RICS phase I (2015-2020) report summarises the work on risk analysis and anomaly detection (Swedish) published by the Swedish Civil Contingencies Agency.

W. Aoudi, Process-Aware Defenses for Cyber-Physical Systems, PhD Thesis, Chalmers Institute of Technology, June 2021. 

M. Asplund and S. Nadjm-Tehrani (Eds.) Proceedings of the 25th Nordic Conference on Secure IT Systems (NordSec 2020), Lecture Notes in Computer Science Volume 12556, Springer, March 2021. DOI: https://doi.org/10.1007/978-3-030-70852-8

W. Aoudi and M. Almgren. A Framework for Determining Robust Context-Aware Attack-Detection Thresholds for Cyber-Physical Systems. In Proceedings of Australasian Computer Science Week Multiconference (ACSW21), February 2021. ACM.  doi: 10.1145/3437378.3437393.

C.-Y. Lin and S. Nadjm-Tehrani, A Comparative Analysis of Emulated and Real IEC-104 Spontaneous Traffic in Power System Networks, In Proceedings of the 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP), September 2020. Lecture Notes in Computer Science, Volume 12618, Springer, February 2021. DOI: https://doi.org/10.1007/978-3-030-69781-5_14. Available as pdf.

A. Rawat, M. Khodari, M. Asplund, and A. Gurtov, Decentralized Firmware Attestation for In-Vehicle Networks, ACM Transactions on Cyber-Physical Systems, Vol 5(1), December 2020. DOI: https://doi.org/10.1145/3418685

C. G. Cordero, E. Vasilomanolakis, A. Wainakh, M. Mühlhäuser, and S. Nadjm-Tehrani, On Generating Network Traffic Datasets with Synthetic Attacks for Intrusion Detection, ACM Transactions on Privacy and Security, December 2020. DOI: https://doi.org/10.1145/3424155, Available as pdf

S. Hacks, S. Katsikeas, E. Ling, R. Lagerström, M. Ekstedt, powerLang: a probabilistic attack simulation language for the power domain. Energy Informatics 3(30), Springer, November 2020. https://doi.org/10.1186/s42162-020-00134-4

S. Katsikeas,  S. Hacks, P. Johnsson, M. Ekstedt, R. Lagerström, J. Jacobsson, M. Wällstedt, P. Eliasson, An Attack Simulation Language for the IT Domain. In Proceedings of the International workshop on Graphical Models for Security. (GraMSec), Lecture Notes in Computer Science, Volume 12419. Springer, November 2020. https://doi.org/10.1007/978-3-030-62230-5_4

C. Stylianopolous, Hardware-aware Algorithm Designs for Efficient Parallel and Distributed Processing, PhD Thesis, Chalmers, October 2020.

T. Sund, C. Lööf, S. Nadjm-Tehrani, M. Asplund, Blockchain-based Event Processing in Supply Chains – A Case Study at IKEA, Robotics and Computer-Integrated Manufacturing, Volume 65, Elsevier, October 2020. DOI: https://doi.org/10.1016/j.rcim.2020.101971

W. Aoudi, M. Almgren, A scalable specification-agnostic multi-sensor anomaly detection system for IIoT environments,
International Journal of Critical Infrastructure Protection, Volume 30 (100377) Elsevier, September 2020. DOI:https://doi.org/10.1016/j.ijcip.2020.100377

K. Choudhary, G. S. Gaba, I. Butun, P. Kumar, MAKE-IT—A Lightweight Mutual Authentication and Key Exchange Protocol for Industrial Internet of Things Sensors 20(18), 5166, MDPI. September 2020. DOI:10.3390/s20185166

A. Shalaginov, A. Iqbal, J. Olegård, IoT Digital Forensics Readiness in the Edge: A Roadmap for Acquiring Digital Evidences from Intelligent Smart Applications, In Proceedings of the International Conference on Edge Computing (EDGE2020), Lecture Notes in Computer Science, Volume 12407,  Springer, August 2020. DOI: https://doi.org/10.1007/978-3-030-59824-2_1

