9th ACM Cyber-Physical System Security Workshop
(CPSS 2023)

held in conjunction with ACM AsiaCCS'23
Melbourne, Australia, July 10, 2023


Dates | CFP | Organizers | Keynotes | Program | Registration | Venue | Contact | CPSS

Important Dates

Workshop Date
Workshop: July 10, 2023
2nd Round
Submissions Due:
Camera-ready Due:
March 10, 2023 (23:59 AoE)
April 10, 2023
April 20, 2023
1st Round
Submissions Due:
Camera-ready Due:
February 10, 2023 (23:59 AoE)
March 15, 2023
March 30, 2023


June 2023: The program of the workshop is available.

April 2023: The review process has been finished. Accepted papers are available below.

February 2023: The 1st round of submissions has finished. The 2nd round of submissions has started: the submission date is March 10, 2023 (23:59 AoE).

January 2023: As with AsiaCCS, this workshop will be organized in hybrid mode. Authors must register as in-person registration, and present their contribution in-person except in cases of "force majeure" (e.g. COVID). Non-author audiences can choose to attend the workshop either in-person or online.


Call for Papers  

Cyber-Physical Systems (CPS) of interest to this workshop consist of large-scale interconnected systems of heterogeneous components interacting with their physical environments. There exist a multitude of CPS devices and applications deployed to serve critical functions in our lives thus making security an important non-functional attribute of such systems. This workshop will provide a platform for professionals from academia, government, and industry to discuss novel ways to address the ever-present security challenges facing CPS. We seek submissions describing theoretical and practical solutions to security challenges in CPS. Submissions pertinent to the security of embedded systems, IoT, SCADA, smart grid, and other critical infrastructure are welcome. Topics of interest include, but are not limited to:

  • Attack detection for CPS
  • Authentication and access control for CPS
  • Autonomous vehicle security
  • Availability and auditing for CPS
  • Blockchain for CPS security
  • Data security and privacy for CPS
  • Deception Technologies for CPS
  • Digital twins/Cyber range for CPS security
  • Embedded systems security
  • Formal methods in CPS
  • Industrial control system security
  • IoT security
  • Legacy CPS system protection
  • Lightweight crypto and security
  • Maritime cyber security
  • Recovery from cyber attacks
  • Security and risk assessment for CPS
  • Security architectures for CPS
  • Security by design for CPS
  • Smart grid security
  • Threat modeling for CPS
  • Transportation system security
  • Vulnerability analysis for CPS
  • Wireless sensor network security

Submission Instructions

Paper submission site: https://easychair.org/conferences/?conf=cpss2023.

Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. The review process is single-blinded, i.e., the papers should not be anonymized. Submissions must be in double-column ACM SIG Proceedings format (See HERE), and should not exceed 12 pages. Position papers describing the work in progress and papers describing novel testbeds are also welcome. Only pdf files will be accepted. Authors of accepted papers must guarantee that their papers will be presented at the workshop. At least one author of the paper must be registered at the appropriate conference rate. Accepted papers will be published in the ACM Digital Library.

This year, there was also a best paper award. For CPSS 2023, the best paper award was given to the following paper:

  • PAID: Perturbed Image Attacks Analysis and Intrusion Detection Mechanism for Autonomous Driving Systems
    Ko Zheng Teng (SUTD), Trupil Limbasiya (iTrust, SUTD), Federico Turrin (University of Padua), Yan Lin Aung (iTrust, SUTD), Sudipta Chattopadhyay (SUTD), Jianying Zhou (iTrust, SUTD), Mauro Conti (University of Padua)


Steering Committee
Dieter Gollmann (Hamburg University of Technology, Germany)
Ravishankar Iyer (UIUC, USA)
Douglas Jones (UIUC, USA)
Javier Lopez (University of Malaga, Spain)
Jianying Zhou (SUTD, Singapore) – Chair

Program Chairs
Rodrigo Roman (University of Malaga, Spain)
Mujeeb Ahmed (Newcastle University, UK)

Publicity Chair
Rodrigo Roman (University of Malaga, Spain)

