The Internet of Things (IoT) has become increasingly popular and innovative. With the rise of connected devices, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. IoT based cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems and the larger number of attack vectors on these systems. These safety risks can arise in the context of use of medical devices, smart home appliance control, smart car design or conflicts in policy execution at a societal scale.

The Internet of Safe Things workshop seeks to bring together researchers to create solutions for the development of safe cyber-physical systems. As safety is inherently linked with the security and privacy of a system, we also seek contributions in these areas that address safety concerns. We seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and creates tools, algorithms, frameworks, and systems that help in the development of safe systems.

We seek contributions across domains - autonomous vehicles, smart homes, medical devices, smart grid; and across disciplines - systems, control, human-computer interaction, security, reliability, machine learning, and verification.

Program anchor

---

Program

Keynote anchor

---

Keynote

Assuring Safety and Security in Cyber-Physical Systems with Varying Levels of Autonomy

Increasing set of functionalities, network interoperability, and system design complexity have introduced easily exploitable security vulnerabilities in cyber-physical systems (CPS). Furthermore, the tight interaction between information technology and physical world makes these systems vulnerable to attacks beyond the standard cyber-attacks, while relying exclusively on conventional security techniques may be unfeasible due to resource-constraints and long system lifetime. Consequently, there is a need to change the way we reason about security in CPS, and start designing platform-aware attack-resilient components and architectures capable providing strong safety and performance guarantees even under attack. In this talk, I will present research challenges and our recent efforts in this domain, starting from cyber-physical security techniques that (a) capture effects of attacks on system performance, (b) introduce attack resilience into control & autonomy components and facilitate attack detection, and (c) enable mapping of the desired Quality-of-Control (QoC) under attack guarantees into real-time performance requirements on the underlying platforms in way that supports design-time tradeoffs between the QoC under attack and security-related overhead. Finally, for systems with varying levels of autonomy and human interaction, I will show how we can exploit human power of inductive reasoning and the ability to provide context, to improve the overall security guarantees.

---

Safe and Secure Intelligence on the Edge

In this talk, I will discuss the current state of the art in safety and security of deploying Intelligence on the edge. System physical constraints such as real-time, privacy, and low-power increasingly favor performing the artificial intelligence (AI) algorithms on the edge devices. Reliability and safety considerations are perhaps the biggest obstacle to the widescale adoption of emerging edge learning methodologies in sensitive scenarios such as smart transportation, health-care, warfare, and financial systems. I will discuss a few of the nefarious vulnerabilities of the edge AI algorithms as well as the present promising defense solutions customized for the constrained environments. I conclude by outlining the challenges and opportunities.

Accepted anchor

---

List of Accepted Papers

A Case Study of the Security Vetting Process of Smart-home Assistant Applications
Hang Hu (Virginia Tech), Limin Yang (UIUC), Shihan Lin (Fudan University) and Gang Wang (UIUC)

Privacy-preserving Continuous Tumour Relapse Monitoring Using In-body Radio Signals
Sam Hylamia, Wenqing Yan, André Teixeira, Noor Badariah Asan, Mauricio Perez, Robin Augustine and Thiemo Voigt (Uppsala University)

On the Feasibility of Acoustic Attacks Using Commodity Smart Devices
Matthew Wixey, Emiliano De Cristofaro and Shane Johnson (University College London)

Electromagnetic Sensor and Actuator Attacks on Power Converters for Electric Vehicles Best Paper Award
Gokcen Yilmaz Dayanikli (Virginia Tech), Rees Hatch (Utah State University), Ryan M. Gerdes (Virginia Tech), Hongjie Wang (Utah State University) and Regan Zane (Utah State University)

Never Ending Story: Authentication and AccessControl Design Flaws in Shared IoT Devices
Blake Janes, Heather Crawford and Tj Oconnor (Florida Institute of Technology)

On Using Camera-based Visible Light Communication for Security Protocols
Wen-Yi Chu, Ting-Guang Yu, Yu-Kai Lin, Shao-Chuan Lee and Hsu-Chun Hsiao (NTU Taiwan)

Security Analysis of Networked 3D Printers
Matthew McCormack (CMU), Sanjay Chandrasekaran (UCSB), Guyue Liu (CMU), Tianlong Yu (CMU), Sandra DeVincent Wolf (CMU) and Vyas Sekar (CMU)

---

List of Accepted Posters

Poster: Radiometric Signatures for Wireless Device Identification over Dynamic Channels
Wenqing Yan, Thiemo Voigt and Christian Rohner (Uppsala University)

Poster: Class-sourced Penetration Testing of IoT Devices
Abhinav Mohanty, Parag Mhatre and Meera Sridhar (UNC Charlotte)

---

List of Accepted Demos

ELF Analyzer Demo: Online Identification for IoT Malwares with Multiple Hardware Architectures
Shin-Ming Cheng (National Taiwan University of Science and Technology), Tao Ban (National Institute of Information and Communications Technology), Jr-Wei Huang (National Taiwan University of Science and Technology), Bing-Kai Hong (National Taiwan University of Science and Technology) and Daisuke Inoue (National Institute of Information and Communications Technology)

dates anchor

---

Important Dates

Paper/Poster/Demo Submission Deadline	January 25th, 2020 (AoE, UTC-12). February 3rd, 2020 (AoE, UTC-12).
Acceptance Notification	February 25th, 2020. March 2nd, 2020.
Camera-ready Submission Deadline	March 6th, 2020 (AoE, UTC-12). March 20th, 2020 (AoE, UTC-12).

