Cork, Ireland
16th June, 2025
Paper submission deadline (EXTENDED): 14 April 2025
Paper notification date: 30 April 2025
Camera-ready deadline for workshop papers (tentative): 12 May 2025
The 11th International Conference on Smart Computing (SmartComp 2025) will take place from 16th to 19th June 2025, bringing together top researchers, practitioners, and visionaries to explore groundbreaking developments in smart computing. This premier event highlights the integration of IoT, AI, big data analytics, cyber-physical systems, and edge computing, emphasizing their transformative impact on societal domains such as healthcare, energy, transportation, and environmental sustainability.
IEEE SmartComp 2025 will be hosted at University College Cork and Munster Technological University in Cork, Ireland.
The Workshop on Whole-Lifecycle Security for Smart Systems: Methods and Tools (LIFESEC) will dive into cutting-edge methodologies for ensuring secure and trustworthy systems throughout a product’s lifecycle. This workshop is organised by the Horizon Europe projects TELEMETRY and DOSS.
Workshop on Whole-Lifecycle Security for Smart Systems: Methods and Tools (LIFESEC)
Ensuring secure hardware and software systems requires trustworthy methodologies for analysis, verification, and dynamic testing, supported by best practices and IT security guidelines throughout a product’s lifecycle. A holistic approach combining runtime monitoring and design-time methods like static analysis and program synthesis is crucial for robust formal guarantees. Key areas include firmware, communication protocols, operating systems, APIs, and cloud software, with careful consideration of supply chain integration of hardware and software. Papers are invited to discuss research into addressing challenges about the whole-lifecycle of software & hardware components: from upstream hardware & software supply chains, where dependencies are brought into the device under test (DUT) or system under test (SUT); through security by design of the DUT/SUT; and the secure operation of that device/system in many and varied cyber-physical situations, each of which has different priorities and presents different threats.
Topics of relevance include, but are not limited to:
Nokia
Munster Technological University
University of Murcia
Athens Technology Center
Authors are invited to submit papers for presentation at the workshop. Submissions should describe original, previously unpublished work that is not currently under review by any other workshop, conference, or journal. Regular papers expected to offer novel perspectives within the general scope of the workshop.
Paper submission deadline (EXTENDED): 14 April 2025
Paper notification date: 30 April 2025
Camera-ready deadline for workshop papers (tentative): 12 May 2025
Paper submissions should be no longer than 6 pages, including text, figures, tables, and references formatted in a 10-point font, 2-column layout, using the IEEE standard transaction template (US letter format).
Papers must be submitted electronically as PDF files through the EDAS Online Application. New users must first register for an EDAS account. All submissions will undergo a single-blind peer review process conducted by the Technical Program Committee and other field experts. For manuscript preparation guidelines, please consult the IEEE Author Digital Toolbox.
The camera-ready instructions are to be determined.
All presented papers will be published in the conference proceedings and submitted to the IEEEXplore Digital Library.
Each accepted workshop paper requires a full SmartComp registration, as workshop-only registration is not available. Registration details can be found at the provided link. Accepted papers must be presented in person by at least one author with a corresponding full registration.
Failure to comply with this requirement will result in the exclusion of the paper from the final proceedings, the conference program and from the IEEE Digital Library.
