3rd Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2022)

In Conjunction with the ACM Conference on Computer and Communications Security (ACM CCS), November 7-11, 2022, Los Angeles, U.S.A.

The Joint Workshop on CPS&IoT Security and Privacy (CPSIoTSec) is the result of the merger of the Workshop on Cyber-Physical Systems Security and Privacy (CPS-SPC) and Workshop on the Internet of Things Security and Privacy (IoTS&P) previously organized annually in conjunction with ACM Conference on Computer and Communications Security.


November 7, 2022, All times are Pacific time


Opening Remarks: Cristina Alcaraz and Earlence Fernandes


Keynote 1: Trustworthy Cyber-Physical Critical Infrastructures via Physics-Aware and AI-Powered Security, by Prof. Saman Zonouz (Georgia Tech)

Session Chair: Cristina Alcaraz


Session 1: Industrial Control and Crypto (graphy, not currency)

Session Chair: Luis Garcia

(best paper voting system activates) [Link]

  • [30 mins] Security Analysis of Vendor Implementations of the OPC UA Protocol for Industrial Control Systems

    Authors: Alessandro Erba, Anne Müller, and Nils Ole Tippenhauer

  • [30 mins] Single-Server Delegation of Small-Exponent Exponentiation from Quasilinear-time Clients and Applications

    Authors: Giovanni Di Crescenzo, Matluba Khodjaeva, Rajesh Krishnan, and David Shur

  • 11:30AM-1:00PM

    Lunch Break


    Session 2: Reboots in the air

    Session Chair: TBD

  • [20 mins] Secure Reboots for Real-Time Cyber-Physical Systems

    Authors: Vijay Banerjee, Sena Hounsinou, Habeeb Olufowobi, Monowar Hasan, and Gedare Bloom

  • [30 mins] RoSym: Robust Symmetric Key Based IoT Software Upgrade Over-the-Air

    Authors: Pegah Nikbakht Bideh, and Christian Gehrmann

  • 1:50PM-2:15PM



    Session 3: Satellites and ML?!

    Session Chair: TBD

  • [20 mins] Stargaze: A LEO Constellation Emulator for Security Experimentation

    Authors: Patrick Tser Jern Kon, Diogo Barradas, and Ang Chen

  • [20 mins] CloudPAD: Managed Anomaly Detection for ICS

    Authors: Sanjeev Rao, Majid Ghaderi, and Hongwen Zhang

  • [20 mins] Real-Time Scheduling of TrustZone-enabled ML Workloads

    Authors: Mohammaf Fakhruddin Babar, and Monowar Hasan

  • 3:15PM-3:30PM

    Short Break


    Keynote 2: Security and Privacy in the Era of the Internet of Things, by Prof. Yuan Tian (UCLA)

    Session Chair: Earlence Fernandes


    Finish Best Paper Voting


    Best Paper Announcement and Closing Remarks

    Session Chair: Earlence Fernandes

    Call for Papers and Demos


    The Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2022) invites academia, industry, and governmental entities to submit:

  • Original research papers on the security and privacy of CPS&IoT
  • Systematization of Knowledge (SoK) papers on the security and privacy of CPS&IoT
  • Demos (hands-on or videos) of testbeds/experiences of CPS&IoT security and privacy research
  • We seek submissions from multiple interdisciplinary backgrounds tackling security and privacy issues in CPS&IoT, including but not limited to:

  • Mathematical foundations for secure CPS/IoT
  • Control-theoretic approaches
  • High assurance security architectures
  • Security and resilience metrics
  • Metrics and risk assessment approaches
  • Identity and access management
  • Privacy and trust
  • Network security
  • Game theory applied to CPS/IoT security
  • Human factors, humans in the loop, and usable security
  • Understanding dependencies among security, reliability and safety in CPS/IoT
  • Economics of security and privacy
  • Intrusion and anomaly detection
  • Model-based security systems engineering
  • Sensor and actuator attacks
  • CPS/IoT malware analysis
  • CPS/IoT firmware analysis
  • Hardware-assisted CPS/IoT security
  • Also of interest will be papers that can point the research community to new research directions, and those that can set research agendas and priorities in CPS/IoT security and privacy. All submitted papers must be anonymous, with no author names, affiliations, acknowledgements, or obvious references, for double blind reviews . There will be a best paper and best presentation award.

