internet traffic has massively shifted to ciphered (SSL) protocol
• Unciphering the internet traffic to filter it raises many concerns (privacy, security…)
• A different approach that combines both trust verification and traffic pattern analysis to avoid SSL gateways
• Modest evolutions of proxy protocols that may facilitate this nondeciphering traffic analysis approach

Madhu Madhusudhanan

Unlocking IoT

• Frictionless Access to IoT
• What is needed to go beyond novelty of IoT
• Which is easier? Flipping a switch to turn on light bulb, or launching an app and searching for option to turn on the light bulb?
• Role of IoT in real-world access control 5/ Brief intro to Google’s Eddystone and Physical web

Securing the IoT for the Entreprise
Day 1
26 Sep 2017
Thierry Spanjaard

Security solutions to Expand Smart IoT Markets

• Internet of Things (IoT) security trends, drivers and challenges
• IoT security solutions: software, hybrid and hardware
• Standardization and interoperability
• IoT security market trends

Richard Stamvik

Stories from the Edge: Securely Connecting Your Low Power IoT Devices from the Edge to the Cloud

• Challenges and requirements around protecting industrial IoT devices and data from the edge to the cloud
• A security framework for industrial IoT applications
• Case studies and practical steps to secure industrial IoT sensors and actuators using low power wide area and cellular radio technologies; controlling network elements; and managing data

Andrea Chiappetta

Critical Infrastructure Protection: Beyond the Hybrid Port and Airport Firmware Security

• Critical Infrastructure Protection in the field of Transports
• Unsecure firmwares linked to SCADA systems threaten the infrastructure protection
• Hybrid Port and Airport Firmware Security
• Case study on the vulnerability of IP CAMERAS

PANEL DEBATE: Security challenges of today’s enterprise IoT deployments

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 6.45pm: Break-out Sessions | 3.50 – 4.30pm: Coffee & Refreshments Break – Networking – Exhibition

Endpoint Security for IoT Devices: SE Approach
Day 1
26 Sep 2017
Dr. Eric Vétillard

A High-Resilience Platform for IoT

• Resilience, the ability to recover from an attack, an essential property
• Device authenticity and updatability are key for resilience
• High resilience can be achieved using a TEE and a formally proven isolation kernel
• Resilience is a key aspect for potential IoT security standardization

Gil Bernabeu

Securing the IoT Landscape

• The different levels of security that are required for the IoT world.
• Why a common understanding is required of what can be done in IoT devices from sensors to NFV platforms.
• Overview of the different security services and solutions that are required to deploy a range of services in the IoT world

Ullrich Martini

How to Personalize an Embedded Secure Element

• Scalable deployment of secure elements
• Scripted installation and personalization using public key cryptography
• Ecosystem and life cycle of secure IoT device
• Standardization necessity

Crypto Advances in IoT Context
Day 1
26 Sep 2017
Derek Atkins

A Lightweight, Quantum-Resistant IoT Authentication Solution

• How to add public-key authentication services into constrained devices
• Small code size, fast-running, quantum-resistant public-key authentication for IoT
• The interesting (and different) math that is the foundation of these techniques
• How to incorporate low-resource cryptography into your own IoT devices

Eric Järpe

A New Method for MIDI Steganography

• A means for communication without revealing even existence of communication
• Simple novel method using well-known MIDI format
• Evaluated by means of a multiple comparison audibility hypothesis test

Endpoint Security for Sensitive Transactions
Day 1
26 Sep 2017
Christian Damour

The Mobile Payments Security Puzzle – Finding the Right Pieces

• How to limit mobile payment risks? 2 Authenticate your customer
• Improve mobile payment security
• Mitigate payment fra

PANEL DEBATE: The Economics of IoT Security

ARMOUR Workshop
Enabling Security & Trust in the large-scale IoT

The EU project ARMOUR addresses Security and Trust issues on Internet of Things by providing duly tested, benchmarked and certified Security & Trust technological solutions for large-scale IoT
The workshop will gather its partners and IoT security stakeholders around its latest achievements and upcoming challenges.
ARMOUR 3 main goals:
• Enhancing FIRE (Future Internet Research and Experimentation) testbeds with an experimentation toolbox enabling large-scale IoT Security & Trust experiments
• Delivering methods and technologies for enabling Security & Trust in the large-scale IoT
• Defining a framework to support the design of Secure & Trusted IoT applications as well as establishing a certification scheme for setting confidence on Security & Trust IoT solutions
Day 1
26 Sep 2017
Bruno Legeard

ARMOUR Project Presentation

Patrick Guillemin

Status IoT Trust and Security Discussion from AIOTI (Alliance for IoT Innovation)

