Registration is Open and Programme available! Please note also our associated Workshop SPARKS (Friday 26th August)



The 4th International Symposium for ICS & SCADA Cyber Security brings together researchers with an interest in the security of industrial control systems in the light of their increasing exposure to cyber-space. The topics of interests are broad, ranging from security for hardware/firmware used in industrial control systems, to system aspects of ICS such as secure architectures and vulnerability screening to the human aspects of cyber security such as behaviour modelling and training. ICS-CSR is a research conference aimed at high quality academic research in any of the specified themes and topics of interest. We welcome original contributions that present innovative ideas, proof of concepts, use cases, and results from a variety of domains with a wish to enhance the security of infrastructure.

This year we are expanding the conference to host multiple tracks on the second day of the conference. The tracks are on: i) Smart Grid Security and ii) Human Factors in CI Security. When submitting your paper's, please indicate if you are submitting to a specific track or the main conference track.

Proceedings of the ICS-CSR are hosted by the British Computer Society (BCS) in their eWiC series. Proceedings are indexed in the ACM Digital Library, EBSCO, DBPL and Google Scholar

This year's conference will take place on the 23rd to 25th of August 2016 at the Queen's Belfast University, UK

As with last year's edition, we will be inviting the best conference submissions to a special issue on Cyber Security of Industrial Control Systems. Papers will have to be significantly extended and will undergo an additional peer-review process before acceptance. The call for extended papers will be distributed at the conference.

Topics of Interest and Special Sessions


ICS-CSR is welcoming contributions that have a direct application or relevance to Security aspects of Supervisory Control and Data Acquisition Systems (SCADA), Industrial Control Systems (ICS), or Cyber Physical Systems (CPS).

This topic list is not meant to be exhaustive; ICS-CSR is interested in all aspects of computer security relating to ICS. Papers without a clear application to SCADA, Embedded Systems or Industrial Control, however, will be considered out of scope and may be rejected without full review.

Main Conference Track

  • SCADA, ICS and CPS Hardware Security Solutions
    • Encryption, Authentication, Availability Assurance
    • Resilient Systems
    • Application Security
    • Secure Firmware
    • Timing Vulnerabilities in RT-Control Systems
    • Security Implications of Feature Interactions
  • SCADA, ICS and CPS System Security
    • Security Architectures
    • Safety-Security Interactions
    • Intrusion Detection
    • Malware Analysis
    • Vulnerability Assessment/Screening
    • Secure Communication Protocols
    • Cyber Security Engineering
    • Metrics
    • Standards and Practices
    • Anonymity
    • Privacy
    • Language-based Security
    • Network Security
    • Protocol Security
    • Security Testing
  • SCADA, ICS and CPS Forensics
    • Hardware Forensics
    • Incidence Response
    • Live Forensics
    • Accountability
    • Forensic Readiness
    • Attribution

Cyber Security of Industrial Control Systems for Smart Grid

The smart grid integrates modern ICT and industrial control systems into power systems to allow monitoring and control capability with the aim of improving the efficiency, reliability and safety of the grid. The increased connectivity of such an environment provides new and widely spread entry points and a greatly increased attack surface from a cyber security perspective. An entire industry has grown around security vulnerabilities in the IT domain. With the introduction of smart grid services, something similar is likely to happen in the energy domain, with a focus on the vulnerabilities of industrial control systems that underpin these services.

Until now grid operators have lived in a relatively protected stand-alone security environment. The software and communication protocols have been different than those used on the internet and largely unknown to hackers. However, new smart grid services like demand side management and secondary substation automation, introduce new attack surfaces, new financial incentives, and in many cases use Internet protocols, thus paving the way for cyber-attacks. Attacks have the potential to lead to grid instability, blackouts, fraud, loss of customer information and physical damage of the infrastructure with significant consequences in terms of loss of revenue and loss of public confidence and trust.

The cyber security issues for the smart grid need to be clearly understood and adequately addressed to ensure the successful operation of next-generation power systems. This special session provides a platform for researchers in academia, industry and government to discuss and address the cyber security of the industrial control systems that underpin the smart grid.