Cfp anchor

---

Call for Papers

As the traditionally segregated systems are brought online for next-generation connected applications, we have an opportunity to significantly improve the safety of legacy systems. For instance, insights from data across systems can be exploited to reduce accidents, improve air quality and support disaster events. Cyber-physical systems (CPS) also bring new risks that arise due to the unexpected interaction between systems. These safety risks arise because of information that distracts users while driving, software errors in medical devices, corner cases in data-driven control, compromised sensors in drones or conflicts in societal policies.

Accordingly, the Internet of Safe Things workshop (or SafeThings, for brevity) seeks to bring researchers and practitioners that are actively exploring system design, modeling, verification, authentication approaches to provide safety guarantees in the Internet of Things (IoT). The workshop welcomes contributions that integrate hardware and software systems provided by disparate vendors, particularly those that have humans in the loop. As safety is inherently linked with the security and privacy, we also seek contributions in these areas that address safety concerns. With the SafeThings workshop, we seek to develop a community that systematically dissects the vulnerabilities and risks exposed by these emerging CPSes, and create tools, algorithms, frameworks, and systems that help in the development of safe systems.

SafeThings workshop covers safety topics as it relates to an individual’s health (physical, mental), the society (air pollution, toxicity, disaster events), or the environment (species preservation, global warming, oil spills). The workshop considers safety from a human perspective, and thus, does not include topics such as thread safety or memory safety in its scope.

Our workshop will cover, but not limit itself to, the following subject categories:

• Adversarial machine learning and testing of IoT/CPS systems
• Authentication in IoT/CPS settings
• Compliance with legal, health, and environmental policies
• Conflict resolution between IoT applications
• Integration of hardware and software systems
• Managing device lifecycle (e.g., secure software updates and security of legacy devices)
• Privacy challenges in IoT/CPS settings
• Privacy preserving data sharing and analysis
• Resiliency against attacks and faults
• Safety in human-in-the-loop systems
• Secure connectivity in IoT
• Secure updates
• Support for IoT development - debugging tools, emulators, testbeds
• Usable security and privacy for IoT platforms
• Verification of safety in IoT platforms

Our workshop will cover, but not limit itself to, the following domains​:

• Autonomous vehicles and transportation infrastructure
• Medical CPS and public health
• Smart buildings, smart grid, and smart cities

Call for Posters and Demos

If you would like to share a provocative opinion, an interesting preliminary work, or a cool idea that will spark discussion about IoT safety, the poster and demo section is a perfect venue to introduce new or ongoing work. Poster and demo presenters will have the opportunity to discuss their work, get exposure, and receive feedback from attendees.

---

Submission Instruction

Submitted papers must be in English, unpublished, and must not be currently under review for any other publication. Submissions must follow the official IEEE Conference Proceedings format. Full papers must be at most 6 single-spaced, double column 8.5” x 11” pages. Posters and Demos must be at most 1 single-spaced, double column 8.5” x 11” page, and have "poster" or "demo" in their titles. All figures, references, and appendices must fit within these limits. Papers that do not meet the size and formatting requirements will not be reviewed. All papers must be in Adobe Portable Document Format (PDF) and submitted through the web submission form via EasyChair (submission link below). The review process is single-blind.

Full Papers: 6 pages.
Posters and Demos: 1 page (with "poster" or "demo" in the title).

Submission Form »

---

Presentation Form

All accepted submissions will be presented at the workshop and included in the IEEE workshop proceedings.

One author of each accepted paper is required to attend the workshop and present the paper for it to be included in the proceedings.

Organization anchor

---

Organization

General Chair

Jyotirmoy Vinay Deshmukh (University of Southern California)

Program Committee Chairs

Aanjhan Ranganathan (Northeastern University)

Patrick Tague (Carnegie Mellon University)

Technical Program Committee

Gail-Joon Ahn (Arizona State University)

David Barerra (Carleton University)

Gedare Bloom (University of Colorado Colorado Springs)

Jyotirmoy Deshmukh (University of Southern California)

Kassem Fawaz (University of Wisconsin-Madison)

Richard Han (University of Colorado Boulder)

Anwar Hithnawi (UC Berkeley)

Bardh Hoxha (Toyota Research Institute North America)

Kari Kostiainen (ETH Zurich)

Insup Lee (University of Pennsylvania)

Joseph Maguire (University of Glasgow)

Adwait Nadkarni (William and Mary)

Sashank Narain (Umass Lowell)

Miroslav Pajic (Duke University)

Amir Rahmati (Stony Brook University)

Aanjhan Ranganathan (Northeastern University)

Kay Roemer (TU Graz)

Elizabeth Stobert (National Research Council Canada)

Paulo Tabuada (University of California, Los Angeles)

Patrick Tague (CMU)

Yuan Tian (University of Virginia)

Nils Ole Tippenhauer (CISPA Helmholtz Center for Information Security)

James Weimer (University of Pennsylvania)

Xinyu Zhang (University of California San Diego)

Saman Zonouz (Rutgers University)

Steering Committee

Bharathan Balaji (Amazon)

Robin Kravets (University of Illinois, Urbana Champaign)

Mani Srivastava (University of California, Los Angeles)

John A. Stankovic (University of Virginia)

Patrick Tague (Carnegie Mellon University)