Cyberwal in Galaxia

2022 Cyberwal in Galaxia Program

This school is free of charge* (registration below) for the students enrolled at an university.

12 – 16 December 2022 (end of registrations on 04/12)

This program will take place on the Galaxia site in Transinne which, together with the European Space Agency (ESA) and the ESEC Centre in Redu (5 km away), forms a leading space center in Europe.

Together for Cybersecurity - Investing in cybersecurity for a secure future -

Together for Cybersecurity - Investing in cybersecurity for a secure future -

Currently, the Galaxia Park hosts ESA’s educational activities, world-class companies specialized in space and cybersecurity, and the Euro Space Center.

It is in the ESEC Centre in Redu that ESA has decided to base its cybersecurity center, which will ensure the cyber protection of the Agency’s ground and airborne activities.

euro space center 17 09 20-95

The Euro Space Center is an educational center dedicated to space, which welcomes 15,000 young people per year, of 35 different nationalities, for 3 to 5 days of courses, as well as 70,000 visitors per year.

The Euro Space Center is an educational center dedicated to space, which welcomes 15,000 young people per year, of 35 different nationalities, for 3 to 5 days of courses, as well as 70,000 visitors per year.

euro space center 17 09 20-95

The Euro Space Center has an auditorium of 150 seats (including 4 seats for people with reduced mobility).

Its 30:10 screen offers a great flexibility for presentations, as does its Smart Board interactive screen. The recording option definitely makes this room a cutting-edge auditorium!

Cyberwal in Galaxia

Speakers

The objective of the organizers is to position these courses as a high level of education, on a European scale, and to link them directly to the needs of the cyber ecosystem.
Tijl Atoui
Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Find out more
Benoit Balliu
Howest Researcher in Industrial Security
Find out more
Kurt Callewaert
Howest Valorisation Manager Digital Transformation
Find out more
Maxime Cordy
Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)
Find out more
Xavier Devroye
Assistant Professor of Software Engineering at the Namur Digital Institute and the Faculty of Computer Science of the University of Namur
Find out more
Guillaume Ginis
Senior Researcher in Cybersecurity at CETIC
Find out more
Xavier Lessage
Senior Research Engineer in the Data Science Department at CETIC
Find out more
Philippe Massonet
Scientific Coordinator at CETIC
Find out more
Laurent Mathy
Professor of Systems and Security in the Electrical Engineering and Computer Science
Find out more
Matteo Merialdo
Deputy Director of the Operational Security Services Unit (ESEC - ESA) in Redu
Find out more
Pascal Rogiest
Managing Director of the Cybersecurity Division of RHEA Group, Chief Strategy Officer of RHEA Group, Vice President of RHEA Belux
Find out more
Previous
Next

Cyberwal in Galaxia

Speakers

The objective of the organizers is to position these courses as a high level of education, on a European scale, and to link them directly to the needs of the cyber ecosystem.
howest_logo

Tijl Atoui

Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
howest_logo

Benoit Balliu

Howest Researcher in Industrial Security
howest_logo

Kurt Callewaert

Howest Valorisation Manager Digital Transformation

Maxime Cordy

Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)

Xavier Devroye

Assistant Professor of Software Engineering at the Namur Digital Institute and the Faculty of Computer Science of the University of Namur

Guillaume Ginis

Senior Researcher in Cybersecurity at CETIC

Xavier Lessage

Senior Research Engineer in the Data Science Department at CETIC

Philippe Massonet

Scientific Coordinator at CETIC
Rhea groupe logo

Matteo Merialdo

Deputy Director of the Operational Security Services Unit (ESEC - ESA) in Redu

Christophe Ponsard

Research-Innovation-Exploitation Coordinator
Rhea groupe logo

Pascal Rogiest

Managing Director of the Cybersecurity Division of RHEA Group, Chief Strategy Officer of RHEA Group, Vice President of RHEA Belux
Logo ULiege

Laurent Mathy

Professor of Systems and Security in the Electrical Engineering and Computer Science

Jean-Luc Trullemans

Head of the European Space Security and Education Centre (ESEC)

President of the Scientific Committee

Axel Legay

Professor of Cybersecurity - UCLouvain, Coordinator of Cyberwal

Our Program for the 5 days

The program includes theoretical & practical courses.
A break is scheduled every day in the morning and afternoon.