  • Securing legacy industrial control systems in a modern smart grid
  • Smart grid ICS threat analysis and modelling
  • Cyber security risk management for smart grid
  • Cyber-attack resilience and tolerance analysis
  • Control strategies for the recovery of the smart grid under cyber attack
  • Smart grid security analytics and intrusion detection
  • Secure state estimation
  • Cyber security for microgrids
  • Cyber security for electrical substation automation
  • Data security technologies for smart meters

Cyber Situational Awareness track

Cyber situational awareness is receiving much attention. For example, it features prominently in national cyber and cyber security strategies being adopted all over the world. It is clear that decision-makers on the strategic level feel the need to know what is happening in "cyber space". Proper decisions require proper understanding of what is going on. In a world where ICS, SCADA and CPS are increasingly connected and exposed to the outside world, cyber situational awareness is becoming an indispensable part of operational excellence and prudent cyber security.

Situational awareness is commonly as "the perception of the elements in the environment within a volume of time and space, the comprehension of their meaning and the projection of their status in the near future" (Endsley, 1988). Cyber situational awareness is the part of situational awareness which concerns the cyber environment. This necessarily involves both technical, cognitive, and organizational challenges. Large amounts of information must be collected, processed, understood, and communicated in a timely and meaningful way to the relevant decision-makers. As a result, cyber situational awareness ought to be studied from many different perspectives, with the overall situational awareness of the situation in mind. The track on cyber situational awareness welcomes submissions on the following topics (not necessarily exhaustive):

  • Information exchange for cyber situational awareness
  • Human-computer interaction, work flows and visualization for cyber situational awareness
  • Training and exercises for cyber situational awareness
  • Bridging the gap between the operational/technical and strategic/management levels
  • Deception and cyber situational awareness
  • Empirical evaluations of technical solutions for cyber situational awareness
  • Uncertainty, strategic behavior and game theory related to cyber situational awareness
  • Data fusion for cyber situational awareness

Submission and Guidelines


Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Papers must be clearly presented in English, must not exceed 10 pages, including tables, figures, references and appendixes and follow the EWIC formatting guidelines: Accepted papers will be published in conference proceedings and indexed in the ACM digital library.

All papers will be peer reviewed by members of the Programme Committee. Papers will be selected based on their originality, timeliness, significance, relevance, and clarity of presentation. Distinguished papers, after further revisions, will be considered for publication in a special issue. The program committee will select a Best Paper Award winner for this conference. Submission of a paper should be regarded as a commitment that, should the paper be accepted, at least one of the authors will register and attend the conference to present the work.

Submit your paper via EasyChair:

Papers for the Smart Grid trackb should include the prefix ("SG: ") in the registration title. Papers for the Situational Awareness track should include the prefix ("SA: ") in the registration title.

Instructions for Short Positional Paper Submission:

We welcome the submission of short positional papers for poster presentation during the conference. Positional papers must be clearly presented in English, must not exceed 4 pages, including tables, figures, references and appendixes and follow the EWIC formatting guidelines: Accepted papers will be eligible for inclusion for presentation as a poster during the conference and selected papers will be included as an annex in the published conference proceedings. Submit your short positional paper via EasyChair: and use the prefix "POSITIONAL" in the registration title.

Important Dates

Paper Submission Due: 9th May 2016 (23:59 CET) (extended to Friday 20th May 2016 (23:59 CET))
Acceptance Notification: 20 June 2016
Revised Papers Due: 4 July 2016
Early Bird Registration: by 26 July 2016
Registration: by 9 August 2016
Late Registration: after 10 August 2016
Conference: 23-25 August 2016

Keynote Speakers


Eeiran Leverett (Cambridge University, Concinnity Risks)

