ZINC 2022

We would like to express our congratulations to our KTH colleagues (Junaid Qadir, Jose Eduardo Urrea Cabus, İsmail Bütün, and Robert Lagerström), who have presented their articles entitled:

  1. Security Considerations for Remote Terminal Units
  2. Towards Smart Sensing Systems: A New Approach to Environmental Monitoring Systems by Using LoRaWAN” 

in the Zooming Innovation in Consumer Electronics International Conference 2022 (ZINC 2022), which is sponsored by IEEE Serbia and Montenegro Section – Consumer Electronics Chapter; University of Novi Sad, Faculty of Technical Sciences, Department for Computer Engineering and Computer Communications and RT-RK Institute for Computer-Based Systems.

In addition, we would like to extend our heartfelt congratulations to Junaid Qadir, a visiting PhD student, who was recognised for presenting the research paper that was judged to be the best overall throughout the conference. You have done the KTH and all of your EECS family members and friends very proud! We hope that the years to come are prosperous for you. 

3rd International Workshop on Electrical Power and Energy Systems Safety, Security and Resilience (EPESec 2022)

As a participant, we gladly invite you to attend this event: the 3rd International Workshop on Electrical Power and Energy Systems Safety, Security, and Resilience (EPESec 2022). The event will take place from August 23–August 26, 2022, in Vienna, Austria.


The forthcoming smart energy ecosystem is considered as the next-generation power system, which promises self-healing, resilience, sustainability, and efficiency to the critical energy infrastructure. However, due to the increasing digitization of the energy infrastructure, the risk of cyberattacks has risen dramatically, while as the smart energy and power grid is reaching every house and building, the potential of attracting cyber-attackers is magnified. Additionally, legacy systems constitute weak points of failure since they were designed in times when cybersecurity and remote monitoring and control was not part of the technical specifications for the system design.

From this perspective, the EPESec 2022 workshop aims at collecting the most relevant ongoing research efforts in the EPES digital security field. It also serves as a forum for relevant projects in order to disseminate their security-related results, boost cooperation, knowledge sharing and follow-up synergies, and foster the development of the EPES Security Community, composed of security experts and practitioners.


Important Dates
Submission Deadline May 13, 2022
Author Notification June 05, 2022
Proceedings Version June 19, 2022
ARES EU Symposium August 23, 2022
Conference August 23 – August 26, 2022


Click here for more information: https://www.ares-conference.eu/workshops-eu-symposium/epesec-2022/

We would like to express our congratulations to our KTH colleagues, who have published their article entitled “Two Decades of Cyberattack Simulations: A Systematic Literature Review” in the Computers & Security (2022) journal.


The abstract is as follows:

Cyberattack simulations appear across multiple computer security domains and are interpreted in many different but equally viable ways. However, this makes the topic appear fragmented and inconsistent, making it challenging to identify and communicate relevant research. Therefore, this article contributes to a unified baseline by presenting the results of a systematic literature review. The review targeted attack simulations published between 1999 and 2019, specifically those exploring which specific steps result in successful attacks. The search initially produced 647 articles, later reduced to 11 key contributions. Despite being scattered across application domains, their general aims, contributions, and problem statements were remarkably similar. This was despite them generally not citing each other or a common body of work. However, the attack simulations differed in implementation details, such as modeling techniques, attacker decision-making, and how time is incorporated. How to construct a fully unified view of the entire topic is still somewhat unclear, particularly from the 11 articles. However, the results presented here should help orient practitioners and researchers interested in attack simulations regarding both present and future work. Particularly since, despite the seemingly implausible sample, the cumulative evidence suggests that attack simulations have yet to be pursued as a distinct research topic.


The complete article can be reviewed and found at the following link: https://doi.org/10.1016/j.cose.2022.102681


As a participant in the 2nd ECSCI Workshop on Critical Infrastructure Protection, we cordially invite you to attend this event:

This workshop will present the different approaches to integrated cyber and physical security in different industrial sectors, such as energy, transport, drinking and wastewater, health, digital infrastructure, banking and financial market, space and public administration. The peculiarities of critical infrastructure protection in each one of these sectors will be discussed and addressed by the different projects of the ECSCI cluster that will present their outcomes, discussing the technical, ethical, and societal aspects as well as the underlying technologies.

Specifically, novel techniques will be presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, distributed ledger technologies for security information sharing and increased automation for detection, prevention and mitigation measures.

The workshop will include keynote speeches, 23 projects presentations, roundtable and panel discussions, and thematic presentations. It is intended for scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing the different sectors and policymakers for critical infrastructure protection.

Click here for more information: https://www.finsec-project.eu/second-ecsci-virtual-workshop


Our colleagues from NTUA published their article entitled “A Cybersecurity Culture Survey Targeting Healthcare Critical Infrastructures” in the MDPI’s Healthcare journal which can be found at the link: www.mdpi.com/2227-9032/10/2/327

The abstract is as follows:

Recent studies report that cybersecurity breaches noticed in hospitals are associated with low levels of personnel’s cybersecurity awareness. This work aims to assess the cybersecurity culture in healthcare institutions from middle- to low-income EU countries. The evaluation process was designed and performed via anonymous online surveys targeting individually ICT (internet and communication technology) departments and healthcare professionals. The study was conducted in 2019 for a health region in Greece, with a significant number of hospitals and health centers, a large hospital in Portugal, and a medical clinic in Romania, with 53.6% and 6.71% response rates for the ICT and healthcare professionals, respectively. Its findings indicate the necessity of establishing individual cybersecurity departments to monitor assets and attitudes while underlying the importance of continuous security awareness training programs. The analysis of our results assists in comprehending the countermeasures, which have been implemented in the healthcare institutions, and consequently enhancing cybersecurity defense, while reducing the risk surface.


Our academic and industrial partners were very productive again resulting in two articles which are published at a journal (the 1st one) and presented at an IEEE conference.

The first article (journal article) Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework is written by NTUA and elaborates on the MITRE ATT&CK framework from which a comprehensive set of organizational and individual culture factors used (with security vulnerabilities) and mapped to specific adversary behavior in the SBA tool. The abstract is as following: 

The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK’s possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks.

The second article (conference proceeding) “Enhancing SIEM Technology for protecting Electrical Power and Energy Sector” is written by Konnektable Technologies Ltd. and elaborates on the method used in the SIEM tool and links it to the outsider threats. The abstract is as following:

In the last couple of years, the evolution, the rate and the variety of cyberattacks have increased rapidly causing many unexpected and harmful issues. These attacks do not only target single individuals, but also firms, critical infrastructure as long as a whole government. The most common solutions like firewalls, antivirus, NIDS and NIPS are no longer sufficient as they were the old days. Malicious users and attackers change their behavior, adjust to new methods and “invisible” ways to infect the system.