idw – Informationsdienst Wissenschaft
Nachrichten, Termine, Experten
Nachrichten, Termine, Experten
idw - Informationsdienst
Wissenschaft
09/19/2013 - 09/20/2013 | Berlin
Security failures and data breaches are impacting not only enterprises but also critical infrastructures and public services. Solely in Germany successful attacks on IT systems in cause damage by 4.8 million euros a year. At the same time, we are experiencing how the current IT landscape is changing rapidly. Just a few years ago, the Internet was dedicated to interconnect stationary end user devices. Nowadays, the tendency towards an Internet of things makes the situation more complex. Mobile devices, home automation, smart grids and even vehicles are connected via the Internet and becoming theoretical accessible and thus vulnerable to hacker attacks. However, we are more than ever dependent on a secure and mature ICT infrastructure.
One of the keys to get and maintain such a secure and dependable infrastructure is a mature, systematic and capable security risk analysis and testing program. This workshop will provide a forum to discuss innovative security testing approaches and their combination with security risk analysis. At the same time, the workshop tries to draw a line to the industrial requirements and the challenges that arise when security testing meets the demands of cost efficiency and scalability. Experts from industry and academia will present and discuss their solutions to the key issues security risk analysis, vulnerability testing, model based security testing, and standardization. The contributions are complemented by industry grade research results from four large European research projects.
Preliminary Agenda
Day 1, September 19:
10:00 - 11:00 Keynote:
Ralf Böker, Federal Office for Information Security (BSI): Cyber security
11:30 - 13:00 Session 1: Security risk assessment and testing
- Jan Stijohann, SIEMENS: Siemens, Risk-based testing,
- Ketil Stølen, SINTEF: Test-based risk assessment
13:00 - 14:00 Lunch
14:00 - 16:00 Session 2: Standardization & Certification
- Gerard Gaudin, G2C, France: A full set of new standards in Cyber Defence addressing the full scope of security event detection issues
- Luca Compagna: Formal Validation and Testing of Security Standards at SAP: from research to industry
- Jürgen Großmann, Fraunhofer FOKUS: Security Testing Improvment Profile (STIP)
18:30 Social Event
Day 2, September, 20:
09:30 - 10:30 Keynote: NN
11:00 - 13:00 Session 3: Active security testing
- Luca Vigano, Università di Verona, Italy: The SPaCIoS Tool - property-driven and vulnerability-driven security testing
- Prof. Bruno Legeard, FEMTO-ST/UFCSmartesting: Model-based vulnerability testing from patterns and behavioral model
- Dr. Volker Baier, Codenomicon: Traffic capture fuzzing
- Martín Ochoa, Siemens/TUM: Model-based vulnerability testing
13:00 - 14:00 Lunch
14:00 - 16:30 Session 4: Active and passive security testing
- Prof. Dr. Sachar Paulus, Kuppinger Cole: Trustworthy software development
- Riccardo Scandariato, KULeuven: Security vulnerability prediction
- Graham Steel, Cryptosense, Paris: Security analysis of APIs, including the W3C Crypto API”
- Ana Cavalli, Institut Mines-Telecom, France: Application of passive testing techniques to secure interoperability testing
- Wissam Mallouli Montimage: Passive testing for security checking using MMT
More information on the agenda will follow soon.
Workshop Organization
DIAMONDS: Development and Industrial Application of Multi-Domain Security Testing Technologies
SPaCIoS: Secure Provision and Consumption in the Internet of Services
NESSOS: Network of Excellence on Engineering Secure Future Internet Software Services and Systems
RASEN: Compositional Risk Assessment and Security Testing of Networked Systems
INTER-TRUST: Interoperable Trust Assurance Infrastructure http://www.inter-trust.eu/
Information on participating / attending:
Date:
09/19/2013 10:00 - 09/20/2013 17:00
Registration deadline:
09/18/2013
Event venue:
TU Berlin (mathematic building) Room MA141/142
Straße des 17. Juni 136
10623 Berlin
Berlin
Germany
Target group:
Business and commerce, Scientists and scholars
Email address:
Relevance:
international
Subject areas:
Information technology
Types of events:
Seminar / workshop / discussion
Entry:
08/20/2013
Sender/author:
Ronny Meier
Department:
Corporate Communications
Event is free:
no
Language of the text:
English
URL of this event: http://idw-online.de/en/event44535
You can combine search terms with and, or and/or not, e.g. Philo not logy.
You can use brackets to separate combinations from each other, e.g. (Philo not logy) or (Psycho and logy).
Coherent groups of words will be located as complete phrases if you put them into quotation marks, e.g. “Federal Republic of Germany”.
You can also use the advanced search without entering search terms. It will then follow the criteria you have selected (e.g. country or subject area).
If you have not selected any criteria in a given category, the entire category will be searched (e.g. all subject areas or all countries).