Éireann Leverett once found 10,000 vulnerable industrial systems on the internet. He then worked with Computer Emergency Response Teams around the world for cyber risk reduction. He likes teaching the basics, and learning the obscure. He continues to be fascinated by computer science, cryptography, networks, information theory, economics, and magic history. He is also fascinated by zero knowledge proofs, firmware and malware reverse engineering, and complicated network effects such as Braess' and Jevon's Paradoxes. He has worked in quality assurance on software that runs the electric grid, penetration testing, and academia. He likes long binwalks by the hexdumps with his friends.
Éireann Leverett is a regular speaker at computer security conferences such as FIRST, BlackHat, Defcon, Brucon,, RSA, and CCC; and also a regular speaker at insurance and risk conferences such as Society of Information Risk Analysts, Onshore Energy Conference, International Association of Engineering Insurers, International Risk Governance Council, and the Reinsurance Association of America. He has been featured by the BBC, The Washington Post, The Chicago Tribune, The Register, The Christian Science Monitor, Popular Mechanics, and Wired magazine. He also serves in an advisory role to ENISA: on the industrial control systems and smart grid security experts group.
He was part of a multidisciplinary team that built the first cyber risk models for insurance with Cambridge University Centre for Risk Studies and RMS.

Title: Attackers are magic, but defense is science.
Abstract:Unknown unknowns. Information asymmetry. Composable insecurity. Incomposable security. Embodied vulnerabilities. Software Liability. Firmware as a critical infrastructure. Anything could happen.

To be Confirmed. Previous Keynote Speakers include John S. Baras (University of Maryland), John Matherly (Shodan), Stephan Luders (CERN), Eric Byres (Tofino, Belden), Thomas Brandstetter (Limes), Sally Levesley (New Risk).


Conference Registration is now open. Please follow the link to the registration page Early bird Registration closes on 26th July 2016.

We are also pleased to announce that the SPARKS workshop is now co-located with ICS-CSR'16. The workshop will be on Friday 26th August following the symposium. Registration for this event is separately through the SPARKS project website.


Airbus Group Logo

The Airbus Group is a global leader in aerospace, defence and related services, employing around 133,000 people at more than 170 sites worldwide. Developing sustainable aircraft, connecting people, observing and understanding Earth, and making the world a safer place: Airbus does things that matter. Ever since its inception in 2000, Airbus has constantly drawn from the strength that comes from integration. The Group brings together businesses that are market leaders in their own right, forming a collective driven by a single vision. Airbus Group includes Airbus as the leading global manufacturer of the most innovative commercial and military aircraft, with Airbus Military covering tanker, transport and mission aircraft. Airbus Defence and Space, the European leader in space programmes and the third biggest space provider worldwide, is active in all space activities, from large-scale space systems to satellite services. Airbus - its people and its innovations plays a role in creating some of the world's biggest success stories, helping to make tomorrow's technology a reality.

DMU Logo

De Montfort University is a public research and teaching university situated in the city of Leicester, England, adjacent to the River Soar and the Leicester Castle Gardens. In 2008, 70% of the university's research was deemed 'world leading' (40%), or 'internationally excellent' (30%) in the United Kingdom Research Assessment Exercise. The university's pioneering research, driven by over 1,000 research students and supported by 500 staff, is internationally renowned and addresses some of the most critical issues affecting our world. Demonstrating the significance of this work, three key pieces of research are listed among the UK's top 100 projects that will have a profound impact on the future.

QUB Logo

Queen’s University Belfast was founded as Queen’s College in 1845, and is the ninth oldest university in the UK. Today it is an international centre of research and education, and is ranked in the top one per cent of global universities. With more than 23,000 students and 3,700 staff, it is a dynamic and diverse institution. In 2014 Queen’s was 8th in the UK for research intensity, with over 75% of Queen’s researchers undertaking world-class or internationally leading research. Queen’s is ranked number one in the UK for participation in Knowledge Transfer Partnerships and is the UK leader in terms of spin-out activity. Queen’s is home to the Centre for Secure Information Technologies (CSIT) – a major hub for research and innovation in cyber security.