    New Process for Selecting the Best Paper Award: Following the success of the 2021 process and in the interest of increasing transparency, the PC will select upto 3 top-rated papers based on reviews and place them in a single session. Then the audience will vote on what they think should be the best paper after viewing the presentations.

    Submission Instructions

    Submissions include long papers (12 pages), short papers (6 pages), or 1-page abstracts:

  • Long papers include a) Original research on a CPS/IoT security and privacy topic, b) Systematization of Knowledge of CPS/IoT security and privacy;
  • Short papers include original work-in-progress research on a CPS/IoT security and privacy topic;
  • 1-page abstracts include demos/interesting findings/insights on CPS/IoT security and privacy, which will be accompanied by a hands-on demo during the workshop.
  • Submitted papers can be up to 12 or 6 pages excluding appendices and references. Submissions must use the ACM SIG Proceedings Templates, with a simpler version here: https://github.com/acmccs/format. Only PDF files will be accepted. Accepted papers will be published by the ACM Press and/or the ACM Digital Library. Submissions must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Each accepted paper must be presented by a registered author. Submissions not meeting these guidelines risk immediate rejection. For questions about these policies, please contact the chairs.

    Paper Submission Site: https://cpsiotsec22.hotcrp.com

    Important Dates

  • Submission Deadline: June July 25, 2022 (23:59 Anywhere on Earth time)
  • Notification of Acceptance/Rejection: 18 August, 2022
  • Camera Ready Papers Due: (hard deadline): September 14, 2022

  • Organizing Committee

  • Program Committee Chairs:
    • Cristina Alcaraz, University of Malaga, Spain
    • Earlence Fernandes, University of California, San Diego
  • Program Committee:
    • Mauro Conti, University of Padua
    • Amir Rahmati, Stony Brook University
    • Z. Berkay Celik, Purdue University
    • Nils Ole Tippenhauer, CISPA
    • Alvaro Cardenas, UCSC
    • Luis Garcia, USC
    • Sara Rampazzi, University of Florida
    • Alfred Chen, UCI
    • Peng Liu, Penn State University
    • Gang Tan, Penn State University
    • Saman Zonouz, GaTech
    • Danny Huang, NYU
    • Awais Rashid, University of Bristol
    • Gerhard Hancke, City University of Hong Kong
    • Charalambos Konstantinou, KAUST
    • Sokratis Katsikas, Norwegian University of Science and Technology
    • Emil Lupu, Imperial College
    • Yuqing Zhang, NIPC
    • Le Guan, University of Georgia
    • Vasileios Gkioulos, Norwegian University of Science and Technology
    • George Stergiopoulos, University of the Aegean
    • Weizhi Meng, Technical Universtiy of Denmark
    • Monowar Hasan, Wichita State University
    • Magnus Almgren, Chalmers
    • Yongkai Fan, China University of Petroleum
    • Ebelechukwu Nwafor, Villanova
    • Alessandro Brighente, University of Padua
    • Stefano Longari, Politecnico di Milano
  • Steering Committee:
    • Rakesh Bobba, Oregon State University
    • Alvaro Cardenas, University of California, Santa Cruz
    • Peng Liu, Penn State University
    • Sibin Mohan, Oregon State University
    • Awais Rashid, University of Bristol
    • Gang Tan, Penn State University
    • Nils Ole Tippenhauer, CISPA
    • Roshan Thomas, MITRE
    • Yuqing Zhang, University of CAS
  • Publicity Chair:
    • Li Wenjuan, City University of Hong Kong
  • Web Chair and Voting Manager:
    • Amrita Ghosal, University of Limerick, Ireland
    • The voting manager will help manage the voting process of audience input on best paper and presentation.