A. Sari, A. Lekidis, I. Butun, Industrial Networks and IIoT: Now and Future Trends. Book chapter in Butun I. (Eds) Industrial IoT, Springer, July 2020. DOI: https://doi.org/10.1007/978-3-030-42500-5_1

I. Butun, M. Almgren, V. Gulisano, M. Papatriantafilou, Intrusion Detection in Industrial Networks via Data Streaming. Book chapter in Butun I. (Eds) Industrial IoT, Springer. July 2020. DOI: https://doi.org/10.1007/978-3-030-42500-5_6

V. Tudor, V. Gulisano, M. Almgren, M. Papatriantafilou, BES: Differentially Private Event Aggregation for Large-scale IoT-based Systems, Future Generation Computer Systems, July 2020. https://doi.org/10.1016/j.future.2018.07.026

C.-Y. Lin, A Timing Approach to Network-based Anomaly Detection for SCADA Systems, Licentiate Thesis, Linköping University, June 2020. DOI: 10.3384/lic.diva-165155

C. Stylianopoulos, M. Almgren, O. Landsiedel, and M. Papatriantafilou, Multiple pattern matching for network security applications: Acceleration through vectorization, Journal of Parallel and Distributed Computing 137, March 2020.  DOI: https://doi.org/10.1016/j.jpdc.2019.10.011

M. Aydin, I. Butun, K. Bicakci and N. Baykal, Using Attribute-based Feature Selection Approaches and Machine Learning Algorithms for Detecting Fraudulent Website URLs, In proceedings of the 10th Annual Computing and Communication Workshop and Conference (CCWC), IEEE, March 2020. DOI: 10.1109/CCWC47524.2020.9031125.

I. Butun, A. Lekidis, and D. Santos, Security and Privacy in Smart Grids: Challenges, Current Solutions and Future Opportunities. In Proceedings of the 6th International Conference on Information Systems Security and Privacy (ICISSP), Volume 1, SCITEPress. February 2020. DOI: 10.5220/0009187307330741

R. Lagerström, W. Xiong, and M. Ekstedt, Threat Modeling and Attack Simulations of Smart Cities: A Literature Review and Explorative Study, in Proceedings of the 6th International Conference on Information Systems Security and Privacy (ICISSP), SCITEPress, February 2020. DOI: https://doi.org/10.5220/0008921903690376

I. Butun, A. Lekidis, D. Santos, Security and Privacy in Smart Grids: Challenges, Current Solutions and Future Opportunities, in Proceedings of 6th International Conference on Information Systems Security and Privacy (ICISSP 2020), poster presentation, February 2020.

W. Aoudi, A. Hellqvist, A. Overland, and M. Almgren, A Probe into Process-Level Attack Detection in Industrial Environments from a Side-Channel Perspective, in Proceedings of the 5th Annual Industrial Control System Security (ICSS) Workshop, ACM, December 2019. DOI:10.1145/3372318.3372320.

S. Nadjm-Tehrani (Ed.) Proceedings of the 14th International Conference on Critical Information Infrastructures Security (CRITIS) 2019, Lecture Notes in Computer Science, Volume 11777, December 2019. DOI: https://doi.org/10.1007/978-3-030-37670-3

A. Shalaginov, I. Kotsiuba, A. Iqbal, Cybercrime Investigations in the Era of Smart Applications: Way Forward Through Big Data, in Proceedings of International Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention, part of IEEE International Conference on Big Data (BigData), December 2019. DOI: 10.1109/BigData47090.2019.9006596

C. Stylianopoulos, S. Kindström, M. Almgren, O. Landsiedel, M. Papatriantafilou, Co-Evaluation of Pattern Matching Algorithms on IoT Devices with Embedded GPUs, in Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC), December 2019. DOI: https://dx.doi.org/10.1145/3359789.3359811

M. Asplund, Combining Detection and Verification for Secure Vehicular Cooperation Groups, ACM Transactions on Cyber-Physical Systems, Volume 4(1), November 2019. DOI: https://doi.org/10.1145/3322129