  • Day 1

    Monday 12/12

  • Day 2

    Tuesday 13/12

  • Day 3

    Wednesday 14/12

  • Day 4

    Thursday 15/12

  • Day 5

    Friday 16/12

9:30 AM – 10:30 AM

REGISTRATIONS

10:30 AM – 11:00 AM

Luxembourg Seminar - 2nd Greater Region Software Engineering Research Days (SOFTER)

Each year, SOFTER brings together researchers from academia to discuss foundations, techniques, and tools for automating the analysis, design, implementation, testing, and maintenance of complex software systems. A special emphasis is put this year on Machine-Learning Systems.

Yves Le Traon
Yves Le Traon - Full Professor in Computer Science - Systems and Software Reliability - Deputy Director of SnT

11:00 AM – 01:00 PM

Research presentations

01:00 PM – 02:30 PM

LUNCH TIME

02:30 PM – 03:45 PM

Panel on career progression

LEGAY_Axel
Axel Legay - Professor of Cyber Security - UCLouvain - President of the Scientific Committee

03:45 PM – 04:00 PM

COFFEE BREAK

04:00 PM – 06:00 PM

Research presentations

The objective of this presentation is to briefly retrace the evolution of the careers of researchers. The second part of the presentation consists of listing the questions I asked myself when I was in your place and discussing the possible answers with you.
LEGAY_Axel
Axel Legay - Professor of Cyber Security - UCLouvain - President of the Scientific Committee
OR

02:30 PM – 04:15 PM

max. 30 participants

Cyber Range technology and state of the art capabilities

Cyber Range is a powerful tool for creating digital twin of any IT environment and Cybersecurity scenario. This session explains how Cyber Range can be used for training, validation & testing, as well as for cyberattack simulation. 
Pascal Rogiest
Pascal Rogiest - Managing Director of the Cybersecurity Division of RHEA Group, Chief Strategy Officer of RHEA Group, Vice President of RHEA Belux
Matteo Merialdo - Deputy Director of the Operational Security Services Unit (ESEC - ESA) in Redu.

04:15 PM – 04:30 PM

COFFEE BREAK

04:30 PM – 06:00 PM

max. 30 participants

CyberExcellence@ESEC
Building a State-of-the-Art Space Cyber Security Capacity
Be part of the game

Jean-Luc Trullemans
Jean-Luc Trullemans - Head of the European Space Security and Education Centre (ESEC)

8:30 AM – 9:00 AM

REGISTRATIONS

9:00 AM – 9:30 AM

Welcome to 2022 Cyberwal in Galaxia Program

LEGAY_Axel
Axel Legay - Professor of Cyber Security - UCLouvain - President of the Scientific Committee
Geoges Cottin
Georges Cottin - Deputy General Manager of IDELUX

9:30 AM – 10:30 AM

EU NIS2 Directive : enabler for more IT/OT security

Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Benoit Balliu - Howest Researcher in Industrial Security.

10:30 AM – 11:00 AM

Introduction to OT/ICS Security

Demonstrator
Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Benoit Balliu - Howest Researcher in Industrial Security.

11:00 AM – 12:30 PM

Industrial Environment Scanning and Enumeration

Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Benoit Balliu - Howest Researcher in Industrial Security.

9:30 AM – 12:30 PM

Theoretical part: Hands on - Industrial CTF on the Fictile Factor

Introduction to Industrial Control Systems

Basics of PLC Programming

Industrial Communication

Scanning ICS networks

Industrial Network & System enumeration

Reversing proprietary industrial protocols

Exploiting industrial control systems

Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.

12:30 PM – 02:30 PM

LUNCH TIME

2:30 PM – 3:30 PM

Exploitation in an Industrial Environment

Fictile is a fast-growing fiction tile-producing company. Under the steady and continuous leadership of J.C. they are the unrivaled market leader in their sector since 2016. Their factory contains three halls. A hall with hydraulic presses, baking installation and a painting hall. To remain brand independent, the lead engineer of the factory decided to equip each hall with different types of industrial controllers. The three market leaders were chosen: Siemens, Beckhoff, and Phoenix Contact.  According to investor K.C., there is no room in the budget for cyber-security. “Production must come first.”

