Consolidated Proceedings of the Second ECSCI Workshop on Critical Infrastructure Protection and Resilience

Modern critical infrastructures (or “critical entities” as now defined in the new EU-CER Directive) are becoming increasingly complex, turning into distributed, large-scale cyber-physical systems. Cyberphysical attacks are increasing in number, scope, and sophistication, making it difficult to predict their total impact. Thus, addressing cyber security and physical security separately is no longer effective, but more integrated approaches, that consider both physical security risks and cyber-security risks, along with their interrelationships, interactions and cascading effects, are needed to face the challenge of combined cyber-physical attacks. Addressing them successfully, need coordinated and integrated responses, which must be disseminated and exploited further to the EU funded projects’ frameworks or individual research studies’ reports, through raising awareness initiatives, such as the 2nd ECSCI Workshop on CIP.
This workshop presented the different approaches on integrated (i.e., cyber and physical) security in
several different industrial sectors, such as finance, healthcare, energy, air transport, communications,
industrial plants, gas, and water. The peculiarities of critical infrastructure protection in each one of these sectors have been discussed and addressed by the different projects of the ECSCI cluster that presented their outcomes, discussing the technical, ethical and societal aspects and the underlying technologies.
Specifically, novel techniques have been presented for integrated security modelling, IoT security, artificial intelligence for securing critical infrastructures, resilience of critical infrastructures, ethical and legal aspects of cybersecurity, combating hybrid threats to critical infrastructure, cyber and physical threats detection, increased automation for detection, prevention and mitigation measure, information and knowledge sharing, standards and regulations for the protection of critical infrastructures, common platforms for cascading effects on the different critical infrastructures, combined safety and security solutions, cyber security awareness, and the landscape of advanced combined cyber and physical threats.
The workshop included three opening remarks, three keynote speeches, twenty-one project presentations, two roundtable and panel discussions, twenty-one thematic presentations, and closing remarks. The audience included scientists and experts in the field of critical infrastructure protection, CISOs, CIOs, CERTs, CSIRTs, CSOs, cyber and physical security experts representing different sectors and policy makers for critical infrastructure protection.