About

We are organizing the first workshop on human-centric cybersecurity at MDU. As in many other areas of engineering the term “human-centric” is becoming a mean to stress the importance of involving end-users and other stakeholders into the design processes, system development, and all the way to testing, validation and verification. We have invited experts in the field from all over the world giving talks on various aspects of human-centric cybersecurity and safety, and in general human factor in our digital world. The goal of the workshop is to use the knowledge and experience of the experts in the field and strengthen our knowledge on human-centric research.

Invited Speakers

Jonas Stier, Mälardalen University, Sweden

Gordana Dodig-Crnkovic, Mälardalen University and Chalmers University of Technology, Sweden

Simon Parkin, TU Delft, Netherlands

Gabriele Lenzini, University of Luxembourg, Luxembourg

Paolo Masci, NASA Langley Research Center, USA

Invited Talks

Jonas Stier

Title: Human-centric Technology – an existential, psychological and social looking glass for society

Abstract: It is common to address benefits and challenges of technology and security from their foreseeable impact on people, companies, and society. Less common is to view technology as what the American anthropologist Edward Hall already 60 years ago described as a cultural extension. As such an extension, technology provides valuable insights about the existential, psychological and social make- up of humans and various layers of society. Departing from the question “What is human in humancentric”, this speech discusses technology as a means to better understand individual, groups, organizations and society as a whole. Attention will be given to communication and discourses on digitalization, fear and anxiety.

Bio: Jonas Stier is a sociologist and professor of Social Work at Mälardalen University. Among other things, his research focuses on identity, interaction, communication and societal transformation. He is one of the co-founders of Addai.org – a interdisciplinary and cross-sectional policy initiative on artificial intelligence.

Gordana Dodig-Crnkovic

Title: Robots Ethical by Design in the Perspective of Digital Humanism

Abstract: This keynote talk will explore the integration of ethics into the design of advanced robots and softbots through artificial morality. As these agents are set to evolve, their ethical foundation will need to align with their increasing intelligence and autonomy. The talk will introduce functional artificial moral responsibility, emphasizing a holistic approach that will merge technical, human, and societal dimensions. The significance of foresight in ethics and speculative design to address potential future challenges, especially in solving typical complex “white water problems,” will be highlighted. The session will offer ethical and social perspectives from Digital Humanism, arguing that a technology-driven future must be inclusive and humane. Finally, some of the current activities of the Digital Humanism movement will be outlined.

Bio: Gordana Dodig-Crnković is a Professor of Computer Science at Mälardalen University and a Professor in Interaction Design at Chalmers University of Technology in Sweden. She holds Ph.D. in Physics and Computer Science. Her current research encompasses two focus areas. The first explores the physical mechanisms of computation and the interplay between morphological computation, information, and cognition. The second centers on the ethical and social implications of computing. Dodig-Crnković’s interest in the value-driven aspects of technology has led her to teach ethics to technology students for many years. This focus is attuned to new and emerging technologies and has resulted in a series of articles addressing the ethical facets of AI, robotics, and autonomous vehicles. Dodig-Crnković is actively involved in several committees and boards, including the Chalmers AI Ethics Committee, Informatics Europe Board, the European Network for Gender Balance in Informatics (EUGAIN), and the Inclusion4EU project.

Simon Parkin

Title: Refining the Blunt Instruments of Cyber-Risk Management

Abstract: Well-meaning cybersecurity risk owners will deploy controls and countermeasures in an effort to manage the risks they see affecting their services or systems. These controls and countermeasures may produce unintended, negative harms themselves, adversely affecting user behaviour, user inclusion, or the infrastructure itself. Here I will first describe a framework for exploring the potential unintended harms of security and privacy controls, informed by a range of case studies. I will then describe subsequent work to explore how existing cyber-risk management approaches can be adapted to be less ‘blunt’ and more precise, to preserve legitimate behaviours while preventing malicious behaviours within a managed system. This leads to consideration of challenges in securing a system against identifiable risks, while ensuring that it is usable - and ultimately, accessible - for intended users.