Can you prove them wrong, by capturing all the flags?

Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Benoit Balliu - Howest Researcher in Industrial Security.

3:30 PM – 5:30 PM

Lab work: Hands on - Industrial CTF on the Fictile Factory

Kurt Callewaert
Kurt Callewaert - Howest Valorisation Manager Digital Transformation, Former Head of Research Applied Computer Science.
TijlAtoui
Tijl Atoui - Howest Cybersecurity Teacher and Researcher in Industrial Security and Fictile Factory maintaining
Benoit Balliu - Howest Researcher in Industrial Security.

6:00 PM – 8:00 PM

VIP Eurospace Center visit

21_AS_Galaxia_Chemin_luminescent_02
Join us for an unique experience at the Euro Space Center on Tuesday, 13th of December. 
 
  • Moonwalk/Marswalk XP: Set your foot on the Moon and Mars
  • Multi-axis chair: Test your reactions in a disorientation situation
  • Space Flight Unit: Take control of your spaceship
  • Free Fall Slide: Let yourself go into free fall
  • Space Rotor: Feel the centrifugal force
  • Mars Village: Get ready for life on Mars


In small groups, live a unique experience combining discovery and space simulations!
You will see demonstrations of 5 training simulators and discover the planet Mars as if you were there.

9:00 AM – 9:30 AM

REGISTRATIONS

09:30 AM – 10:45 AM

Theoretical part: Malware Reverse Engineering

Software reverse engineering aims to analyse binary code, for which there is no corresponding source code available to the analyst, with a view to understand what it does and how it works. For malware analysis, it also aims to identify, defeat and eliminate the malware.In this course, we introduce the four phases of reverse software engineering in the context of malware analysis:

  • Basic static analysis reviews ways to get information from the structure of a binary executable. Important functionality and clues about the type of network communications used can be derived from the libraries the executable depends on.

  • Basic dynamic analysis requires running the executable in an isolated or virtualised environment, in order to identify high level observable behaviour, such as modifications made to the system (e.g. created files, modified registry entries, etc) and network addresses the executable connects to, which can all be used to derive identification signatures.
  • Advanced static analysis consists of analysing the actual instructions of the program, to gain a fine grained understanding of its operations.This requires familiarity with assembly language constructs, which not only depend on the platform instruction-set, the operating system, but also the language and compiler used to create the executable.
  • Advanced dynamic analysis is essentially binary debugging, used to examine the internal state of the running executable, giving not only a very detailed view of the operations of the executable, but also how it reacts to changes made to its internal state.
Laurent Mathy - Professor of Systems and Security in the Electrical Engineering and Computer Science.

10:45 AM – 11:00 AM

COFFEE BREAK

11:00 AM – 12:30 PM

Theoretical part: Malware Reverse Engineering

Laurent Mathy - Professor of Systems and Security in the Electrical Engineering and Computer Science.

12:30 PM – 02:30 PM

LUNCH TIME

02:30 PM – 04:00 PM

Lab work: Malware Reverse Engineering

For these topics, after a theoretical review, we also present some anti-analysis techniques used in malware to prevent or hinder analysis, as well as labs to illustrate and put the acquired knowledge into practice.

Laurent Mathy - Professor of Systems and Security in the Electrical Engineering and Computer Science.

04:00 PM – 04:15 PM

COFFEE BREAK

04:15 PM – 05:30 PM

Lab work: Malware Reverse Engineering

Laurent Mathy - Professor of Systems and Security in the Electrical Engineering and Computer Science.

06:30 PM – 07:30 PM

Aperitif

07:30 PM – 10:30 PM

Gala Dinner at the Euro Space Center

On this day, students have the opportunity to choose between two courses, one on testing which starts at 9:30 am and the other on Federated Learning which starts at 10:30 am. The syllabus of both courses is given below.