G. Grimsdal, P. Lundgren, C. Vestlund, F. Boeira and M. Asplund, Can Microkernels Mitigate Microarchitectural Attacks?, in Proceedings of the 24th Nordic Conference on Secure IT Systems (Nordsec), November 2019. DOI: 10.1007/978-3-030-35055-0_15

F. Boeira, M. Asplund, and M. Barcellos, Decentralized Proof of Location in Vehicular Ad Hoc Networks, Computer Communications, Volume 147, Elsevier, November, 2019. DOI: doi.org/10.1016/j.comcom.2019.07.024

C. Hirata and S. Nadjm-Tehrani, Combining GSN and STPA for Safety Arguments, in Proceedings of the 7th International workshop on Assurance Cases for Software-intensive Systems (ASSURE), held in conjunction with SAFECOMP, Lecture Notes in Computer Science Volume 11699, Springer, September 2019. DOI: https://doi.org/10.1007/978-3-030-26250-1_1, Available as pdf

C.-Y. Lin and S. Nadjm-Tehrani, Timing Patterns and Correlations in Spontaneous SCADA Traffic for Anomaly Detection, in Proceedings of the of 22nd International Symposium on Research on Attacks, Intrusions, and Defenses (RAID), Usenix, September 2019. Available as pdf

S. Kemal, W. Aoudi, R. L. Olsen, M. Almgren, H.-P. Schwefel, Model-Free Detection of Cyberattacks on Voltage Control in Distribution Grids, in Proceedings of Workshop on Dependable Solutions for Intelligent Electricity Distribution Grids (DSOGRI), held in conjunction with EDCC, September 2019. DOI: doi.org/10.1109/EDCC.2019.00041

A. Iqbal, F. Mahmood and M. Ekstedt, Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems. Energies. MDPI, July 2019; 12(13):2598. DOI: doi.org/10.3390/en12132598

M. Khodari, A. Rawat, A. Gurtov, and M. Asplund, Decentralized Firmware Attestation for In-Vehicle Networks, in Proceedings of 5th Cyber-Physical System Security Workshop (CPSS), ACM, July 2019. DOI: 10.1145/3327961.3329529

X. Mao, M. Ekstedt, E. Ling, E. Ringdahl, R. Lagerström, Conceptual Abstraction of Attack Graphs – A Use Case of securiCAD, in Proceedings of the 6th International Workshop on Graphical Models for Security (GraMSec),  Lecture Notes in Computer Science, Volume11720, Springer, June 2019. DOI: https://doi.org/10.1007/978-3-030-36537-0_9

C. Stylianopoulos, M. Almgren, O. Landsiedel and M. Papatriantafilou, Continuous Monitoring meets Synchronous Transmissions and In-Network Aggregation, in Proceedings of the 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), May 2019, DOI: 10.1109/DCOSS.2019.00043

C. Profentzas, M. Günes, Y. Nikolakopoulos, O. Landsiedel and M. Almgren, Performance of Secure Boot in Embedded Systems, in Proceedings of the 1st International Workshop on Security and Reliability of IoT Systems (SecRIoT), May 2019, DOI: 10.1109/DCOSS.2019.00054

T. Månsson,  A. Rukundo, M. Almgren, P. Tsigas, C. Marx, Y. Ostermeyer, Analysis of door openings of refrigerated display cabinets in an operational supermarket, Journal of Building Engineering, Volume 26, 100899, 2019, DOI: doi.org/10.1016/j.jobe.2019.100899

W. Aoudi, Departure-Based Intrusion Detection, Licentiate Thesis, Chalmers university of technology, May 2019.

D. Pereira, C. Hirata, S. Nadjm-Tehrani, A STAMP-based ontology approach to support Safety and Security Analyses, Journal of Information Security and Applications, Elsevier, 2019.  DOI: doi.org/10.1016/j.jisa.2019.05.014

S. Bergman, A. Asplund, S. Nadjm-Tehrani, Permissioned Blockchains and Distributed Databases: A Performance Study, Concurrency and Computation, Practice and Experience, Wiley, March 2019. DOI: 10.1002/cpe.5227 Available as pdf.