Gianmarco Baldini

Status and Issues in Current Certification for IoT

Benchmarking IoT Security

Panos Trakadas

Suggestion to Labelling

Abbas Ahmad

Test Approaches using Model based Testing-Demo

Franck le Gall

Question: Do we need Trust & Security Label

Q&A

Gala Evening

DAY 3 - Wednesday September 27

9.00 – 10.50am: Break-out Sessions | 10.50 – 11.20am: Coffee & Refreshments Break – Networking – Exhibition | 11.20am – 1.00pm: Break-out Sessions

“IoT & Cybersecurity Convergence: What Can Standards Do?”
Day 1
27 Sep 2017
Francois Ennesser

IoT Security, a New Dimension for Cybersecurity

• oneM2M and IoT common requirements behind the diversity
• ICT driven “IoT 1.0” deployments: Privacy as a main driver for security
• Industry driven “IoT 2.0” deployments: Safety as the driver for security
• Combining physical world “real things” safety considerations with dynamic software based “cyber world” security approach

Salvatore Francomacaro

IoT, Blockchain, Mobile ID: Standardization efforts

• Security and Privacy in the Identity space
• Current IoT standardization efforts
• Blockchain encounters the ISO world
• Mobile ID and Driver License: the future of the eID

Dr. Gisela Meister

Cybersecurity Standards Challenges (Title TBC)

• Cybersecurity terms and definition according to ISO/IEC
• The Cybersecurity Strategy of the EU
• Which standard organisations are connected ?
• Gap analysis and outlook

Naum Spaseski

Testing Security in oneM2M

• Standardized security in oneM2M
• Testing approach
• Conformance testing of security aspect

PUFs for IoT Devices
Day 1
26 Sep 2017
Wael Adi

Secret Unknown Cipher Concept as A Physical Security Anchor

• How to use unknown ciphers to create Unclonable physical units
• Aging-Resilient Digital Physical Unclonable Functions (D-PUFs)
• Low-Cost clone-resistant modules in emerging non-volatile self-reconfiguring SoC units
• Clone-resistant entities for IoT environment

David Bak

The Innovative IOT Security Solution, VIA PUF

• Importance of endpoint security in IoT
• Security for Closed & open IoT platforms
• Software vs. hardware security
• PUF based hardware security

1.00 – 2.00pm: Lunch – Networking – Exhibition | 2.00 – 4.30pm: Break-out Sessions

IoT Security: Trusted ID & Certification
(Jointly with Worlde-ID & Cybersecurity)
Day 1
27 Sep 2017
Jan Rochat

Blurred Boundaries in Physical and Logical Security

● Why boundaries are blurring? / Effect of Internet of Things
● Data collection; Security & Value vs. Privacy
● Governance, Privacy & Security by Design
● End to End Secure ecosystem / Securing physical & logical security
● Continuous trust by adding identity assurance

Ali Pabrai

IoT + DDoS = Disruptive (Business + Cyber) Risk!

• Examine why IoT = Internet of Threats.
• Step through how botnets and DDoS can be disruptive to sites and Web applications.
• Walk thru an IoT Security Policy that addresses key compliance requirements.
• Develop a strategy for addressing such emerging threats in the context of your enterprise cyber security plan

Ernst Bovelander

Security and Trustworthiness in Connected Devices

● Trustworthiness in critical connected IoT devise, e.g medical devices
● Focused on a practical approach to establish assurance through third party evaluation
● What can we learn from different sectors, e.g. payment industry
● Next steps towards successful certification

Andy Ramsden

IoT – Imprinting Security by Design

● How to differentiate between ‘trusted’ and ’untrusted’ devices
● Roots of Trust into devices at the design stage is the solution
● Coupled with end to end security: strong user or device authentication, trusted people, systems and devices

Philippe Cousin

Trust IoT Labelling

• Suitable duly tested solutions needed to cope with IoT security, privacy and safety
• challenge in current security certification scheme
• Need for new European certification-labelling scheme for IoT-Trust IoT labelling
• need for automated and formal approach to testing: the model based testing

Benoit Makowka

IoT Security through Digital Identity and Reliable Root of Trust

• How can data collected by sensors and edges devices be trusted to be used in IoT application (back-end servers)
• How can devices remain under the controlled of authorized authorities (and not hackers)
• How can stake holders can be protected against attacks (DDoS, men in the middle…)
• A solution through Digital Identity and reliable Root of Trust based on PKI technology

PANEL DEBATE: Secure Labelling of Connected Devices: Where does EU Stand, Challenges and Road Ahead

End of the conference