9:00 AM – 9:30 AM

REGISTRATIONS

09:30 AM – 12:30 PM

Theoretical part: Certification oriented cybersecurity testing of cyber physical systems with fuzzing techniques

The course aims to teach students how to use fuzzing techniques for cybersecurity testing of cyber physical systems. The course introduces relevant cybersecurity certification schemes and explains how to design the testing process for certification evidence gathering.

The course is composed of three parts: 1) cybersecurity certification and testing, 2) cybersecurity testing processes, and 3) Dynamic testing and fuzzing techniques.

The course starts by providing an overview of product and process cybersecurity schemes and introducing the NIS directive with it’s focus on risk analysis.

The course then describes the requirements that certification schemes impose on the testing process such as maintaining traceability between risk analysis and testing.

The course then introduces the Common Criteria product certification scheme and its concepts of protection profile and evaluation assurance level that will be used in the practical work.

The second part of the course then provides an overview of the different phases of the penetration testing process and the tools that can be used during each phase.

The third part of the course focuses on dynamic testing fuzzing techniques and how to use them to test cyber physical systems. The general fuzzing process is then introduced along with a description of black-box, white-box and grey box-fuzzing. The state of the art in fuzzing is then presented with an overview of fuzzing tools.

Xavier Devroye - Assistant Professor of Software Engineering at the Namur Digital Institute and the Faculty of Computer Science of the University of Namur.
Christophe Ponsard - Research-Innovation-Exploitation Coordinator.
OR

10:30 AM – 12:30 PM

Theoretical part: Secure Federated Learning

The course aims to introduce students to the understanding of different Federated Learning concepts with a focus on security vulnerabilities and cyber security challenges. The course will introduce the Federated Learning and compare it to other Machine Learning approaches.

The main concepts and process of Federated Learning will then be presented. The model aggregation phase will then be presented along with the security threats. The concept of differential privacy and its relevance for federated Learning explained. Homomorphic encryption techniques will then be introduced for securing the federated Learning process.

The course will then present open-source frameworks for federated learning that will be used in the practical work.

XavierLessage
Xavier Lessage - Senior Research Engineer in the Data Science department at CETIC.

12:30 PM – 02:30 PM

LUNCH TIME

02:30 PM – 05:30 PM

Lab work: Certification oriented cybersecurity testing of cyber physical systems with fuzzing techniques

The practical work will apply the certification and fuzzing concepts presented in the course to a mobility case study composed of virtualized rovers that navigate on the road under the supervision of a traffic control system. The rover software and firmware needs to be updated on a regular basis. The practical work will involve performing an impact analysis to determine if certified components are impacted, performing fuzzing tests to detect possible vulnerabilities and reporting on the tests required by the impact analysis.

Xavier Devroye - Assistant Professor of Software Engineering at the Namur Digital Institute and the Faculty of Computer Science of the University of Namur.
GuillaumeGinis
Guillaume Ginis - Senior Researcher in Cybersecurity at CETIC.
OR

02:30 PM – 04:30 PM

Lab work: Secure Federated Learning

The practical work aims at applying Federated Learning concepts with a practical exercise from the medical/hospital domain (classification of medical images (malignant or benign lesions)). The practical work will cover the steps required to train a neural network (CNN) with a Federated learning architecture. The practical work will involve adapting the model to meet cybersecurity challenges and performing cybersecurity tests.

 
XavierLessage
Xavier Lessage - Senior Research Engineer in the Data Science department at CETIC.

8:00 AM – 8:30 AM

REGISTRATIONS

8:30 AM – 10:00 AM

Theoretical part: Machine Learning Security in the Real World

Adversarial attacks are considered as one of the most critical security threats for Machine Learning (ML). These attacks apply small perturbations to some original examples in order to produce adversarial examples, specifically designed to fool ML model decision.

In order to enable the secure deployment of ML models in the real world, it is essential to properly assess their robustness to adversarial attacks and develop means to make models more robust. A common way to assess robustness is to empirically compute the model performance on the adversarial examples that an attack produced from a set of original examples.

Similarly, the established way to harden ML models is adversarial hardening, i.e. training processes that make models learn to make correct predictions on adversarial examples.

