Trustworthiness is a critical concern stakeholders have about Cyber-Physical Systems (CPS) and the Internet of Things (IoT) and their deployment. The National Institute of Standards and Technology's Smart Grid and Cyber-Physical Systems Program Office released its CPS Framework in May 2016 and, there, trustworthiness is captured as a high-level concern encompassing safety, security, privacy, resilience, and reliability. While there are many efforts, in multiple sectors, to study these characteristics of systems they are typically considered separately and in isolation. This can result in work, intended to address one of these concerns, adversely impacting work to address one or more of the others. Thus CPS/IoT trustworthiness relies on an integrated, concern-driven approach that takes into account the interactions between the cyber and physical elements of systems.
This workshop will convene thought leaders from industry, academia, and government with expertise in engineering, physical and information sciences to examine the measurement challenges and opportunities for progress surrounding new concepts for trustworthiness to Cyber-Physical Systems (CPS) and Internet of Things (IoT) applications. Presentations and discussion sessions will focus us on the integration of approaches from safety, security, resilience, reliability, and privacy engineering to the conceptualization, realization, and assurance of safe, secure, and effective CPS and IoT systems.
Tuesday August 30, 2016 – Green Auditorium
Opening Session (Moderator: Dave Wollman, NIST)
Elements of Risk management for Trustworthiness (Moderator: N. Ivy, NIST)
Trustworthiness Risk Management in Connected, Interacting Environments
What are the key elements of risk management frameworks that are useful to consider in the context of the various Trustworthiness concerns?
How can risk management frameworks support consideration of risks across
How can existing risk management frameworks assist in measuring risks in
White House Priorities for trustworthy CPS/IoT Systems
Trustworthiness Concerns Working Sessions
Working sessions will review current approaches to the trustworthiness concerns in question (e.g., standards and best practices that are process- or certification-based). Each session will consist of remarks by subject matter experts followed by a general Q&A session addressing:
How is safety/ security/ privacy/ resilience/ reliability currently addressed and how is that affected by new CPS/IoT challenges?
What types of metrics exist for safety/ security/ privacy/ resilience/reliability and what data/information is needed to develop or improve these metrics?
How do current methodologies for safety/security/privacy/resilience/reliability interact with those of the other dimensions of trustworthiness? What dependencies are recognized between these areas/disciplines?
Additional discussion will take place following initial remarks focusing on the challenges to the approaches posed by CPS and IoT. Key issues include:
Session I: CPS Safety (Moderator: C. Vishik, Intel)
Safety Challenges in Freely Composed CPS
Lunch NIST Cafeteria, Bldg. 101
Session II: CPS Privacy (Moderator: N. Lefkovitz, NIST)
Privacy in a Highly Connected World of CPS
First Day Review of Results and Next Day Objectives
Adjourn Day 1
Wednesday Morning, August 31, 2016 – Green Auditorium
First Day Review
Session III: CPS Resilience and Reliability (Moderator: T. McAllister, NIST)
Resilience and Reliability Challenges and CPS Game-Changers
Session IV: CPS Security (Moderator: R. Ross, NIST)
Challenges and Opportunities – Building Trustworthy Secure Systems
Lunch NIST Cafeteria, Bldg. 101
Dialogue on Guiding Principles for Securing IoT
Crosscutting Scenario for Trustworthiness (Moderator: E. Griffor)
A high-profile, trustworthiness risk scenario, chosen at the end of the first day of the workshop, will be analyzed along the dimensions of safety/security/privacy/ resilience/reliability. The session participants will point out the tradeoffs between those concerns and assess the impact of the CPS and IoT challenges. On stage will be individuals representing the different Trustworthiness concerns.
Closing Summary - Wrap up and Next Steps
Questions/Challenges/Scenario Lists for Workshop Sessions
Trustworthiness Risk Management
CPS and IoT Challenges
Trustworthiness Dimension Sessions- (Safety/Security/Privacy/Resilience/Reliability)
If you are not registered, you will not be allowed on site. Registered attendees will receive security and campus instructions prior to the workshop.
NON U.S. CITIZENS PLEASE NOTE: All foreign national visitors who do not have permanent resident status and who wish to register for the above meeting must supply additional information. Failure to provide this information prior to arrival will result, at a minimum, in significant delays (up to 24 hours) in entering the facility. Authority to gather this information is derived from United States Department of Commerce Department Administrative Order (DAO) number 207-12. When registration is open, the required NIST-1260 form will be available as well. *New Visitor Access Requirement: Effective July 21, 2014, Under the REAL ID Act of 2005, agencies, including NIST, can only accept a state-issued driver's license or identification card for access to federal facilities if issued by states that are REAL ID compliant or have an extension. Click here for a list of alternative identification and further details>>