2024 INTERSCT. Conference
Introduction
With the Internet-of-Things (IoT) we are seamlessly connecting the cyber and the physical worlds extending the risk area to safety requiring a broader perspective on security. IoT is turning out to be one of the weakest spots in our infrastructure. With billions and in the near future potentially trillions of devices, the security risks are growing at great rates. Our economic and societal forces are creating a perfect storm, a pervasive infrastructure of trillions of IoT devices which on one hand will oversee our lives and economy, and on the other hand will be completely unmanageable from a security perspective.
To compound the risk, IoT systems are often devised and engineered in places where we have no control on, and unless we want to basically surrender our digital sovereignty by only relying on foreign solutions for our national cyber security, we need to find a way to secure them regardless of provenance and built-in malicious intents.
We cannot secure something we cannot manage, we need to rethink the security paradigm, delegating part of the security management to the system that needs to autonomously adapt to the changing environment, while remaining under our supervision, and rethink accordingly all our security technologies. We need to be able to design, develop and manufacture IoT systems-of-systems in a fundamentally different way enabling the overall system to become robust, resilient and trustworthy, even in the presence of individual IoT devices that are insecure or even compromised in a Zero-trust environment and providing the right ecosystem for their wide adoption within industry. We actually need to be able to design, develop and manufacture new types of IoT devices with security-by-design, security-by-default, robustness and resilience in mind; while continuously preserving all safety requirements, these devices must pro-actively manage their security, actively respond to attacks, recover from attacks, resume and restore themselves to a predefined level of operation following an attack etc.,
During the 2024 INTERSCT. Conference on cyber security of Internet-of-Things, on 28 May at Eindhoven University of Technology, we will address many of these issues with an impressive line-up of invited speakers, panelists, and moderators. There will be keynote addresses by Mr. Bart Groothuis, two series of parallel sessions related to the various work packages in the NWO NWA INTERSECT project (Design, Defense, Attack, and Governance), a series of plenary sessions related to the state-of-the-art in cyber security of Internet-of-Things, as well as a networking lunch and a networking reception at the end of the event.
Programme
08:45 Reception + Networking
Coffee/Tea in Auditorium, Voorhof
09:25 Opening
Opening by prof. dr. Sandro Etalle in Auditorium, Voorhof
professor Sandro Etalle
Scientific director NWO NWA INTERSECT
Opening by Sandro Etalle
09:30 First series of parallel sessions related to WPs
WP2 Session on "Design"
Location: Auditorium, Blauwe Zaal
dr. Erik Poll
Radboud University
dr. Erik Poll with an introduction to the objectives and (intermediate) results of WP2 on “Design“
Casper Schellekens
Fontys ICT
Casper Schellekens on “Security Patterns for IoT in Practice“
Sezen Acur
TNO ESI
Sezen Acur and Swarna Kumarswamy-Das (TNO) on “SOS! Security and Safety for Systems of Systems“
WP3 Session on "Defense"
Location: Auditorium, Senaatszaal
dr. Jerry den Hartog
Eindhoven University of Technology
dr. Jerry den Hartog with an introduction to the objectives and (intermediate) results of WP3 on “Defense“
Stash Kempinski
Eindhoven University of Technology and Secura
Stash Kempinski on “Attacking Operational Technology without the need for specialized knowledge: the rise of a new threat actor profile“
Remi Hendriks
University of Twente
Remi Hendriks on “Detection of ECMP load balancing on internet scale“
Reza Esmaili
University of applied sciences Amsterdam
Reza Esmaili and Lindomar Minguel on “Ecosystem Digital Security region Amsterdam-Amstelland – An experience in security ecosystem building“
10:45 Break
Coffee/Tea in Auditorium, Voorhof
11:15 Second series of parallel sessions related to WPs
WP5 Session on "Governance of Security & Privacy"
Location: Auditorium, Blauwe Zaal
professor Michel van Eeten
Delft University of Technology
professor Michel van Eeten with an introduction to the objectives and (intermediate) results of WP5 on “Governance of Security & Privacy“
Lorenzo Kustosch
Delft University of Technology
Mr. Lorenzo Kustosch on “IPatching Up: Stakeholder Experiences of Security Updates for Connected Medical Devices“
Mr. Dirk de Wit
Head of Product Security, Philips
Mr. Dirk de Wit on “Industry challenges for applying Security Updates on Medical Devices“
