Annual Industrial Control System Security (ICSS) Workshop

Agenda     •     Proceedings

The Industrial Control System Security Workshop will be held in San Juan, Puerto Rico, Tuesday, December 4, 2018, in conjunction with the Annual Computer Security Applications Conference (ACSAC). ACSAC will be held at the Condado Plaza Hilton, San Juan, Puerto Rico.

Supervisory control and data acquisition (SCADA) and industrial control systems monitor and control a wide range of industrial and infrastructure processes such as water treatment, power generation and transmission, oil and gas refining and steel manufacturing. Such systems are usually built using a variety of commodity computer and networking components and are becoming increasingly interconnected with corporate and other Internet-visible networks. As a result, they face significant threats from internal and external actors. For example, in 2010 the Stuxnet malware was specifically written to attack SCADA systems and caused millions of dollars in damages.

The critical requirement for high availability in SCADA and industrial control systems, along with the use of resource-constrained computing devices, legacy operating systems, and proprietary software applications limits the applicability of traditional information security solutions. The goal of this workshop is to explore new offensive and defensive techniques that are applicable in the control systems context. Papers of interest including (but not limited to) the following subject categories are solicited:

  • Intrusion detection and prevention
  • Malware
  • Vulnerability analysis and risk management
  • Digital forensics
  • Virtualization
  • Application security
  • Performance evaluation of security methods and tools in control systems
  • Cybersecurity Education


Submissions should be 5-8 pages, using the double-column ACM proceedings format (acmart) template available at, with the [sigconf, anonymous] options. Submissions should not use older ACM templates (e.g., sig-alternate). If you encounter any problems with the acmart template, please contact You can also report problems with the template to so that they are reviewed by SIG volunteers.

All submissions must be anonymous. Submission website is at The accepted workshop papers will be published by ACM. The slides will be published on the ACSAC website.

Important Dates

Submission Deadline:September 24, 2018
Acceptance Notification:October 29, 2018
Final Manuscript due:November 9, 2018
Workshop Date:December 4, 2018

Organizing Committees

General Co-Chairs:
Harvey Rubinovitz, The MITRE Corporation
Adam Hahn, Washington State University

Program Chair
Irfan Ahmed, Virginia Commonwealth University

Publicity Chair
Hyunguk Yoo, University of New Orleans

Program Committee Members include:
Sajal Bhatia, Sacred Heart University
Alvaro Cardenas, University of Texas at Dallas
Ernest Foo, Queensland University of Technology, Australia
Marina Krotofil, FireEye, Inc.
Sye Loong Keoh, University of Glasgow
Thomas Locher, ABB
Daisuke Mashima, Advanced Digital Science Center in Singapore
Tommy Morris, University of Alabama in Huntsville
John Mulder, Sandia National Laboratories
Stephen McLaughlin, Samsung Research America
Igor Nai Fovino, Institute for the Protection and Security of the Citizen, Joint Research Centre
Julian Rrushi, Oakland University
Bradley Schatz, Schatz Forensic
Jared Smith, Oak Ridge National Laboratory
Saman Zonouz, Rutgers University
Tim Zimmerman, NIST

Workshop Registration

If you are interested in attending, please check off the appropriate box on the conference registration form and add in the Industrial Control System Security (ICSS) Workshop fee. Lunch will be included as part of the workshop fee.


Awad-Beztchi-Tools, Techniques, and Methodologies.pdf, Rima Awad, Saeed Beztchi, Jared Smith, Stacy Prowell, and Bryan Lyles, Oak Ridge National Lab

Graph-Based Data Collection Policies for the Internet of Things, Maribel Fernandez, Jenjira Jaimunk, Department of Informatics, King.s College London; and Bhavani Thuraisingham, The University of Texas at Dallas

Invited Presentation:Potential and Limitations for using Statistical Data Analysis in the Detection of Cyber Attacks on Cyber-Physical Systems, John Mulder, Sandia National Laboratories

The Nuts and Bolts of Deploying Process-Level IDS in Industrial Control Systems, Magnus Almgren, Wissam Aoudi, Robert Gustafsson, Chalmers University of Technology; Robin Krahl, University of Freiburg, and Andreas Lindhé, Combitech

A Virtual Environment for Industrial Control Systems: A Use-Case in Attack Detection, Identification, and Response, Andrés Murillo, Luis Francisco Combita; Universidad de los Andes, Andrea Calderón González; Universidad Nacional de Colombia, Sandra Rueda; Uniandes, Álvaro Cárdenas, University of Texas Dallas; and Nicanor Quijanom, Universidad de los Andes

Invited Presentation: Cybersecurity Framework Manufacturing Profile Implementation, Keith Stouffer, NIST

Securing Your ICS Software with the Attack Surface Host Analyzer (AHA), Adam Hahn, Dave Anderson, and Ali Tamimi, Washington State University

Additional ACSA Events:
NSPW – New Security Paradigms Workshop
LASER – Learning from Authoritative Security Experiment Results