September 26 (Tuesday) is planned as a tutorials day.

In this section the schedule of the day is presented and a detailed description of each tutorial is provided.

To sign up for a chosen tutorial(s) please use the conference registration form. The initial deadline for signing up is September 15th, 2006 - at this point tutorial authors and conference organisers will make the final decision if a tutorial will be given. The decision will depend on the number of signed participants. In case of cancellation of a tutorial, declared participants will be able to select other tutorial or get back tutorial fee. Please note that if you reserve room for tutorials day in Holiday Inn hotel using the most preferable prices (89 single/115.50 double) reservation terms do not allow cancellation.

The fee for each tutorial is 130 €. The fee includes lunch and coffee breaks on the tutorials day. Attendance to DECOS/ERCIM Workshop is free.

Descriptions of tutorials

Tutorial 1

Title: Computer Support for the Information Security Management Systems (ISMS)


The aim of the tutorial is to provide the participants with theoretical and practical knowledge on:

  • information security management compliant with the ISMS
  • high/low level risk analysis
  • identification and valuation of the organization's assets
  • computer tools supporting information security management processes

The schedule of the tutorial includes:

  1. Introduction: Information security management system based on the business risk analysis approach compliant with the BS 7799/ISO/IEC 17799 (planned ISO/IEC 27001/27002) - 1 hour
    • standard basics
    • ISMS principles, processes and implementation
    • introduction to risk management
  2. Computer support for the ISMS - introduction to the SecFrame tool - 1 hour
    • standard basics in the SecFrame tool
    • PDCA model implementation
    • high/low level risk analyser
    • assets inventory
    • other ICT security computer-aided tool, e.g. SecCert (IT security development according to the Common Criteria)
  3. e-Gadget company - a case study - 2 hours
    • e-Gadget - company characteristics and ICT security needs
    • applied methodology for ISMS
    • implementation of the chosen e-Gadget ISMS components - practical demonstration using the SecFrame supporting tool
      1. development of the ISMS organization policy
      2. identification of main business domains
      3. high level risk analysis for chosen domains
      4. identification and validation of assets
      5. low level risk analysis for chosen assets
      6. controls selection - SOA (Statement of Applicability)
      7. implementation and audit
    • tutorial summary


Andrzej Bialas - Assistant Professor and Director of ICT Security Centre at the Institute of Control Systems, Chorzow, Poland. His projects include applied cryptography, tools for IT security development and evaluation, information security management, and critical information infrastructure protection. He is involved in modelling different aspects of information security with the use of the UML language. Andrzej Bialas is an author and co-author of books on IT security, academic textbooks, and several dozen publications in scientific and technical periodicals in Poland and abroad; a lecturer of trainings on IT security. He is also a member of IFIP WG11.1 Information Security Management.

Krzysztof Lisek - Senior Designer at the ICT Security Centre, the Institute of Control Systems, Chorzow, Poland. He is involved in projects on information security management. Mr Lisek has successfully completed several large-scale implementation projects in the scope of the Microsoft technology. He is a certified auditor according to BS-7799:2002. He also owns MCSE and MCDBA certifications from Microsoft. Additionally, he has carried out several dozen software legality audits. He is an experienced lecturer on software management, software legality, systems security and anti-virus solutions.

Details: Download detailed description as PDF file (263 kB).

Tutorial 2

Title: Cyber Security of Electric Power Infrastructure


Critical infrastructures are defined as systems whose incapacity or destruction would have a debilitating impact on the national security and the economic and social welfare of a nation. It includes such infrastructures like telecommunications, electric power, gas and oil, banking and finance, transportation, water supply, and government and emergency services.

Towards the end of the 20th century electric power infrastructure emerged as one of the most critical infrastructure in the sense that all other critical and vital infrastructures depend on reliable electricity supply. It is also considered as one of the most vulnerable to physical and cyber attack. Present-day electric power systems (EPSs), which are physical part of electric power infrastructure, are complex and technologically advanced systems. Assuring cyber security of these systems it is difficult interdisciplinary task.

The tutorial presents the physical structure of an EPS, organizational structure and issues connected with liberalisation and internationalisation of the sector, main concepts connected with an EPS control and operation, telecommunication network integrated with an EPS, an EPS threats, vulnerabilities and risks, examples of cyber attack scenarios, current research and practice in assuring EPS cyber security. In this context the tutorial also addresses issues of education and training.

Intended audience:

The tutorial addresses all involved in electric power infrastructure cyber security projects, government officials, generation, transmission and distribution companies, independent regulators, power exchange operators, suppliers of electric power equipment and services. The tutorial requires no prerequisite knowledge on electric power infrastructure and can also be considered as introductory course for novices.


Zdzislaw Zurakowski received his MSc in Electrical Engineering, specialisation electric power systems protection, from the Wroclaw University of Technology in Poland. He also completed postgraduate courses in design of microprocessor systems, and application of computers to engineering calculations and design, and training courses in software engineering.

From 1995 to 2003 he worked for the Institute of Power Systems Automation (IASE) in Wroclaw, Poland, as Senior Specialist where for the last 3 years in the Institute he worked on cyber security of extra high voltage electric power substation automation systems. Currently he is currying out private contracts.

Details: Download detailed description as PDF file (119 kB).

Tutorial 3

Title: Secret sharing schemes with applications to nuclear command and control. A case study in security engineering applied to building dependable, distributed systems.


The objective of the tutorial is to show how to design and implement systems that not only work in the presence of random errors and mistakes, a task often informally called as programming Murphy's computer (1), but also in the face of an intelligent and malicious adversary. Such an adversary is trying to ensure that things fail in the worst possible way at the worst possible time. In computer security community such an assignment is often referred as programming Satan's computer (2). The tutorial presents the interplay between various fields, from mathematics and information theory underlying secret sharing schemes, through engineering principles for robust system design, to soft issues (e.g. human factors). All above fields contribute to various levels of a complex system and interact with each other. Apart from sound theoretical foundations, such systems have proven themselves in practice, since there has not been accidental/unauthorized use of nuclear weapons, so far. We use secret sharing schemes and their applications as a vehicle to show principles of security engineering in operation.

The schedule of the tutorial includes:

  • Secret sharing schemes: the basics
  • Applications, implementations and possible malfunctions/attacks
  • Secret sharing schemes: extended capabilities and information theoretical properties
  • Practical considerations and risk management for securing large scale, dependable systems
  • Putting all together. A case study: nation's nuclear command & control as an example of distributed, secure multi-level system

(1) "Murphy's Law"
(2) After seminal paper by R. Anderson, R. Needham. 'Programming Satan's computer'. LNCS vol. 1000, 1995


Dr Kamil Kulesza is Visiting Scholar in Department of Applied Mathematics and Theoretical Physics (DAMTP), University of Cambridge and Assistant Professor at the Institute of Fundamental Technological Research, Polish Academy of Sciences in Warsaw (Poland).


  • 2005 PhD in complexity based cryptography (distinction) from the Institute of Fundamental Technological Research. Thesis title: "Secret Sharing Schemes for graphs", thesis advisor: Prof. Z. Kotulski.
  • 2001 Bachelor of Science (distinction) in Computer Science, Mathematics and Physics from University of South Africa in Pretoria.
His research interests include: theoretical computer science, cryptography, graph theory, economics of security, financial mathematics. Dr Kulesza also has got over 10 years of business experience in consulting and project management. He also co-founded two companies.

Tutorial 4

Title: Trust-IT: a method and tools for justifying trust in IT systems and infrastructures


Increasing dependence on IT (in both, individual and in group dimensions) calls for stronger guarantees that this dependence is well justified as well as that the trust in the system meeting safety, security, privacy and other expectations is based on evidence rather than on beliefs. The Trust-IT method introduces the concept of Trust Case - a documented body of evidence, which addresses the need of providing a complete and explicit justification continuously supporting the trustworthiness of an IT system/infrastructure being used in a given application context.

The tutorial aims at familiarisation with the concept of the trust case and its supporting tools, broadening the perception of its application scope as well as increasing awareness of the participant's role in a trust-building process. A trust case development scenario derived from experiences in e-health will be presented. This scenario involves collaboration of stakeholders through internet-enabled tools, context modelling, evidence integration and wide scope of trust objectives other than safety.

The tutorial covers:

  • methodology defining the syntax, semantics and typical design patterns of trust cases,
  • process defining how trust cases are developed, maintained and used,
  • system supporting collaborative development and maintenance of trust cases.

