Breaking Down AI Security and Safety at the Industrial Edge

Industry 4.0 brings about rapid change with technologies like AI, industrial IoT, digital twins, and robotics promising advanced automation and efficiency for many industries. Early adoption of these technologies is already showing up in production with vision AI automating quality inspection, predictive maintenance used to reduce machine downtime, and factories bringing in autonomous machines that work side by side with humans. While there are many benefits of this 4th industrial revolution, organizations need to look at how to modernize safety and security processes to meet this new world. Cyber security and functional safety are both practices that have been around for years, in this talk we’ll look at how AI changes practices and what opportunities there are to take advantage of AI for both safety and security.
Specific we’ll cover:

• Cyber security and safety considerations for AI deployed at the edge
• How safety and security has already been implemented in areas like self-driving cars and what lessons we can bring to industrial automation
• The role of edge computing for real-time inference, enabling both preventive and proactive safety

Biography

Riccardo Mariani is widely recognized as an expert in functional safety and integrated circuit reliability. In his current role as VP of Industry Safety at NVIDIA, he is responsible for driving safety alignment across NVIDIA’s automotive and embedded business units. To this end, he is responsible for developing cohesive safety strategies and cross-segment safety processes, architecture, and products that can leveraged across NVIDIA’s AI-based hardware and software platforms. Prior to NVIDIA, he was chief functional safety technologist at Intel Corporation, where he oversaw strategies and technologies for IoT applications that require functional safety, high reliability, and performance, such as autonomous driving, transportation, and industrial systems. Riccardo Mariani is 2022 First VP of IEEE Computer Society and chair of the IEEE Computer Functional Safety Standards Committee. Mariani spent the bulk of his career as CTO of Yogitech, an industry leader in functional safety technologies. A prolific author and respected inventor in the functional safety field, Mariani has contributed to multiple industry standards efforts throughout his career, including leading the ISO 26262-11 part specific to semiconductors and now co-editing ISO/TR 5469 on Artificial Intelligence and Safety. He is the recipient of the 2021 Ron Waxman DASC Meritorious Service Award. He holds a bachelor’s degree in electronic engineering and a Ph.D. in microelectronics from the University of Pisa in Italy.

Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies

Alongside traditional Information and Communication Technologies, more recent ones like Smartphones and IoT devices also became pervasive. Furthermore, all technologies manage an increasing amount of confidential data. The concern of protecting these data is not only related to an adversary gaining physical or remote control of a victim device through traditional attacks, but also to what extent an adversary without the above capabilities can infer or steal information through side and covert channels!
In this talk, we survey a corpus of representative research results published in the domain of side and covert channels, ranging from TIFS 2016 to more recent Usenix Security 2022, and including several demonstrations at Black Hat Hacking Conferences. We discuss threats coming from contextual information and to which extent it is feasible to infer very specific information. In particular, we discuss attacks like inferring actions that a user is doing on mobile apps, by eavesdropping their encrypted network traffic, identifying the presence of a specific user within a network through analysis of energy consumption, or inferring information (also key one like passwords and PINs) through timing, acoustic, or video information.

Biography

Mauro Conti is Full Professor at the University of Padua. He is also  affiliated with TU Delft and University of Washington, Seattle. His research in the area of Security and Privacy is also funded by  companies, including Cisco, Intel, and Huawei. He published more than 450 papers in international venues. He is Editor in Chief for IEEE TIFS.  He is Fellow of the IEEE and YAE and Senior member of ACM.

The Italian Cybersecurity strategy: a support program for the development of new innovative entrepreneurship

The new forms of strategic competition that characterize the geopolitical scenario, require Italy to continue and, where possible, increase cybersecurity initiatives. This, in compliance with the commitments undertaken within international organizations which Italy is a member Party of. To achieve this new vision, Italy conceived a cybersecurity ecosystem based on the collaboration between public and private sectors. In such system, the active contribution of the Institutions is complemented by that of economic operators – primarily those entrusted with the management of infrastructures on which depend the provision of essential services by the State – the world of universities and research, and civil society as well. Everyone is called to take an active part in protecting its own IT assets, in compliance with internationally recognized rules.

Biography

Luca Nicoletti graduated in Physics at the University of Rome “La Sapienza” in 1996. After doing his military service as a Navy Officer, since 1997 he has been working in the IT field, being interested from the beginning in distributed systems and Web technologies. Between 1998 and 2000 he worked on Management Control Systems for important Italian companies in the Telecommunications and Energy fields. Between 2000 and 2013 he works in Consip, first in the “Technological Architectures” area and then in the “System Solution” area. In 2013 he moved to Sogei S.p.A. in the “Technological Architectures and Services” area where he was responsible of the Technological Demand Management group. From 2007 to 2018 he joined server FP7/H2020 projects, serving as technical expert or technical leader. From 2019, he has worked in the Presidency of the Council of Ministers, and from 2021 he moved in the National Agency for Cybesecurity, holding positions as Head of IT, Industrial programs, Research and Development, coordinating several working groups, including the one for the writing of the implementing DPCMs of the Cybersecurity Perimeter, and the group that prepared the component of Mission 1 of the PNRR related to Cybersecurity. Over the years he has developed an in-depth knowledge of the public procurement code and tender procedures, as well as in the execution of complex contracts. His main fields of interest are Service Oriented Architectures, virtualization of systems and applications, Cloud Computing, Identity & Access management systems, topics on which he has produced articles and has been called to conduct seminars.

Cyber-Security, Cyber-Forensics, and Cyber-Investigation: scientific, technical, and legal practical issues for Law Enforcement Agencies

The Arma dei Carabinieri is both a Law Enforcement Agency and a Military Police Force. In those roles It deals with the investigation of thousands of high-tech related cases every year. Nevertheless, cybersecurity is a fundamental concern for the Corps, given the need for 24/7 protection of its numerous critical and digital assets widely distributed around the world. Despite the availability of many digital tools to support cyber-security, cyber-forensics, and cyber-investigation, working on a huge number of real cases allows our experts to see and evaluate procedural possibilities and limitations that cannot be managed with an automatic specialized hardware/software solution. This speech is about that: how real cases can truly test the tools and best practices used in the field when police-experts are under pressure and required to work as quickly as possible. There will be a brief introduction about the three cyber-pillars we’re examining (security, forensics, and investigation), then the introduction of a precise set of practical examples, unsolved problems and possible solutions. Finally, the very important, high-level implication of the entire speech will be discussed; namely, the basic question – can cyber-security, cyber-forensics and cyber-investigation really be considered sciences? – will be explored. In fact, due to their hybrid technical and legal backgrounds, these particular areas of expertise don’t always demonstrate the consistency that science demands.

Biography

Marco Mattiucci is a full Colonel of the Arma dei Carabinieri (Italian Military Police Force), is an electronic engineer with a specialization in artificial intelligence and has a PhD in forensic sciences with a specialization in digital forensics. As a laboratory director, he worked on digital forensics and investigations for more than 23 years, dealing with more than 10,000 cases. Then he became the head of the Central Cybersecurity Centre of the Carabinieri Headquarters. Currently, he is the director of the Central ICT Department of the Carabinieri Headquarters in charge of managing: three national-level datacenters, one supercomputer, the development of about 250 complex software applications to support police activity, and a national, multilevel network with about 80,000 nodes. He is collaborating with the Carabinieri R&D Department to study: the transition to a super-secure, multi-cloud environment, the implementation of a private blockchain, the deep learning applications for investigations and quantum-based, super-secure, communications on optical fibers (QKD).