Mattis van 't Schip
Delft University of Technology
Mattis van ‘t Schip on “The Cyber Resilience Act and Open-Source Software: Status Quo“
WP4 Session on "Attack"
Location: Auditorium, Senaatszaal
professor Herbert Bos
Vrije Universiteit Amsterdam
professor Herbert Bos and dr. Cristiano Giuffrida with an introduction to the objectives and (intermediate) results of WP4 on “Attacks“
Mr. Ringo Groenewegen
TNO and Vrije Universiteit Amsterdam
Mr. Ringo Groenewegen on “Cryptanalysis Of Des: Backscattering As A Side-Channel“
Mr. Luca Müller
TNO and University of Groningen
Mr. Luca Müller on “Formalizing Coverage-guided Greybox Fuzzing with Deep Reinforcement Learning“
12:30 Lunch + Networking
Location: Auditorium, Voorhof
13:45 Plenary sessions
Location: Auditorium, Blauwe Zaal
13:45 Plenary keynote address
Mr. Bart Groothuis
Member of European Parliament
Mr. Bart Groothuis on ‘European cyber security law making: does Brussels sufficiently address the challenges ahead?‘
Bart Groothuis (1981) is a member of the European Parliament on behalf of the Dutch People’s Party for Freedom and Democracy (VVD), which is part of the liberal political group Renew Europe. He is a member of the Industry, Research and Energy committee and a substitute member for the committee Security and Defence. In parliament, he focuses on cybersecurity, especially in his role as Rapporteur of the NIS II Directive, the energy transition and disinformation & foreign interference. Before Bart became member of the European Parliament in February 2020, he was head cybersecurity for the Dutch Ministry of Defence.
14:30 Plenary presentation
Mr. Ben Kokx
Director Standardization Product Security, Philips
Mr. Ben Kokx on “New and upcoming legislation and regulations for cyber security of products with a digital component”.
Ben Kokx has over twenty years of security and privacy experience within Philips. For the last decade, as Director Product Security, he is responsible for security related standards & regulations and the global Philips Product Security Policy and Process Framework. Ben is a healthcare and IoT security expert who leads and participates in several industry associations and standard development organizations. Ben is, as the convenor of CEN/CENELEC JTC 13/WG 6 on product security, closely involved with the development of security standards to be used in European legislation.
15:15 Plenary presentation
Mr. Ruben van Well
Politie
Mr. Ruben van Well on “The broad approach on Cybercrime by the Dutch police“
Cybercrime is such a scalable crime type, that it is impossible to arrest your way out of. To be successful in the approach, there needs to be a balance between repression and prevention. A broad approach was created by the Dutch police. Focusing not only on suspects, but also the victims and structural opportunity which is I place, aiming to prevent, disturb and prosecute cybercrime. You will be taken along this approach by the example of Operation Cookie Monster, the takedown of Genesis Market.
From 2002 on, Ruben has been working for the Dutch National police. He started patrolling the streets of Rotterdam 22 years ago and had a great variety of functions, from Riot police to assistant public prosecutor immigration and criminal law and from detective to account manager public private partnership in the cybercrime unit of Rotterdam. Innovation has been a common thread throughout his career. Always looking for possibilities to make policework better, easier and more fun. With an aim to boost safety & security and/or the service provided by the police. After guiding various experiments throughout the organization. He has recently found a passion to fight cybercrime. As he states: “Cybercrime is the innovation of crime, you need to be very agile to fight it effectively. Luckily, I have an awesome team with a variety of specialists who all share a goal to fight impactful cybercrime to protect society against it.”
16:00 Plenary presentation
Guest
Ministry of the Interior and Kingdom Relations, General Intelligence and Security Service
On COATHANGER.
16:45 Closing
by prof. dr. Sandro Etalle (TU/e)
17:00 Reception + Networking
Location: Auditorium, Voorhof
Opportunities for collaboration
During the 2024 edition of the INTERSCT. Conference on cyber security of Internet-of-Things, there will again be opportunities to discuss possibilities for collaboration with organizations that are not a member of the INTERSECT public-private partnership. If you would be interested in a short meeting during the event to discuss such possibilities, please let us know via the registration.
FAQ
- TU/e is located next to the NS Eindhoven railway station
- TU/e is easily accessible via car. We recommend parking P1.