Publication Chair
Weizhi Meng (DTU, Denmark)

Program Committee
Ali Abbasi (CISPA Helmholtz Center for Information Security, Germany)
Sridhar Adepu (University of Bristol, UK)
Cristina Alcaraz (University of Malaga, Spain)
Magnus Almgren (Chalmers University of Technology, Sweden)
Daniele Antonioli (EURECOM, France)
John Henry Castellanos (CISPA Helmholtz Center for Information Security, Germany)
Binbin Chen (SUTD, Singapore)
Yuqi Chen (ShanghaiTech University, China)
Luca Davoli (Università di Parma, Italy)
Shalabh Jain (Bosch, USA)
Sokratis Katsikas (NTNU, Norway)
Marina Krotofil (ISSP, Ukraine)
Subhash Lakshminarayana (University of Warwick, UK)
Stefano Longari (Politecnico di Milano, Italy)
Daisuke Mashima (Advanced Digital Sciences Center, Singapore)
Simin Nadjm-Tehrani (Linköping University, Sweden)
Martín Ochoa (ETH Zurich, Switzerland)
Federica Pascucci (Università Roma Tre, Italy)
Anne Remke (University of Münster, Germany)
Neetesh Saxena (Cardiff University, UK)
Martin Strohmeier (armasuisse Science+Technology, Switzerland)
Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security, Germany)
Johanna Ullrich (SBA Research, Austria)
Mark Yampolskiy (Auburn University, USA)
Katsunari Yoshioka (Yokohama National University, Japan)
Chia-Mu Yu (National Yang Ming Chiao Tung University, Taiwan)
Sencun Zhu (Pennsylvania State University, USA)
Saman Zonouz (Georgia Tech, USA)


Data Security & Privacy Protection in IoT MGC Systems
Prof. Robert Deng (Singapore Management University, Singapore)

Many IoT and cyber-physical systems follow the MGC (eMbedded-Gateway-Cloud) architecture. In this architecture, embedded devices equipped with sensors send measurement data to a gateway which aggregates the data into appropriate records and upload them to the cloud for data access and analytics. An example application of the MGC architecture is infrastructure video monitoring, in which drones and robots with mounted cameras patrol physical operational environments for on-site monitoring, defeats inspection, etc, and videos are encrypted at a gateway and then uploaded to cloud for authorized access by various stake holders. In this talk, we will discuss the various data security and privacy issues in the infrastructure video monitoring system (and MGC architecture in general) and present a data security and privacy platform which supports flexible access control of encrypted data based on users' attributes and time of access and supports multiuser-to-multiuser encrypted keyword search over encrypted data.

About the speaker:
Robert Deng is AXA Chair Professor of Cybersecurity, Director of Secure Mobile Centre, and Deputy Dean for Faculty & Research, School of Computing and Information Systems, Singapore Management University (SMU). His research interests are in the areas of data security and privacy, network security, and applied cryptography. He received the Outstanding University Researcher Award from National University of Singapore, Lee Kuan Yew Fellowship for Research Excellence from SMU, and Asia-Pacific Information Security Leadership Achievements Community Service Star from International Information Systems Security Certification Consortium. He is a Fellow of IEEE and Fellow of Academy of Engineering Singapore.

Digital twins: Double Insecurity for Industrial Scenarios
Assoc. Prof. Cristina Alcaraz (University of Malaga, Spain)

Industry 5.0 is increasingly having a greater influence on the modernization of industrial processes in order to improve not only its own value chain but also the supply chain within a context. In this case, Digital twins (DTs) is a leading technology, providing simulation capabilities to analyze, predict and optimize possible scenarios and situations, which is encouraging different industrial actors to invest in the technology, and especially to intensify the three Industry 5.0 objectives: centrality in the human being, sustainability and resilience. But this fact, in turn, forces the scientific community to pay attention to the risks that may be involved in adapting the technology itself in its operational domains. The deployment of a DT involves a set of risks and threats that are a consequence of its own criticality, what affects seriously Industry 5.0 resilience. In this talk, therefore, we will talk about that particular context of a DT, where we will explore potential threats that can corrupt the objectives of Industry 5.0, adding some security recommendations that can benefit, at least, the expected Industry 5.0 resilience.

