Conference Program

This page is a provisional planning which is subject to change! (last update: 29.09.21).

Papers presented at the conference will be made available through Springer LNCS (post-proceedings). As a service to the attendants at CRITIS 2021, pre-proceedings versions of these papers, video recordings and slides are available in the following shared drive (protected with a password provided at the registration desk and by email).

If time permits, a panel discussion will take place at the end of each session. The interaction between the online and the offline audience will take place with Slido, an easy-to-use Q&A and polling app (for the start-up challenge on day 2).

Legends: [R] = pre-recorded; [Underlined] = speaker; colours:

Opening/closing, social event, networking, break/lunch (incl. posters and demonstrations exhibition). Contact: info@critis2021.org
Scientific session, regular technical paper (full and short). Contact: dimitri.perciadavid@unige.ch
Keynote session. Contact: mermouda@ethz.ch
Industrial/practical experience report or testbed/dataset report session. Contact: david.baschung@milak.ethz.ch ; Sponsors: kilian.cuche@vtg.admin.ch

Monday 27 Sept 2021 – Day 1

Location : SwissTech Convention Center (STCC) – ROOM GARDEN ABC, Rue Louis Favre 2, 1024 Ecublens. Time zone: Central European Summer Time (UTC+2).

08:30 – Opening of the registration desk & welcome coffee
09:00 – Introduction by Alain Mermoud, General chair and Bernhard Hämmerli, Steering Committee chair
09:20 – Session I: Protection of Cyber-Physical Systems and Industrial Control Systems (ICS). Session chair: Thomas Maillart, UNIGE

Bank Of Models: Sensor Attack Detection and Isolation in Industrial Control Systems
[R] Chuadhry Mujeeb Ahmed and Jianying Zhou

Super Detector: An Ensemble Approach for Anomaly Detection in Industrial Control Systems
[R] Madhumitha Balaji, Siddhant Shrivastava, Sridhar Adepu and Aditya Mathur

Optimal Man-In-The-Middle Covert Attack
Luca Faramondi, Gabriele Oliva and Roberto Setola
10:20 – Coffee break (incl. posters and demonstrations exhibition)
10:45 – Innovative Approaches to resolve the OT dilemma
Adrian Perrig, Network Security Group, ETH Zurich and Franco Monti, MSFPartners
11:15 – Session II: C(I)IP Organisation, (Strategic) Management and Legal Aspects. Session chair: Dimitri Percia David, UNIGE

Model-Based Risk Analysis Approach for Network Vulnerability and Security of the Critical Railway Infrastructure
Himanshu Neema, Leqiang Wang, Xenofon Koutsoukos, Cheeyee Tang and Keith Stouffer

A survey on applications of formal methods in analysis of SCADA systems
Mihael Marović, Ante Đerek and Stjepan Groš

The cost of incidents in essential services: data from Swedish NIS reporting
[R] Ulrik Franke, Johan Turell and Ivar Johansson
12:15 – Lunch & networking (incl. posters and demonstrations exhibition)
13:30 – Session III: Human Factor, Security Awareness and Crisis Management for C(I)IP and Critical Services. Session chair: Bernhard Hämmerli, HSLU

Impact Analysis of PLC Performance when Applying Cyber Security Solutions using Active Information Gathering
[R] Yeop Chang, Taeyeon Kim and Woonyon Kim

Multi-Categorical Risk Assessment for Urban Critical Infrastructures
Sandra König, Stefan Schauer and Stefan Rass

Use-Case Informed Task Analysis for Secure and Usable Design Solutions in Rail
[R] Amna Altaf, Shamal Faily, Huseyin Dogan, Alexios Mylonas and Eylem Thron
14:30 – Coffee break (incl. posters and demonstrations exhibition)
15:00 – Session Industrial / Practical Experience. Session chair: David Baschung, ETH Zurich

Governance, Risk & Compliance in IT/OT Security in a Hospital
Erik Dinkel, CISO University Hospital Zurich

How to protect critical infrastructure against todays and future threats?
Fabrice Guye, ELCA

Cloud Security Risks: Practical Lessons From Developing Securely in the Cloud
Veit Hailperin, AdNovum

Managing cyber risk in the smart building sector
Alina Matyukhina, Siemens
16:00 – The Soft, White Underbelly of Critical Infrastructure: Space Systems Cybersecurity
[R] Gregory J. Falco, Orbital Security Alliance, Stanford University
Social Event – Day 1
17:30 – Group photo (weather permitting) at Agora Lombard Odier, EPFL

17:45 – EPFL Guided tour to learn about the exceptional history and design of the Rolex Learning Center (RLC) and visit of the Musée Bolo, the EPFL computer museum

18:45 – Reception and Networking Event at the Cyber-Defence Campus, EPFL Innovation Park, Building I (participants of Day 2 are welcome). Demonstrations organized by Giorgio Tresoldi

Tuesday 28 Sept 2021 – Day 2

Location : SwissTech Convention Center (STCC) – ROOM GARDEN ABC, Rue Louis Favre 2, 1024 Ecublens. Time zone: Central European Summer Time (UTC+2).

8:30 – Opening of the registration desk & welcome coffee
9:00 – Introduction by Alain Mermoud, General chair and Vincent Lenders, Head of Cyber-Defence Campus
9:30 – Secure and Privacy-Conscious Federated Analytics for Critical Infrastructures
Jean-Pierre Hubaux, EPFL Full Professor, Laboratory for Data Security, Academic Director of the Center for Digital Trust (C4DT)
10:00 – Coffee break (incl. posters and demonstrations exhibition)
10:30 – Session Industrial / Practical Experience. Session chair: David Baschung, ETH Zurich

A new approach for measuring IT risks at a utilities company
Axel Sitt, AWK Group AG

Implementing OT Security at BKW – an Experience Report
Ivo Maritz, MSFPartners, former CSO/CISO BKW

Cyber-risks as a threat to critical infrastructures and the functioning of Switzerland
Daniel Caduff, Head of the ICT Division at the Federal Office for National Economic Supply

5G System Security Analysis for Critical Infrastructure Protection
Gerrit Holtrup, Kudelski
11:45 – Next generation critical infrastructures: the architectural challenge
Marcus M. Keupp, Military Academy at ETH Zurich
12:15 – Lunch & networking (incl. posters and demonstrations exhibition)

13:15 – EPFL CYD Campus Fellowship, Veronika Földvary
13:30 – (Cyber) Risks in the Context of the Swiss CIP Strategy
Stefan Brem, Chief Risk Officer and Head of Risk Analysis and Research Coordination at Federal Office for Civil Protection
14:00 – Critical Infrastructure Protection Past & Present – A Swiss Perspective
Alexandre Vautravers, Security Expert, Senior Security Advisor, State of Geneva
14:30 – Coffee break (incl. posters and demonstrations exhibition)
15:00 – Session Cyber-Defence Campus & CRITIS. Session chair: Alain Mermoud, General chair

GNSS Positioning Security: Automatic Anomaly Detection on Reference Stations
Stéphanie Lebrun, Stéphane Kaloustian, Raphaël Rollier and Colin Barschel

Studying Neutrality in Cyber-Space: A Comparative Geographical Analysis of Honeypot Responses
Martin Strohmeier, James Pavur, Ivan Martinovic and Vincent Lenders
16:00 – Startup Challenge hosted by Colin Barschel, Director of Industry Relations at Cyber-Defence Campus. Topic: Boost your Information Sharing and Analysis Center (ISAC). The three finalists are the following companies:
1. Decentriq
2. Constella Intelligence
3. Pandora Intelligence
17:00 – Technical & organizational management of disasters
Bernd König, CISO at German Armed Forces and Senior Cyber Security Strategist at Fortinet
Social Event – Day 2
17:30 – Group photo (weather permitting) at Agora Lombard Odier, EPFL
19:00 – Conference Gala Dinner at Gina Ristorante (Les Arcades, Rue Louis Favre 8c, 1024 Ecublens). Please book your extra banquet ticket before Sept, 20!