Managing Director of Red Alert Labs
09:00 – 09:15 Welcome and Introduction
09:15 – 10:00 Keynote: Rethinking Cybersecurity Compliance: A Scoring and Continuous Monitoring Approach (Roland Atoui, Red Alert Labs)
10:00 – 11:00 Paper session 1 (20min presentation + 5min Q&A per paper):
Oleh V. Zaritskyi, Dmytro V. Shyrokorad, Joerg Abendroth, Antonis Mpantis, George Triantafyllou, Oscar Garcia Perales, Armando Aguayo Mendoza, Ravishankar Borgaonkar, Rosella Omana Mancilla: AI-driven Access Control System for Smart Factory Devices
Stefano Sebastio, Sreedevi Beena, Sara Nieves Matheu García, Roland Atoui, Antonio Skarmeta Gomez: Bolstering Up Smart Products Cybersecurity (Re-)Certification with Manufacturer’s Evidence
11:00 – 11:30 coffee break
11:30 – 13:00 Paper session 2: (20min presentation + 5min Q&A per paper):
Diego Argüello Ron, Armando Aguayo Mendoza, Oscar Garcia Perales, Antonis Mpantis, George Triantafyllou, Norbert Goetze, Rosella Omana Mancilla: Anomaly detection tools for the Lifecycle Security of Smart Systems
Pasindu Manisha Kuruppuarachchi, Alan McGibney, Susan Rea, Bernd-Ludwig Wenning: Machine Learning Based Trust Aggregation for IoT Systems
George David Apostolidis, Ilias Kalouptsoglou, Miltiadis Siavvas, Dionysios Kehagias, Dimitrios Tzovaras: AI-Enhanced Static Analysis: Reducing False Alarms Using Large Language Models
For further information or questions concerning the workshop, please send your inquiries at info@telemetry-project.eu
The European Cyber Security Community Initiative (ECSCI) brings together EU-funded cybersecurity research and innovation projects to foster cross-sector collaboration and knowledge exchange. Its aim is to align technical and policy efforts across key areas such as AI, IoT, 5G, and cloud security. ECSCI organizes joint dissemination activities, public workshops, and strategic dialogue to amplify the impact of individual projects and build a more integrated European cybersecurity landscape.
Supported by the European Commission, ECSCI contributes to shaping a shared vision for cybersecurity in Europe by reinforcing connections between research, industry, and public stakeholders.
The European Cluster for Cybersecurity Certification is a collaborative initiative aimed at supporting the development and adoption of a unified cybersecurity certification framework across the European Union. Bringing together key stakeholders from industry, research, and national authorities, the cluster facilitates coordination, knowledge exchange, and alignment with the EU Cybersecurity Act.
Its mission is to contribute to a harmonized approach to certification that fosters trust, transparency, and cross-border acceptance of cybersecurity solutions. The cluster also works to build a strong stakeholder community that can inform and support the work of the European Union Agency for Cybersecurity (ENISA) and the future European cybersecurity certification schemes.
CertifAI is an EU-funded project aimed at enabling organizations to achieve and maintain compliance with key cybersecurity standards and regulations, such as IEC 62443 and the EU Cyber Resilience Act (CRA), across the entire product development lifecycle. Rather than treating compliance as a one-time activity or post-development task, CertifAI integrates compliance checks and evidence collection as continuous, embedded practices within daily development and operational workflows.
The CertifAI framework provides structured, practical guidance for planning, executing, and monitoring compliance assessments. It supports organizations in conducting gap analyses, building compliance roadmaps, collecting evidence, and preparing for formal certification. The methodology leverages best practices from established cybersecurity frameworks and aligns with Agile and DevSecOps principles, enabling continuous and iterative compliance checks as products evolve.
A central feature of CertifAI is the use of automation and AI-driven tools—such as Retrieval-Augmented Generation (RAG) systems and Explainable AI—to support the interpretation of complex requirements, detect non-conformities, and generate Security Assurance Cases (SAC) with traceable evidence. The approach is organized into five main phases: preparation and planning, evidence collection and mapping, assessment execution, reporting, and ongoing compliance monitoring.
CertifAI’s methodology is designed to be rigorous yet adaptable, offering organizations a repeatable process to proactively identify, address, and document compliance gaps. This supports organizations not only in meeting certification requirements, but also in embedding a culture of security and compliance into daily practice.
Ultimately, CertifAI’s goal is to make compliance and security assurance continuous, transparent, and integrated, helping organizations efficiently prepare for certification while strengthening their overall cybersecurity posture.
