People of ACM European Chapters - Edgar R. Weippl

May 3, 2018

Can you briefly describe your own line of research and how you became interested in this area?

My research focuses on fundamental and applied research on blockchain and distributed ledger technologies and security of production systems engineering.

With regard to blockchain sustainability, we explored velvet forks. The loosely defined terms “hard fork” and “soft fork” have established themselves as descriptors of different classes of upgrade mechanisms for the underlying consensus rules of (proof-of-work) blockchains. Recently, a novel approach termed “velvet fork,” which expands upon the concept of a soft fork, was first mentioned by Kiayias et al.. Specifically, velvet forks intend to avoid the possibility of disagreement by a change of rules through rendering modifications to the protocol backward-compatible and inclusive to legacy blocks. We analyzed and compared different upgrade mechanisms, hereby exposing examples where velvet forks or similar constructions are already actively employed in Bitcoin and other cryptocurrencies.

The security of production systems engineering has also been a recent focus of my work. Power plants and many other industrial plants are an integral part of a country’s critical infrastructure. As systems become increasingly automated, networked and complicated, IT security is playing an increasingly important role. Previous attacks have mostly exploited existing vulnerabilities, and future attackers will strive to intervene in the development process to build in vulnerabilities themselves.

In your area of research, what recent advance/emerging subfield will yield important advances in the years ahead?

In the area of security of production systems engineering, we will see that established techniques from software project management will need to be adapted to address, among other challenges, the long lifecycle that industrial systems have. We will need to adopt a mindset of security in industries that have an excellent track record in “thinking safety” but that are not accustomed to the mindset of cybersecurity attacks.

Blockchain technology research is especially interesting, since different disciplines can and need to cooperate. While algorithms and the fundamentals of distributed systems form the technical basis of blockchain technology, many other aspects are open to research, such as incentive mechanisms, trust issues and cross-chain attack schemes, to name just a few.

Will you tell us a little about the ACM SIGSAC Vienna Chapter?

The chapter brings together researchers in Vienna and the rest of Austria interested in cybersecurity. With ACM SIGSAC we address mainly academics and the staff of research institutions. Meetings and talks are often co-organized with the International Information System Security Certification Consortium (ISC2) meetings to bring in professionals, consultants and people who need to address applied security issues.

Why is being part of the chapter beneficial to members?

For students it is good to see what ACM offers and it is a good opportunity to meet established researchers to talk about the papers presented at the premier SIGSAC conferences (such as CCS and SACMAT) along with security papers from our discipline’s other three top conferences (IEEE Security & Privacy, Usenix Security, and the Network and Distributed System Security Symposium (NDSS)).

Edgar R. Weippl
is research director of SBA Research, an organization that works to strengthen Europe’s cybersecurity capabilities, and is a faculty member at the Technical University (TU) Wien.  In addition to serving as Chair of the ACM SIGSAC Vienna Chapter, Weippl organizes the International Conference on Availability, Reliability and Security (ARES). Recently he served as Program Chair for the ACM Symposium on Access Control Models and Technologies (SACMAT ’17) and General Chair of the ACM Conference on Computer and Communications Security (CCS ’16). Weippl is also an ACM Distinguished Speaker.