Bio: Simon is an Assistant Professor in the Cybersecurity group in the Technology, Policy, and Management (TPM) faculty at the Delft University of Technology (TU Delft, Netherlands). His specialization is in human-centred security: usability and perceptions of security-related technologies, security behaviour change, security economics, and decision-making in security technology management, support, and policy. Current research includes: examining how best to position security and remediation support for users of consumer IoT devices; practitioner experiences and decisions in patching of IT systems in complex organizations, and; multi-stakeholder perspectives on the management of employee-facing security in organizations.

Gabriele Lenzini

Title: Sociotechnical Cybersecurity: an overview, with reference to end-to-end encryption and threat intelligence

Abstract: On this talk I will give an overview of the research on sociotechnical security taking from my personal experience in running an international workshop on the subject (STAST). I will then move to explain how today sociotechnical security applies in the forthcoming topic of cybersecurity, and I will share thoughts and some insights from my on research on combining formal modelling of secure solutions with insights coming from research investigation on user experience in security. I will refer to two particular use cases: end-to-end encryption and secure cyber threats data sharing.

Bio: Lenzini Gabriele, holds a PhD in Computer Security from the University of Twente, in the Netherlands. He is Associate Professor at the University of Luxembourg (UL), and head of the Sociotechnical Cybersecurity research group at the UL’s center for Security Reliability and Trust (SnT). Lenzini’s research stems from formal approach to modelling and analysis of security solutions but extends to situations where the design or the analysis of security solutions intertwine with human and social aspects. Thus, it also explores questions regarding how security related with users as individuals (usability and user experience) or as collective (people’s trust depending on properties like fairness and transparency). Lenzini is UL member in Informatics Europe, ECSO, and the IFIP WG on Human Aspects of Information Security and Assurance. He is vice-chairs of the UL Ethical Review Board.

Paolo Masci

Title: A human-centric hazard analysis method for identifying design anomalies in safety critical systems

Abstract: In this talk I will present a hazard analysis method for the systematic identification of use-related hazards in safety critical systems. The method builds on usability engineering standards and an existing hazard analysis method. The method has been employed successfully in a range of different case studies, to identify potential design anomalies in user interface software. Examples based on medical systems will be presented, including an application to next-gen interoperable medical devices.

Bio: Paolo Masci is an Associate Principal Research Scientist with Analytical Mechanics Associates (AMA) at NASA Langley Research Center (NASA LaRC). His expertise is on modeling and verification of human-machine interfaces in safety-critical systems. At NASA LaRC, Paolo is working on topics related to Air Mobility (UAM) and Advanced Air Mobility (AAM). Prior to joining NASA LaRC, Paolo developed his career in various universities and worked in close collaboration with the FDA Center for Devices and Radiological Health to carry out applied research on medical devices.

Schedule

09:00 - 09:10     Marjan Sirjani: Opening and Welcome

09:10 - 10:00     Jonas Stier: Human-centric Technology – an existential, psychological and social looking glass for society

10:00 - 10:50     Gabriele Lenzini (Online): Sociotechnical Cybersecurity: an overview, with reference to end-to-end encryption and threat intelligence

10:50 - 11:10     Break

11:10 - 12:00     Simon Parkin: Refining the Blunt Instruments of Cyber-Risk Management

12:00 - 13:30     Lunch Break*

13:30 - 14:20     Gordana Dodig-Crnkovic: Robots Ethical by Design in the Perspective of Digital Humanism

14:20 - 15:10     Paolo Masci (Online): A human-centric hazard analysis method for identifying design anomalies in safety critical systems

*Lunch will not be provided by the workshop, we will have lunch at the Rosenhill restaurant at MDU. Welcome to join and pay yourself. 🙂

Place

Milos conference room, Second floor of R building, MDU, Västerås.

Please note that this is a hybrid event and you can also follow online, but a reliable connection is not guaranteed.

Online

Zoom: https://mdu-se.zoom.us/j/65025517596?pwd=b2xRRnMvVUczM1psUEVBam5ORGJNZz09

Organizers

Marjan Sirjani

Kristina Lundqvist

Cristina Seceleanu

Baran Cürüklü

Zahra Moezkarimi

Contact Info

Marjan Sirjani

Email: marjan.sirjani@mdu.se

Room: U1-066C

Phone: +46736620517