The Horizon Europe DOSS – Design and Operation of Secure Supply Chain – project aims to improve the security and reliability of IoT operations by introducing an integrated monitoring and validation framework to IoT Supply Chains.
DOSS elaborates a “Supply Trust Chain” by integrating key stages of the IoT supply chain into a digital communication loop to facilitate security-related information exchange. The technology includes security verification of all hardware and software components of the modelled architecture. A new “Device Security Passport” contains security-relevant information for hardware devices and their components. 3rd party software, open-source applications, as well as in-house developments are tested and assessed. The centrepiece of the proposed solution is a flexibly configurable Digital Cybersecurity Twin, able to simulate diverse IoT architectures. It employs AI for modelling complex attack scenarios, discovering attack surfaces, and elaborating the necessary protective measures. The digital twin provides input for a configurable, automated Architecture Security Validator module which assesses and provides pre-certification for the modelled IoT architecture with respect of relevant, selectable security standards and KPIs. To also ensure adequate coverage for the back end of the supply chain the operation of the architecture is also be protected by secure device onboarding, diverse security and monitoring technologies and a feedback loop to the digital twin and actors of the supply chain, sharing security-relevant information.
The procedures and technology will be validated in three IoT domains: automotive, energy and smart home.
The 12-member strong DOSS consortium comprises all stakeholders of the IoT ecosystem: service operators, OEMs, technology providers, developers, security experts, as well as research and academic partners.
The EMERALD project aims to revolutionize the certification of cloud-based services in Europe by addressing key challenges such as market fragmentation, lack of cloud-specific certifications, and the increasing complexity introduced by AI technologies. At the heart of EMERALD lies the concept of Compliance-as-a-Service (CaaS) — an agile and scalable approach aimed at enabling continuous certification processes in alignment with harmonized European cybersecurity schemes, such as the EU Cybersecurity Certification Scheme for Cloud Services (EUCS).
By focusing on evidence management and leveraging results from the H2020 MEDINA project, EMERALD will build on existing technological readiness (starting at TRL 5) and push forward to TRL 7. The project’s core innovation is the development of tools that enable lean re-certification, helping service providers, customers, and auditors to maintain compliance across dynamic and heterogeneous environments —including Cloud, Edge, and IoT infrastructures.
EMERALD directly addresses the critical gap in achieving the ‘high’ assurance level of EUCS by offering a technical pathway based on automation, traceability, and interoperability. This is especially relevant in light of the emerging need for continuous and AI-integrated certification processes, as AI becomes increasingly embedded in cloud services.
The project also fosters strategic alignment with European initiatives on digital sovereignty, supporting transparency and trust in digital services. By doing so, EMERALD promotes the adoption of secure cloud services across both large enterprises and SMEs, ensuring that security certification becomes a practical enabler rather than a barrier.
Ultimately, EMERALD’s vision is to provide a robust, flexible, and forward-looking certification ecosystem, paving the way for more resilient, trustworthy, and user-centric digital infrastructures in Europe.
Sec4AI4Sec is a project funded by the European Union’s Horizon Europe research and innovation programme under grant agreement No 101120393.
This project aims to create a range of cutting-edge technologies, open-source tools, and new methodologies for designing and certifying secure AI-enhanced systems and AI-enhanced systems for security. Additionally, it will provide reference benchmarks that can be utilized to standardize the evaluation of research outcomes within the secure software research community.
The project is divided into two main phases, each with its own name.
· AI4Sec – stands for using artificial intelligence in security. Democratize security expertise with an AI-enhanced system that reduces development costs and improves software quality. This part of the project improves via AIs the secure coding and testing.
· Sec4AI – involves AI-enhanced systems. These systems also have risks that make them vulnerable to new security threats unique to AI-based software, especially when fairness and explainability are essential.
The project considers the economic and technological impacts of combining AI and security.
The economic phase of the project focuses on leveraging AI to drive growth, productivity, and competitiveness across industries. It includes developing new business models, identifying new market opportunities, and driving innovation across various sectors.