M. Almgren, W. Aoudi, R. Gustafsson, R. Krahl, A. Lindhe, The Nuts and Bolts of Deploying Process-Level IDS in Industrial Control Systems, in Proceedings of the 4th Annual Industrial Control System Security (ICSS) Workshop, held in conjunction with ACSAC, December 2018. DOI: 10.1145/3295453.3295456

A. Iqbal, F. Mahmood, A. Shalaginov, M. Ekstedt, Identification of Attack-based Digital Forensic Evidences for WAMPAC Systems, in Proceedings of International Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention, part of IEEE International Conference on Big Data (BigData),  December 2018. https://doi.org/10.1109/BigData.2018.8622550

M. Almgren, P. Andersson, G. Björkman, M. Ekstedt, J. Hallberg, S. Nadjm-Tehrani, E. Westring, RICS-el: Building a National Testbed for Research and Training on SCADA Security, in Proceedings of 13th International Conference on Critical Information Infrastructure Security (CRITIS), Lecture Notes in Computer Science, Volume 11260. Springer, December 2018, https://doi-org.e.bibl.liu.se/10.1007/978-3-030-05849-4_17, Available as pdf.

A. Iqbal, A. Shalaginov, F. Mahmood, Intelligent analysis of digital evidences in large-scale logs in power systems attributed to the attacks, in Proceedings of International Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention, part of IEEE International Conference on Big Data (BigData), December 2018. https://doi.org/10.1109/BigData.2018.8622220

A. Iqbal, F. Mahmood and M. Ekstedt, An Experimental Forensic Test bed: Attack-based Digital Forensic Analysis of WAMPAC Applications, In Proceedings of the Mediterranean Conference on Power Generation, Transmission, Distribution and Energy Conversion (MedPower), November 2018.

A. Reinthal, E. Lef Filippakis, M. Almgren, Data Modelling for Predicting Exploits,In Proceedings of the 23rd Nordic Conference on Secure IT Systems (NordSec), Lecture Notes in Computer Science, Vol. 11252, Springer, November 2018. DOI: https://dx.doi.org/10.1007/978-3-030-03638-6_21

C. Stylianopoulos, L. Johansson, O. Olsson et al, CLort: High Throughput and Low Energy Network Intrusion Detection on IoT Devices with Embedded GPUs, In Proceedings of the 23rd Nordic Conference on Secure IT Systems (NordSec), Lecture Notes in Computer Science, Volume 11252, Springer, November 2018.

W. Aoudi, M. Iturbe, M. Almgren, Truth Will Out, Departure-based Process-Level Detection of Stealthy Attacks on Control Systems, in Proceedings of the ACM conference on Computer and Communication Security (CCS), October 2018.  DOI: 10.1145/3243734.3243781

C. Stylianopoulos, M. Almgren, O. Landsiedel, M. Papatriantafilou, Geometric Monitoring in Action: A Systems Perspective for the Internet of Things, in Proceedings of the IEEE Conference on Local Computer Networks (LCN), October 2018. DOI: https://dx.doi.org/10.1109/LCN.2018.8638079

A. Lautenbach, M. Almgren, T. Olovsson, Understanding Common Automotive Security Issues and their Implications, in Proceedings for workshop on Interplay between Security, Safety and System/Software Architecture (ISSA),  September 2018.

P. Johnson, R. Lagerström, and M. Ekstedt, A Meta Language for Threat Modeling and Attack Simulations, in Proceedings of  the 14th International Conference on Availability, Reliability and Security (ARES), August 2018. DOI: https://doi.org/10.1145/3230833.3232799

R. Terruggia, G. Dondossola and M. Ekstedt, Cyber security analysis of Web-of-Cells energy architectures, in Proceedings of the 5th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR), August 2018. DOI: https://dx.doi.org/10.14236/ewic/ICS2018.5