Queen's University Belfast

The Centre for Secure Information Technologies (CSIT) at Queen’s University Belfast is a UK Innovation and Knowledge Centre, established to promote, exploit and commercialise innovative cyber security research. CSIT is recognised by GCHQ and the UK Research Council as an Academic Centre of Excellence in Cyber Security Research. With 90 people, it is one of the UK’s largest academic research centres in cyber security. CSIT brings together specialists in complementary fields including data and network security, wireless enabled security systems and intelligent surveillance systems. The centre has a professional commercialisation team and engineering staff who work closely with research teams to identify and develop innovations. In 2016 Her Majesty the Queen awarded CSIT a prestigious Queen’s Anniversary Prize for Higher and Further Education for its work in strengthening global cyber security. The Queen’s Anniversary Prizes are part of the national honours system and recognise and honour outstanding achievement by universities and colleges in the UK. CSIT is located within the Northern Ireland Science Park, in what was once the heart of the Harland & Wolff shipyard, where the Titanic and her sister ships were designed and built. The conference venue itself provides a spectacular view overlooking the Thompson dry-dock where the Titanic was fitted out in 1911. Once the largest dry dock in the world, at 259m long, the dock is the footprint of the Titanic and provides an amazing representation of the scale of the ship. Also close by is the film studio where HBO shoots the famous Game of Thrones series.

Belfast City Hall

The conference banquet takes place on the evening of Wednesday 24th August 2016 at Belfast City Hall. Guests will be welcomed to the City Hall by the Lord Mayor at a drinks reception hosted by Belfast City Council. Belfast City Hall opened its doors in 1906 during a great time of prosperity for the city. Today, the magnificent building is a lasting memorial to Belfast's success and a great source of civic pride. We thank the Lord Mayor and Belfast City Council for their gracious hospitality.

Recommended Hotels

  • (****) Malmaison Belfast, 34-38 Victoria St, Belfast, BT1 3GH
  • (****) Europa Hotel, Great Victoria Street, Belfast, BT2 7AP
  • (***) Premier Inn Belfast City Cathedral Quarter, 2-6 Waring St, Belfast, BT1 2DX
  • (***) Ramada Encore Belfast City Centre, 20 Talbot St, Belfast, BT1 2LD

Travel to the Venue

The Centre for Secure Information Technologies is in the ECIT building: ECIT, Northern Ireland Science Park, Queen’s Road, Queen's Island, Belfast, BT3 9DT

From the City Centre (the area around City Hall):

  • A taxi is the simplest way to travel to the venue, and will cost in the region of £6 - £8. The major taxi providers are ValueCabs (Tel: +44 28 9080 9080) and FonaCab (Tel: +44 28 9033 3333).
  • Bus number 26B departs from Donegall Square North, opposite the front of City Hall, and stops at the Science Park. Journey Time is approximately 10 minutes. Timetable information can be found at

Travel to Belfast

Belfast is served by two nearby airports, Belfast City (BHD) and Belfast International (BFS). Direct bus services from each airport will transport you to the city centre, terminating beside the Europa Hotel. See link below for information:

Belfast can also be reached by flying to Dublin Airport. Direct bus services to Belfast take approximately 2 hours, terminating beside the Europa Hotel. See links below for information:

A wide range of tourist information about Belfast and the surrounding area can be found at

Program Committee


General Conference Chairs

Organising Chair and Committee

Special Session Chairs for Cyber Security of Industrial Control Systems for Smart Grid

Special Session Chair for Cyber Situational Awareness

Technical Programme Committee (tbc)

