This book constitutes the thoroughly refereed post-conference proceedings of the Third International Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2017, and the First International Workshop on Security and Privacy Requirements Engineering, SECPRE 2017, held in Oslo, Norway, in September 2017, in conjunction with the 22nd European Symposium on Research in Computer Security, ESORICS 2017. The CyberICPS Workshop received 32 submissions from which 10 full and 2 short papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyber attacks that may be launched against such systems; and ways of detecting and responding to such attacks. From the SECPRE Workshop 5 full papers out of 14 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling.

This book constitutes the refereed proceedings of six International Workshops that were held in conjunction with the 26th European Symposium on Research in Computer Security, ESORICS 2021, which took place during October 4-6, 2021. The conference was initially planned to take place in Darmstadt, Germany, but changed to an online event due to the COVID-19 pandemic.The 32 papers included in these proceedings stem from the following workshops: the 7th Workshop on the Security of Industrial Control Systems and of Cyber-Physical Systems, CyberICPS 2021, which accepted 7 papers from 16 submissions; the 5th International Workshop on Security and Privacy Requirements Engineering, SECPRE 2021, which accepted 5 papers from 8 submissions; the 4th International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2021, which accepted 6 full and 1 short paper out of 15 submissions; the 3rd Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2021, which accepted 5 full and 1 short paper out of 13 submissions. the 2nd Cyber-Physical Security for Critical Infrastructures Protection, CPS4CIP 2021, which accepted 3 full and 1 short paper out of 6 submissions; and the 1st International Workshop on Cyber Defence Technologies and Secure Communications at the Network Edge, CDT & SECOMANE 2021, which accepted 3 papers out of 7 submissions. The following papers are available open access under a Creative Commons Attribution 4.0 International License via link.springer.com:Why IT Security Needs Therapy by Uta Menges, Jonas Hielscher, Annalina Buckmann, Annette Kluge, M. Angela Sasse, and Imogen Verret Transferring Update Behavior from Smartphones to Smart Consumer Devices by Matthias Fassl, Michaela Neumayr, Oliver Schedler, and Katharina Krombholz Organisational Contexts of Energy Cybersecurity by Tania Wallis, Greig Paul, and James Irvine SMILE - Smart eMaIl Link domain Extractor by Mattia Mossano, Benjamin Berens, Philip Heller, Christopher Beckmann, Lukas Aldag, Peter Mayer, and Melanie Volkamer A Semantic Model for Embracing Privacy as Contextual Integrity in the Internet of Things by Salatiel Ezennaya-Gomez, Claus Vielhauer, and Jana Dittmann Data Protection Impact Assessments in Practice - Experiences from Case Studies by Michael Friedewald, Ina Schiering, Nicholas Martin, and Dara Hallinan

This book constitutes the refereed post-conference proceedings of the 6th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2020, the Second International Workshop on Security and Privacy Requirements Engineering, SECPRE 2020, and the Third International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2020, held in Guildford, UK, in September 2020 in conjunction with the 25th European Symposium on Research in Computer Security, ESORICS 2020. Due to COVID-19 pandemic the conference was held virtually The CyberICPS Workshop received 21 submissions from which 5 full papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyberattacks that may be launched against such systems; and ways of detecting and responding to such attacks. From the SECPRE Workshop 4 full papers out of 7 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling and to GDPR compliance. From the ADIoT Workshop 2 full papers and 2 short papers out of 12 submissions are included. The papers focus on IoT attacks and defenses and discuss either practical or theoretical solutions to identify IoT vulnerabilities and IoT security mechanisms.

This book constitutes the refereed post-conference proceedings of the 5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the Third International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the First International Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2019, and the Second International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2019, held in Luxembourg City, Luxembourg, in September 2019, in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019. The CyberICPS Workshop received 13 submissions from which 5 full papers and 2 short papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyber attacks that may be launched against such systems; and ways of detecting and responding to such attacks. From the SECPRE Workshop 9 full papers out of 14 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling and to GDPR compliance. The SPOSE Workshop received 7 submissions from which 3 full papers and 1 demo paper were accepted for publication. They demonstrate the possible spectrum for fruitful research at the intersection of security, privacy, organizational science, and systems engineering. From the ADIoT Workshop 5 full papers and 2 short papers out of 16 submissions are included. The papers focus on IoT attacks and defenses and discuss either practical or theoretical solutions to identify IoT vulnerabilities and IoT security mechanisms.

This book constitutes the thoroughly refereed post-conference proceedings of the 4th International Workshop on the Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2018, and the Second International Workshop on Security and Privacy Requirements Engineering, SECPRE 2018, held in Barcelona, Spain, in September 2018, in conjunction with the 23rd European Symposium on Research in Computer Security, ESORICS 2018. The CyberICPS Workshop received 15 submissions from which 8 full papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyber attacks that may be launched against such systems; and ways of detecting and responding to such attacks. From the SECPRE Workshop 5 full papers out of 11 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling.