FORWARD -- Second Workshop Report
Report, 2009
This deliverable summarizes the activity of the second FORWARDworkshop. This
workshop constituted the end of the second phase of the project. The aim of this
second phase was to establish a number of working groups; each working group
had to identify a number of emerging threats in their respective areas (malware and
fraud, smart environments, and critical systems). These threats were summarized
in three threat reports (Deliverable D2.1.x), one per working group. The goal of
the second workshop was to checkpoint and critically review the work that has
been done in the working groups, in particular, the threat reports. More precisely,
each working group should present their threats to a larger audience comprised
of experts. In discussions and presentations, we wanted to make sure that the
lists of threats are comprehensive – that is, each working group has identified all
major threats in their respective areas. Moreover, we wanted to use the workshop
to establish an initial ranking for the threats presented by each working group.
Clearly, at one point, it is necessary to prioritize threats and focus the attention on
those that present the largest threat potential to ICT infrastructures and the society
at large. Of course, the assessment of the danger that each threat poses, as well
as an analysis of inter-dependencies among threats, is a focus of the third project
phase (which is to be completed by the end of the year). However, we attempted
to leverage the presence of a large amount of domain experts to obtain an initial
ranking that would combine and reflect the viewpoints of a large audience.
For the second workshop, we decided to invite a number of selected speakers
that would give presentations at the beginning of the workshop on the first day
and later during the second day. The talks set a framework in which the detailed
technical discussions about the individual threat reports could take place. For these
discussions, the attendees would first break into working group sessions to perform
the necessary review of the threats that each group had defined. Then, in a next step,
the outcome of each discussion was presented to the audience at large. This twostep
process served two purposes. First, in the actual discussion sessions, we had
less people involved. Thismade the discussion process manageable and interactive.
In the second step, we presented our findings in a succinct fashion to the whole audience. This allowed everybody who participated in the first discussion round to
ensure that their opinions were correctly reflected. In addition, it allowed people
that were present in other working group discussions to see what other groups did,
and to provide feedback.
According to Annex 1, a total of 60 attendees was considered to be the threshold
for a successful workshop. This threshold was significantly exceeded, with
a total of 103 attendees. This clearly demonstrates the significant interest and
participation to the FORWARD working groups and workshops. Moreover, nonacademic
participation remains to be strong. 39 attendees (37.8% of the participants)
came from industry or policy-making institutions.
In this document, we first summarize the three working group discussions that
were held during the two-day workshop. In addition to the discussion sessions, a
total of 11 talks were given in the form of plenary talks and keynotes. Moreover,
we had 7 five-minute work-in-progress talks. These talks are summarized in the
subsequent chapter. Finally, we discuss the conclusions that the consortium has
drawn from the workshop, and we briefly outline the future actions that we plan to
take in the subsequent, third phase of the project.
Secure
dependable and trusted Infrastructures