  • Adriano Valenzano, CNR-IEIIT, National Research Council of Italy
  • Alvaro Cárdenas, University of Texas at Dallas, USA
  • Andrew Nicholson, WMG, Warwick University UK
  • Andrew Jones, De Montfort University, UK
  • Antoine Lemay, Ecole Polytechnique de Montreal, Canada
  • Ayman Al Issa, Booz Allen Hamilton, Abu Dhabi
  • Bela Genge, Petru Maior University of Tg. Mures
  • Chris Hankin, Imperial College UK
  • Chris Johnson, University of Glasgow UK
  • Christian Facchi, Technische Hochschule Ingolstadt, Germany
  • Cody Fleming, University of Virginia, USA
  • David Hutchison, Lancaster University UK
  • Edmundo Monteiro, University of Coimbra Portugal
  • Eireann Leverett, University of Cambridge
  • Eric Byres, Byres Security
  • Erol Gelenbe, Imperial College UK
  • Federico Maggi Politecnico di Milano Italy
  • Florian Skopik, AIT Austrian Institute of Technology
  • Giampaolo Bella, Universita di Catania, Italy
  • Helmut Kaufmann, Airbus Group Innovations Germany
  • Howard Shrobe, Massachusetts Institute of Technology (MIT), USA
  • Jens Braband, Siemens, Germany
  • John Baras University of Maryland USA
  • Jose Fernandez Ecole Polytechnique de Montreal Canada
  • Jules Ferdinand Pagna Disso, Nettitude UK
  • Kieran McLaughlin, Queen's University Belfast NI
  • Laurens Lemaire KU Leuven Belgium
  • Luca Durante, CNR-IEIIT Italy
  • Leandros Maglaras, De Montfort University, UK
  • Marina Krotofil, European Network for Cyber Security, Netherlands
  • Mark Carolan, Esoion Group, Ireland
  • Mathias Fischer, University of Münster, Germany
  • Michael Kasper, Fraunhofer Institute SIT Germany
  • Michael Roßberg, Technische Universität Ilmenau Germany
  • Monica Whitty, University of Leicester UK
  • Nancy Leveson, Massachusetts Institute of Technology, USA
  • Oscar Garcea-Morchon, Philips Research Netherlands
  • Paddy Francis, Airbus Defence and Space UK
  • Panayotis Kikiras, AGT International, Germany
  • Paul Smith, AIT Austrian Institute of Technology GmbH Austria
  • Paulo Simões, University of Coimbra Portugal
  • Pete Burnap, Cardiff University UK
  • Peter Fuhr Oak Ridge National Laboratory USA
  • Piroska Haller, Petru Maior University of Tg. Mures, Romania
  • Rob Rowlingson, BT Security UK
  • Robert Oates, Rolls-Royce PLC UK
  • Roman Schlegel, ABB Corporate Research, Switzerland
  • Sebastian Obermeier, ABB Corporate Research, Switzerland
  • Stephan Reiff-Marganiec, University of Leicester UK
  • Stephen Wolthusen Royal Holloway, University of London, and Norwegian University of Science and Technology (NTNU) Norway
  • Thomas Brandstetter, Limes Security and FH St Poelten, Austria
  • Thomas H. (Tommy) Morris, Mississippi State University USA
  • Tiago Cruz, University of Coimbra, Portugal
  • Tobias Gebhardt, Airbus Defence and Space Cyber Security
  • Ulrik Franke, SICS – Swedish Institute of Computer Science
  • William Knowles, Lancaster University UK

Technical Programme Committee (Special Session -- Smart Grid)

  • André Teixeira, TU Delft, Netherlands
  • David Laverty, Queen's University Belfast, UK
  • Frank Fransen, TNO, Netherlands
  • Henrik Sandberg, KTH Royal Institute of Technology, Sweden
  • John O'Raw, Letterkenny Institute of Technology, Ireland
  • Kieran McLaughlin, Queen's University Belfast, UK
  • Lucie Langer, AIT Austrian Institute of Technology, Austria
  • Martin Hutle, Fraunhofer AISEC, Germany
  • Paul Smith, AIT Austrian Institute of Technology, Austria
  • Rohan Chabukswar, United Technologies Research Center, Ireland
  • Silvio La Porta, EMC, Ireland
  • Yi Yang, State Grid Jiangsu Electric Power Company Research Institute, China

Technical Programme Committee (Special Session -- Situational Awareness)

  • Babak Akhgar, Sheffield Hallam University, UK
  • Joel Brynielsson, FOI Swedish Defence Research Agency, Sweden
  • Michal Choras, University of Technology and Life Sciences (UTP), Poland
  • Göran N. Ericsson, SvK Swedish National Grid and KTH Royal Institute of Technology
  • Ulrik Franke, SICS – Swedish Institute of Computer Science
  • Andrew Nicholson, WMG, Warwick University, UK
  • Nikolai Stoianov, Defence Institute, Bulgaria
  • Jens Tölle, Fraunhofer-FKIE, Germany
  • Margaret Varga, Oxford University, UK


Airbus Group Innovations Logo DMU Logo QUB Logo



Submission: 20th May 2016
Notification: 20th June 2016
Revisions: 4th July 2016
Early Bird: by 26th July 2016
Standard: by 9th August 2016
Late: after 10th August 2016
Conference: 23-25 August 2016


DMU Logo
qub Logo