SecHealth 2022

The 2nd Workshop on Cybersecurity in Healthcare 4.0 (SecHealth 2022)

to be held in conjunction with the 17 th International Conference on Availability, Reliability and Security

(ARES 2022 – )

August 23 – August 26, 2022

Healthcare 4.0 services and infrastructures are more critical, sophisticated and interconnected than ever before, placing healthcare among the top sectors of major security risks. More complexity is brought by distributed and coordinated services delivery, resource constraint facing demographic stress, and various human factors, which require a new mind set and innovative solutions to cybersecurity. The situation is exacerbated by the Cyber-Physical Systems (CPS)/Internet of Things (IoT) enabled healthcare services and infrastructures, which are vulnerable to a variety of emerging cyber-attacks, and which pose rife with challenges. Since the CPS/IoT systems are classified as safety and security critical systems there is a need for understanding the cybersecurity, privacy and safety challenges facing a future healthcare system, and innovating the cybersecurity and privacy protection mechanisms to address these challenges.

Integrating safety and security requirements represent a major challenge due to CPS/IoT systems’ characteristics of fragmentation, interconnectedness, heterogeneity, cross-organizational nature and high interference between safety and security requirements. As technology continues to evolve, cybersecurity threats do as well. Healthcare 4.0 will therefore present expanded attack surface making the public safety risks higher for healthcare services and critical infrastructure through their interfaces and more flexible access to services and information. Such attacks can potentially lead to a violation of users’ privacy, physical damages, financial loses and threats to human life and preventing them is critical.

The rise of cyber-physical attacks shows us that the current, security solutions are unable to tackle the dynamicity, complexity, uncertainty, and high connectivity of Healthcare 4.0 services and critical infrastructures. These threats present us with a growing need for research and development in intelligent methods and techniques for cybersecurity, safety, forensic, adaptive privacy in Healthcare 4.0, and need for cybersecurity to become an integral part of patient safety.

The workshop on cybersecurity in Healthcare 4.0 will provide a discussion platform for researchers in the field and to share novel research on the topic.

Supported by the Center for Research-based Innovation (SFI) Norwegian Center for Cybersecurity in Critical Sectors (NORCICS)

Topics of interest comprise but are not limited to

Security, trust and privacy metrics
Cybersecurity vulnerabilities in Healthcare 4.0 services and infrastructures
AI/machine learning for cybersecurity
Evidence-driven AI for cybersecurity
Uncertainty quantification and risk management in Healthcare 4.0
New security design and analysis methods
Simulation and analysis of cybersecurity and privacy threats and attacks

AI and robotics enabled distributed healthcare infrastructures and services
Model and nudge security and privacy practices of healthcare staffs and patients
Proactive security monitoring mechanism for Healthcare 4.0
Distributed and heterogeneous security architectures for Healthcare 4.0
Methods for addressing the unreliability of local devices
Federated learning and adversarial machine learning methods for Healthcare 4.0
Specific security and privacy demonstrators for Healthcare 4.0 scenarios

Important Dates
Submission Deadline April 15, 2022 May 19, 2022
Author Notification May 16, 2022 June 05, 2022 June 9, 2022
Proceedings Version June 19, 2022
ARES EU Symposium August 23, 2022
ARES Conference August 23 – August 26, 2022
Workshop Chair

Svetlana Boudko
Norwegian Computing Center, Norway

Bian Yang
Norwegian University of Science and Technology, Norway

Habtamu Abie
Norwegian Computing Center, Norway

Sokratis Katsikas
Norwegian University of Science and Technology, Norway

Program Committee 2022

Manos Athanatos, Foundation for Research and Technology Hellas, Crete – Greece
Sigurd Eskeland, Norwegian Computing Center, Norway
Sotiris Ioannidis, Technical University of Crete, Greece
Basel Katt, Norwegian University of Science and Technology, Norway
Wolfgang Leister, Norwegian Computing Center, Norway
Evangelos Markakis, the Hellenic Mediterranean University, Greece
Savola Reijo,  University of Jyväskylä, Finland
Giorgos Vasiliadis, Foundation for Research and Technology Hellas, Greece
Narasimha Raghavan Veeraragavan, the Cancer Register of Norway

Submission Guidelines

The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at .


Reijo M. Savola
University of Jyväskylä, Finland

IoT security for smart health and smart assisted living

IoT solutions are in the core of effective and efficient smart health and smart assisted living solutions. Considerable increase in well-being and cost savings can be achieved by them. During the last years, IoT cybersecurity threat landscape has become wider, due to the rapidly increasing use of IoT in smart services, and the scarce computational resources available in IoT devices. This increases the risk of compromising reliable and secure use of them. Systematic proactive assistance of IoT-based smart services with cybersecurity services is essential. Cybersecurity should be designed in the services and the technologies used in a seamless way, and automation is needed. In this talk, a brief overview of challenges in IoT security for smart health and smart assisted living is will be provided, with current practices to overcome them, as well as directions for further research.

Reijo Savola is currently working as a Project Manager, cybersecurity and software production at University of Jyväskylä, Faculty of Information Technology, Finland. He has experience in cyber security systems engineering, risk analysis and risk-driven methods, software engineering, telecommunications, and digital signal processing. Earlier, he has worked as Principal Scientist, cybersecurity at VTT Technical Research Centre of Finland. He received the degree of M.Sc. in Electrical Engineering from the University of Oulu, Finland, 1992, and the degree of Licentiate of Technology in Computer Science from the Tampere University of Technology, Finland, 1995. In addition to research experience, he has seven years of industrial experience in telecommunications sector, having worked as a software engineering and digital signal processing projects for Elektrobit Group Plc. in Oulu, Finland and in Redmond, WA, United States. Mr. Savola acts as the Chairman of the Finnish Mirror Group for ISO/IEC JTC1/SC27 standardization (Information security, cybersecurity and privacy protection) and CEO of the Northern European Cybersecurity Cluster (NECC).