Wednesday 29 Sept 2021 – Day 3

Location : SwissTech Convention Center (STCC) – ROOM GARDEN ABC, Rue Louis Favre 2, 1024 Ecublens. Time zone: Central European Summer Time (UTC+2).

08:30 – Opening of the registration desk & welcome coffee
09:00 – Introduction by Alain Mermoud, General chair
09:15 – Session IV: Future, TechWatch & Forecast for C(I)IP and Critical Services. Session chair: Dimitri Percia David, UNIGE

Tableau: Future-Proof Zoning for OT Networks
Piet De Vaere, Claude Hähni, Franco Monti and Adrian Perrig

Link Prediction for Cybersecurity Companies and Technologies: Towards a Survivability Score
Santiago Anton Moreno, Anita Mezzetti and William Lacube
10:00 – Coffee break (incl. posters and demonstrations exhibition)
10:30 – Session Testbed / Dataset Report. Session chair: David Baschung, ETH Zurich

Testbed Report for Graph-based Threat Detection
Sergio Roldan, EPFL

The EISAC.it initiative: supporting EU member states in increasing systemic resilience of critical Infrastructure and essential services
[R] Vittorio Rosato, ENEA Casaccia Research Centre

CyberGrid: Design, Implementation and Evaluation of Security Protocols in Energy Systems
[R] Hagen Lauer, Fraunhofer

RICSel21: A dataset with network attacks targeting IEC-60870-5-104 in SCADA systems
Erik Westring, FOI
12:00 – Lunch & networking (incl. posters and demonstrations exhibition)
13:00 – Data-Driven Decision Support Frameworks for Hybrid Threats
Stefan Pickl, Universität der Bundeswehr München

CRITIS 2022 announcement with Bernhard Hämmerli
13:30 – Young CRITIS Award (YCA). Session chair: Thomas Maillart, UNIGE

Following the tradition of the previous years, CRITIS 2021 awarded the best work presented by three young scientist:

1. Siddhant Shrivastava. Prize: 1’500 CHF
2. Santiago Anton Moreno. Prize: 1’000 CHF
3. Stéphanie Lebrun. Prize: 500 CHF
13:45 – Rump Session. Session chair: Thomas Maillart, UNIGE
Participants are invited to give 5 min. talks on new ideas, feedback on presented work, ongoing research (or published in other venues).

Pitch 1: Causal relationships for security and safety in Internet of Vehicle (IoV): an automatic reasoning process, by Maria Cappelli, Giovanna Di Marzo Serugendo, Anne-François Cutting-Decelle (University of Geneva), Martin Strohmeier (CYD Campus)

Pitch 2: Connected and Automated Vehicles : Cybersecurity and Data Privacy Certification Framework, by Meriem Benyahya (University of Geneva)

Pitch 3: Crowdsourcing information for a more effective cyberdefense, by Eric Jollès (CYD Campus)

Pitch 4: Technology Assessment & Cyber-Defence Procurement, by William Lacube (CYD Campus)

Pitch 5: Sentiment Towards Technologies in Social Media and Security Considerations, by Samad Durussel (CYD Campus)

Pitch 6: Cybersecurity Trend Prediction using Github, by Eloi Garandel (CYD Campus)

Pitch 7: The Role of Insurance in Improving the Resilience of Critical Infrastructure, by Rainer Sachs, Stephanie Parker, Anca-Georgiana Rusu (IRGC – International Risk Governance Center)

Pitch 8: Prevention of Large Scale Blackouts in Modern Power Systems, by Zuo Yihui (EPFL)
Social Event – Day 3
14:30 – Closing remarks by Alain Mermoud, General chair
15:00 – Visit of the EPFL ArtLab Exhibition (optional). Topic: Deep Fakes, Art and Its Double.