The tutorial includes a case study - a collaborative on-line development of a trust case for an e-health system using an internet-based supporting tool.

Intended audience:

The tutorial is intended for all involved in acquisition, management, development, and maintenance of trust-sensitive software systems. In particular, the tutorial is not limited to safety-critical systems nor assumes any prior knowledge of safety cases.


Jakub Miler, PhD, is Assistant Professor at the Department of Software Engineering, Gdansk University of Technology and member of the Information Assurance Group developing the Trust-IT method and its supporting tools. In 2005, he presented the PhD thesis titled "A method of software project risk identification and analysis" (supervised by prof. J. Górski). Authored or co-authored some 15 papers on trust cases, software project management and IT risk management. Took part in several research and development projects including EU funded large-scale integrated projects of 5th and 6th Framework Programme. His present research interests include risk management, trust to software systems and business process modelling.

Tutorial 5

Title: Technological Risk: Risk Underpinnings in Social Technologies


This tutorial concerns risk of technology. Multidisciplinary accounts of risk allow a revision of different case studies. The review highlights diverse risk underpinnings: how risk emerges from information infrastructures; risk of technological evolution; how social aspects (e.g., social connectivity) affect risk perception. The tutorial highlights technological risk according to multidisciplinary viewpoints, which extend and inform risk analysis. The tutorial addresses researchers and practitioners, who would like to acquire a multidisciplinary background on technological risk. The material covered blends together recent research results on system dependability. The tutorial builds on the research results of the (6-year) Interdisciplinary Research Collaboration in Dependability (DIRC) -


Massimo Felici is a research fellow at the School of Informatics of the University of Edinburgh. He teaches a course on Software Engineering. He received a PhD from the University of Edinburgh. He, previously, spent two years at the Italian National Agency for New technologies, Energy and the Environment (ENEA). He co-edited the proceedings of SAFECOMP 1999, 2002 and 2003 and served as program co-chair for SAFECOMP 2002 and 2003. He co-edited two special issues of the Reliability Engineering and System Safety journal on Safety, Reliability and Security of Industrial Computer Systems. He has been actively involved in the Interdisciplinary Research Collaboration in Dependability (DIRC).

Details: Download detailed description as PDF file (73 kB).


Title: Full day DECOS/ERCIM Workshop on Dependable Embedded Systems


The Workshop will give an overview on new technologies and achievements for (networked) dependable embedded systems and "Systems-of-Systems" architectures as e.g. developed in the EU-IST-FP6-511764 Integrated Project DECOS ("Dependable Embedded Components and Systems") and on related work from members of the ERCIM Working Group on "Dependable Embedded Systems (DES)".

Additionally, members of EWICS TC7 Subgroups (Maintenance of Diverse and Redundant Systems (MDS), Education&Training (E&T), Medical Devices (MeD), Security of safety-related Systems(SEC)) and of co-operating ERCIM Working groups (Smart Environments and Systems for AMbient Intelligence (SESAMI), Rapid Integration of Software Engineering Techniques (RISE), Software Evolution (EVOLE)) are invited to contribute.

DECOS workshop is planned to include:

  • New architectural paradigms for dependable embedded systems (integrated approach)
  • Achievements of the DECOS project (core services and high level services)
  • Report on TT-vision systems for autonomous vehicles (experiences from the DARPA Grand Challenge)
  • First Experience Reports from DECOS demonstrators (automotive, aerospace, industrial control)
  • The "Embedded Systems Lab" at NTNU (Norwegian University of Technology, Trondheim)
  • Experience Reports and ongoing work of the ERCIM and EWICS TC7 Working Groups in the area of highly dependable systems (design, development, maintenance, education&training), including hardware as well as software and systems aspects
  • Short demonstrations and video-clips

Attendance to this workshop, which is sponsored and co-organized by the DECOS project (EU-IST-FP6 511764), is free for all interested participants from the DECOS Interest Group, ERCIM (European Research Consortium for Informatics and Mathematics), EWICS TC7 and all interested SAFECOMP participants. Registration is via the SAFECOMP registration web site and is possible for the workshop only, although it would be a pity to miss SAFECOMP!

Chairs: Erwin Schoitsch, Amund Skavhaug

Email webmaster © 2005-2006 Information Assurance Group (IAG)
Website template designed by Andreas Climent