About the speaker:
Cristina Alcaraz is an Associate Professor in the Computer Science Department at UMA. She has been awarded two competitive postdoctoral fellowships: Marie-Curie in 2012 and Ramon-y-Cajal in 2015 and was a guest researcher at NIST (2011-2012), visiting later the Royal Holloway (2012-2014, under the Marie-Curie fellowship), UCBM (2017, Rome) and the University of Piraeus (2019 and 2022, Athens). She is interested in the security of cyber-physical systems, Industry 4.0/5.0, smart grids, IIoT and digital twins, focusing the research on situational awareness, advanced detection and resilience. She has published 75+ papers, is a member of the editorial boards of 8+ international journals in the area (e.g., IEEE Transactions on Industrial Informatics, IEEE Transactions on Dependable and Secure Computing, ACM Distributed Ledger Technologies, IEEE Networking Letters, IJCIP, IJIS, among others), received the Women in Homeland Security Award by the IEEE SMC TC on Homeland Security in 2021 and she is the Vice-Chair of IEEE ComSoc SIG on Green Digital Twin Network.


8:50am - 9:00am Workshop Opening
9:00am - 10:00am Keynote 1: Double Insecurity for Industrial Scenarios
Assoc. Prof. Cristina Alcaraz (University of Malaga, Spain)
10:00am - 11:00am Keynote 2: Data Security & Privacy Protection in IoT MGC Systems
Prof. Robert Deng (Singapore Management University, Singapore)
11:00am - 11:15am Coffee Break
11:15am - 12:00pm
Session 1: "Intrusion Detection in Cyber-Physical Systems"
  • PAID: Perturbed Image Attacks Analysis and Intrusion Detection Mechanism for Autonomous Driving Systems (BEST PAPER AWARD)
    Ko Zheng Teng (SUTD), Trupil Limbasiya (iTrust, SUTD), Federico Turrin (University of Padua), Yan Lin Aung (iTrust, SUTD), Sudipta Chattopadhyay (SUTD), Jianying Zhou (iTrust, SUTD), Mauro Conti (University of Padua)
  • A Practical Intrusion Detection System Trained on Ambiguously Labeled Data for Enhancing IIoT Security
    Wenzhuo Yang (Nanyang Technological University), Zhaowei Chu (Nanyang Technological University), Jiani Fan (Nanyang Technological University), Ziyao Liu (Nanyang Technological University), Kwok Yan Lam (Nanyang Technological University)
  • Anomaly Detection Framework for Securing Next Generation Networks of Platoons of Autonomous Vehicles in a Vehicle-to-Everything System
    Sazid Nazat (Indiana University-Purdue University Indianapolis), Mustafa Abdallah (Indiana University-Purdue University Indianapolis)
12:00pm - 12:45pm
Session 2: "Cybersecurity in Industrial Control Systems"
  • Blind Concealment from Reconstruction-based Attack Detectors for Industrial Control Systems via Backdoor Attacks
    Tim Walita (Saarland University), Alessandro Erba (Saarland University), John H. Castellanos (CISPA Helmholtz Center for Information Security), Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security)
  • Preventing Reverse Engineering of Control Programs in Industrial Control Systems
    Shalini Banerjee (University of Auckland), Steven D. Galbraith (University of Auckland), Tariq Khan (University of Auckland), John H. Castellanos (CISPA Helmholtz Center for Information Security), Giovanni Russello (University of Auckland)
  • ICSML: Industrial Control Systems ML Framework for native inference using IEC 61131-3 code
    Constantine Doumanidis (New York University Abu Dhabi), Prashant Rajput (NYU Tandon School of Engineering), Michail Maniatakos (New York University Abu Dhabi)
12:45pm - 13:00pm Conclusion


Program Chairs e-mail:   cpss2023@easychair.org
CPSS Home:   http://jianying.space/cpss/

Updated: June 8, 2023