A. Vernotte,  M. Välja, M. Korman, G. Björkman, M. Ekstedt, and R. Lagerström. Load balancing of renewable energy: a cyber security analysis, Energy Informatics, no. 1 (5), Springer, July 2018. DOI: https://doi.org/10.1186/s42162-018-0010-x

V. Tudor, M. Almgren, M. Papatriantafilou, The influence of dataset characteristics on privacy preserving methods in the Advanced Metering Infrastructure, Computers and Security, Volume 76, Elsevier, July 2018. https://doi.org/10.1016/j.cose.2018.02.012

C.-Y. Lin and S. Nadjm-Tehrani, Understanding IEC-60870-5-104 Traffic Patterns in SCADA Networks, in Proceedings of the 4th Cyber-Physical System Security Workshop (CPSS) at AsiaCCS, ACM, June 2018. doi>10.1145/3198458.3198460, Available as  pdf.

C. Stylianopoulos, Parallel and Distributed Processing in the Context of Fog Computing: High Throughput Pattern Matching and Distributed Monitoring, Licentiate Thesis, Chalmers, June 2018. Available as pdf.

J. van Rooij, J. Swetzén, V. Gulisano, M. Almgren, M. Papatriantafilou, eChIDNA: Continuous Data Validation in Advanced Metering Infrastructures, In proceedings of the 2018, IEEE International Energy Conference (ENERGYCON), IEEE, June 2018.

M. Asplund, J. Lövhall, S. Nadjm-Tehrani, In-store Payments using Bitcoin, In Proceedings of International Workshop on Blockchains and Smart Contracts (BSC), IEEE, February 2018. Available as pdf.

A. Iqbal, M. Ekstedt, H. Alobaidli, Exploratory studies into forensic logs for criminal investigation using case studies in industrial control systems in the power sector in Proceedings of International Workshop on Big Data Analytic for Cyber Crime Investigation and Prevention, part of IEEE International Conference on Big Data (BigData), December 2017. DOI: 10.1109/BigData.2017.8258360

A. Karahasanovic, P. Kleberger, M. Almgren, Adapting Threat Modeling Methods for the Automotive Industry, Presented at the Embedded Security in Cars (ESCAR), November 2017. Available as pdf.

A. Lautenbach, M. Almgren, T. Olovsson, What the Stack? On Memory Exploitation and Protection in Resource Constrained Automotive Systems, in Proceedings of the 12th International Conference on Critical Information Infrastructure Security (CRITIS), Springer, October 2017. Available as pdf.

C.-Y. Lin, S. Nadjm-Tehrani, and M. Asplund, Timing-based Anomaly Detection in SCADA networks, in Proceedings of 12th International Conference on Critical Information Infrastructures Security (CRITIS), Springer, October 2017. DOI: https://doi.org/10.1007/978-3-319-99843-5_5 , Available as pdf.

A. Iqbal, M. Ekstedt, H. Alobaidli, Digital Forensic Readiness in Critical Infrastructures: A case of substation automation in the power sector. Book Chapter In: Digital Forensics and Cyber Crime (ICDF2C). Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, LNICST series Springer. October 2017. DOI: https://doi.org/10.1007/978-3-319-73697-6_9

D. Pereira, C. Hirata, R. Pagliares, and S. Nadjm-Tehrani, Towards Combined Safety and Security Constraints Analysis, in Proceedings of the 5th International Workshop on Assurance Cases for Software-Intensive Systems (ASSURE), SAFECOMP workshop, Lecture Notes in Computer Science Volume 10489, Springer, September 2017.  DOI: 10.1007/978-3-319-66284-8_7

C. Stylianopoulos, M. Almgren, O. Landsiedel and M. Papatriantafilou, Multiple Pattern Matching for Network Security Applications: Acceleration through Vectorization, in Proceedings of the 46th International Conference on Parallel Processing (ICPP-2017), IEEE, August 2017. DOI: dx.doi.org/10.1109/ICPP.2017.56

V. Tudor, Enhancing Privacy in the Advanced Metering Infrastructure: Efficient Methods, the Role of Data Characteristics and Applications, PhD Thesis, 2017, ISBN: 978-91-7597-632-7, Chalmers serie: 4313.

