Smart cyber-physical systems: Too big to fail, too smart to be secure?

Attending ICSE? Then consider coming two days earlier to attend SEsCPS, the 2nd International Workshop on Software Engineering for Smart Cyber-Physical Systems, where I will be giving a keynote on the current state and challenges of CPS security. Abstract:

Many industrialized nations are currently pushing for smart cyber-physical systems as a major hope for new revenue models. But such systems become smart through connectivity, which opens them up to a whole range of new attack vectors. One may ask: why are current software-heavy cyber-physical systems as insecure as they are? My answer would be: why shouldn’t they be? Many such systems are designed and engineered by companies who never developed software engineering as a core competency. And how should such companies succeed where even the most prominent software vendors struggle? In this talk I will discuss my view of the challenges in secure software engineering and how the inclusion of hardware brings a whole new set of challenges to the game. I will outline my vision of secure systems engineering and raise a set of challenges that need to be addressed to make this vision become reality.