The workshop will be focusing on (but not limited to) the following topics:
Ongoing activities:

• Overview of recent threats and vulnerabilities for industrial production (e.g industrial Ethernet attacks, malicious firmware updates)

• Ongoing standardization activities (e.g. IEC 62443, Plattform Industrie 4.0, IETF, IIC)

Approaches to improve Cyber-Security in different domains:

• Secure network architecture design (e.g. remote access strategies, sensor to cloud communication, demilitarized zones, network slicing, software-defined networking)

• Security concepts for cyber physical production systems (e.g. next generation firewalls, intrusion detection, honeypots, cryptography, Secure data storage, Secure Plug&Work, secure firmware updates, upgrading of legacy components, real-time issues)

• Middleware solutions (OPC UA, MQTT)

• Cloud based solutions (e.g. security as a service, security data mining, forensic, documentation)

• Security by design concepts targeting embedded systems (e.g. Physical Unclonable Functions (PUF), secure programming/ development, pattern based approaches, mis-use cases)

Forensic approaches:

• Best practice examples from research and industry

• Penetration testing and vulnerability scanning of industrial components (e.g. basics, advantages and limitations)

• Anomaly detection (e.g. based on signatures or machine learning)

• Implementation of Personal Key Infrastructures (PKI) (e.g. practical experiences, advantages and limitations)