M. Korman, M. Välja, G. Björkman, M. Ekstedt, A. Vernotte, R. Lagerström, Analyzing the Effectiveness of Attack Countermeasures in a SCADA System, In Proceedings of the 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids (CPS week), ACM,  April 2017. DOI: 10.1145/3055386.3055393

P. Johnsson, D. Gorton, R.Lagerström, and M. Ekstedt, Time between Vulnerability Disclosures: A Measure of Software Product Vulnerability, Computers and Security, Volume 62, Elsevier, September 2016. dx.doi.org/10.1016/j.cose.2016.08.004

V. Botev, M. Almgren, V. Gulisano, O. Landsiedel, M, Papatrianfilou, J. van Rooij, Detecting non-technical losses through structural periodic patterns in AMI data, in Proceedings of International Conference on Bog Data (BigData), IEEE, December 2016.  dx.doi.org/10.1109/BigData.2016.7840967

P. Johnsson, M. Ekstedt, R. Lagerström, Automatic Probablistic Enterprise IT Architecture Modelling: A Dynamic Bayesian Networks Approach, in Proceedings of the 20th International Enterprise Distributed Object Computing Conference Workshops, IEEE, September 2016. DOI: 10.1109/EDOCW.2016.7584351

P. Johnson, A. Vernotte, M. Ekstedt and R. Lagerström, pwnPr3d: an Attack Graph Driven Probabilistic Threat Modeling Approach, in Proceedings of the 11th International Conference on Availability, Reliability and Security (ARES), IEEE, September 2016. DOI: 10.1109/ARES.2016.77

G. Kalns, S. Nadjm-Tehrani, M. Vasilevskaya, Trading off Latency against Security in Open Energy Metering Infrastructures, in Proceedings of the 4th International Symposium for ICS and SCADA Cyber Security Research, August 2016. dx.doi.org/10.14236/ewic/ICS2016.17

V. Gulisano, V. Tudor, M. Almgren, and M. Papatriantafilou, BES – Differentially Private and Distributed Event Aggregation in Advanced Metering Infrastructures, in Proceedings of the 2nd ACM Cyber-Physical System Security Workshop (CPSS), ACM, 2016.

V. Tudor, M. Almgren, and M. Papatriantafilou, Employing Private Data in AMI Applications: Short Term Load Forecasting Using Differentially Private Aggregated Data, in Proceedings of the 13th IEEE International Conference on Advanced and Trusted Computing (ATC), IEEE, 2016. dx.doi.org/10.1109/UIC-ATC-ScalCom-CBDCom-IoP-SmartWorld.2016.0076

R. Udd, M. Asplund, S. Nadjm-Tehrani, M. Kazemtabrizi, and M. Ekstedt, Exploiting Bro for Intrusion Detection in a SCADA System, in Proceedings of the 2nd Cyber-Physical System Security Workshop (CPSS), ACM, 2016.  doi>10.1145/2899015.2899028, available as PDF.

M. Asplund and S. Nadjm-Tehrani, Attitudes and perceptions of IoT security in critical societal services, IEEE Access, 2016. doi:10.1109/ACCESS.2016.2560919. Available as PDF.

O. Somarriba, U. Zurutuza, R. Uribeetxeberria, L. Delosiéres, and S. Nadjm-Tehrani, Detection and Visualization of Android Malware Behavior, Journal of Electrical and Computer Engineering, Hindawi, 2016.  dx.doi.org/10.1155/2016/8034967

M. Vasilevskaya, Security in Embedded Systems: A Model-Based Approach with Risk Metrics, PhD Thesis, number 1715, Linköping University, December 2015.

M. Vasilevskaya and S. Nadjm-Tehrani, Quantifying Risks to Data Assets Using Formal Metrics in Embedded System Design, in International Conference on Computer Safety, Reliability and Security (SAFECOMP), Springer, September 2015. doi:10.1007/978-3-319-24255-2_25. Available as PDF.