This September, the ARCADIAN-IoT Summer School will open its doors in Stockholm to offer PhD students and young researchers an in-depth exploration of the ever-evolving landscape of IoT cybersecurity.
IoT Cybersecurity: Tackling Challenges and Opportunities
4 – 8 September 2023
Stockholm, Sweden @RISE – Research Institute of Sweden
The PhD Summer School on IoT Cybersecurity is aimed at PhD students and young researchers in the field of computer science and engineering. The goal of the summer school is to provide participants with a comprehensive understanding of the challenges and opportunities in the field of IoT cybersecurity and to equip them with the knowledge and skills required to tackle current and future security challenges in IoT.
The school will cover a wide range of topics related to IoT cybersecurity, including IoT architecture and protocols, security challenges in IoT, privacy and security in IoT, security mechanisms in IoT, security in cloud-based IoT, and emerging trends in IoT cybersecurity. The lectures will be delivered by renowned experts in the field of IoT cybersecurity and will provide participants with an opportunity to learn about the latest research, developments, and best practices in the field.
The school will provide a platform for participants to network with international experts, exchange ideas and knowledge, and also the opportunity to present their own research and receive feedback and guidance.
The School will issue a participation certificate that can be used to get ETCS from universities.
To apply to the School, please fill out this form and send it to firstname.lastname@example.org
Speaker: Andrei Sabelfeld
Title: Security and Privacy of IoT Apps
Abstract: IoT apps empower users by connecting a variety of otherwise unconnected services. IoT apps often run on Trigger-Action Platforms (TAPs) that receive app input from trigger services and send app output to action services. With the convenience and interoperability of TAPs comes the concern that the TAP is effectively a “person-in-the-middle”, acting on behalf of the user with respect to trigger and action services. This poses security and privacy challenges since in the event of a compromised TAP, the users’ sensitive input data is also compromised. We demonstrate that popular TAPs are susceptible to several classes of attacks that violate user privacy, integrity, and availability. We suggest countermeasures, discuss the formal guarantees they provide, and evaluate their effectiveness on practical benchmarks. Finally, we discuss how data access minimization can be enforced automatically on TAPs so that excessive amounts of sensitive data is not sent to the TAPs in the first place.
Speaker: Maria Eichlseder
Title: Lightweight Cryptography: Security under Challenging Conditions
Abstract: Integrating cryptographic algorithms in IoT systems and other constrained environments is often difficult due to limited resources and additional security challenges. Driven by this demand, NIST has initiated a lightweight cryptography competition between 2019 and 2023. Among 57 submissions, Ascon has been selected as the new standard for authenticated encryption and hashing. In this talk, we show how Ascon was designed to address the specific challenges in the IoT, including security, performance, and footprint. Since ciphers are not used in an ideal world, we show how Ascon also improves robustness against certain implementation attacks and mistakes.
Speaker: Shahid Raza
Title: Public Key Infrastructure (PKI) and automated re-certification for IoT
Abstract: Asymmetric cryptography has long been considered infeasible for resource-constrained devices. However, since the new IoT devices are equipped with sufficient RAM, flash, a standard 32-bit CPU and crypto hardware it is possible to bring internet-grade security to IoT. This talk will present PKI building blocks for resource-constrained IoT devices and highlight current standardization efforts around this. However, availability of security protocols is not enough, it is also important that IoT manufacture must enable and continuously test state-of-the-art security solutions, which is covered by the new EU Cybersecurity Act though cybersecurity certification. Traditional methods for one-off and manual certification are not scalable to millions of heterogeneous IoT devices. This is particularly important when regular software updates are necessary, which may break the certificate seal. It is therefore necessary that automated, lightweight, and cost-effective initial- and re- certification techniques should be available for modern IoT devices. This talk will also present such an automated re-certification solution for IoT and its integration with state-of-the-art standardized security solutions for IoT devices.
Speaker: João Casal
Title: Using eSIM and Programmable Networks for IoT cybersecurity
Abstract: With the rise of devices connected to the internet, increasing the robustness of security frameworks for IoT is an urgent demand. In this sense, SIMs are ubiquitous technologies used for over 30 years for security processes (e.g subscriber identification and authentication in cellular networks). Extending the security features of those well-accepted secure elements for IoT seems like a natural step. Furthermore, the programmatic control of network functions according to security knowledge and needs is quite promising – these functions are positioned between the devices and the internet and have ability to control communications. This keynote will focus on these 2 aspects: the use of eSIM and of Programmable Networks for IoT cybersecurity.
Speaker: Kai Rannenberg
Title: To be announced
Abstract: To be announced
Speaker: Nicolas Tsiftes and Joakim Eriksson
Title: Contiki-NG Cybersecurity – Trusted Execution and Secure Connectivity
Abstract: This tutorial provides an overview of cybersecurity features in Contiki-NG, an open-source operating system for resource-constrained IoT devices. The tutorial contains both presentations and hands-on exercises covering two main topics: secure connectivity and trusted execution environments. First, we will show the participants how to set up an application with secure connectivity using CoAP and DTLS. Second, we will show how to use Arm TrustZone in Contiki-NG. During the exercises, the participants will get the opportunity to work with both the Cooja simulator and a real IoT platform (Nordic Semiconductor nRF5340), and use a Docker-based development environment. Through this tutorial, participants will gain practical experience of using Contiki-NG’s cybersecurity features in a resource-constrained IoT environment.
Speaker: Marco Tiloca
Title: Lightweight Security Protocols for the Internet of Things
Abstract: To be announced
The ARCADIAN-IoT Summer School will take place in person at RISE – Drottning Kristinas väg 61, 114 28 Stockholm.
- Arlanda Express train: Fast & eco-friendly between Airport & Stockholm Central Station. No stops, 20 min to Centre. Leaves every 15 min. The round-trip ticket costs 600 SEK. Buy tickets at airport/central station or online: www.arlandaexpress.com. From Central Station, take metro red line nr 14 towards Mörby centrum, get off at Tekniska Högskolan (KTH).
- Airport coaches: 40 minutes to Centre. Leaves every 5-10. The round-trip ticket costs 209-239 SEK. Buy tickets at the airport/City terminal or via the Airport coaches’ app. From City terminal, walk to Central Station and take metro red line nr 14 towards Mörby centrum, get off at Tekniska Högskolan (KTH). For more information, visit www.flygbussarna.se/en.
- Stockholm Public Transport (SL): Commuter trains between Uppsala and Stockholm. 40 min to the centre. Every 15 min. Visit www.sl.se/en for details. There is a fee of 132 SEK for passing between the train and the airport terminal at Arlanda. From Central Station, take metro red line nr 14 towards Mörby centrum, get off at Tekniska Högskolan (KTH).
- Taxi: Make sure to choose a properly certified company such as
- Taxi Stockholm: + 46 (0) 8 15 00 00
- Sverige Taxi: + 46 (0) 20 20 20 20
- Taxi Kurir: +46 (0) 771 86 00 00
- Uber is also available in Stockholm.
- Metro: Take red line nr 14 towards Mörby centrum and get off at Tekniska Högskolan (KTH).
- Shahid Raza
- Alfonso Iacovazzi
- Sérgio Figueiredo
- Valentin Popescu
For further information please send an email to the ARCADIAN-IoT Summer School organising committee: email@example.com
We have made arrangements with Elite Hotel Arcadia to offer our students accommodation at a fixed price (1372 SEK/per night). Due to limited availability, we encourage you to make your reservation as soon as possible.
The last day to book a room is on 12 August.
The reservation can be canceled free of charge until 7 days before arrival.