Traditional adversarial attacks were designed for image recognition and assume that every image pixel can be modified independently to its full range of values. In many domains, however, these attacks fail to consider that only specific perturbations could occur in practice due to the hard domain constraints that delimit the set of valid inputs (e.g., financial transactions must have a positive amount, text must be linguistically consistent, medical images can change depending on the machine used and patients’ morphology, etc.).

Because of this, they almost-always produce examples that are not feasible (i.e. could not exist in the real world). 

As a result, research has developed real-world adversarial attacks that either manipulate real objects through a series of problem-space transformations (i.e. problem-space attacks) or generate feature perturbations that satisfy predefined domain constraints (i.e. constrained feature space attacks).

In this lecture, we will review the scientific literature on these attacks and report on our experience in applying them to real-world cases.

Maxime Cordy
Maxime Cordy - Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)

10:00 AM – 12:00 PM

Lab work: Machine Learning Security in the Real World

During the lab, the students will gain practical knowledge on adversarial attacks via an online game and a hands-on exercise.

Maxime Cordy
Maxime Cordy - Research Scientist at the Interdisciplinary Center for Security, Reliability and Trust (SnT)

The next editions of Cyberwal in Galaxia Program are already planned for 2023 and 2024.

Our Program for the 5 days

The programme includes theoretical & practical courses 
A break is scheduled every day in the morning and afternoon

The next editions of Cyberwal in Galaxia Program are already planned for 2023 and 2024.

Register now!

2022 Cyberwal in Galaxia . .. ...

Days
Hours
Minutes

Gallery

Registration

Register now to be a part of this exclusive event!

Free of charge for the 60 first students registered

End of registrations on 04/12

*Your registration includes:

  • Courses & practical work
  • Shuttle bus from the hotel to Galaxia
  • Meals (lunch & coffee breaks)
  • VIP visit to Euro Space Center
  • Gala dinner

Not included:

  • Hotel
  • Breakfast
  • Evening meals
For any inquiry, please send an email to contact@cyberwalingalaxia.be

Hotels

Pre-booked rooms for our unique training are available in these two hotels until 28/11.
The availability and preferential price are not guaranteed after 28/11.

Mercure

Quartier Latin

Mercure Han Sur Lesse

Quartier Latin

Journey

Shuttles are provided from the hotels to the course areas and back.

Gala dinner

Meat & fish meal
Tartare de St Jacques, quinoa et légumes racines  crème acidulée, jet de pois gourmand 
Vin: Domaine Boucabeille « Les Terrasses » Blanc 

*** 
Carré de veau braisé, jus au thym et romarin croquant de ris et carottes fondantes  plate de Florenville à la fleur de sel 
Vin: Château la Roc de Calon Bordeau Rouge  
*** 
Gros macarons vanille mascarpone et spéculoos 
Fish meal
Tartare de St Jacques, quinoa et légumes racines  crème acidulée, jet de pois gourmand 
Vin: Viré Clessé Blanc 

* * *
Dos de Cabillaud roti  Risotto de légumes verts et bouillon de coquillage 
Vin: Château la Croix de Guillot Rouge 

* * *
Gros macarons vanille mascarpone et spéculoos 
Vegan meal
Tartare de chaux-fleus, quinoa et légumes racines vinaigrette de légumes, jet de pois gourmand
Vin : Viré Clessé Blanc

* * *
Risotto de légumes verts Feuille de riz craquante et bouillon d'herbes
Vin : Château la Croix de Guillot Rouge

* * *
Tartare de mangue et sorbet pomme
Previous
Next

Meat & fish meal

Tartare de St Jacques, quinoa et légumes racines  crème acidulée, jet de pois gourmand 

Vin: Domaine Boucabeille « Les Terrasses » Blanc 

*** 

Carré de veau braisé, jus au thym et romarin croquant de ris et carottes fondantes  plate de Florenville à la fleur de sel 

Vin: Château la Roc de Calon Bordeau Rouge 

*** 

Gros macarons vanille mascarpone et spéculoos 

Fish meal

Tartare de St Jacques, quinoa et légumes racines  crème acidulée, jet de pois gourmand 

Vin: Viré Clessé Blanc

* * *

Dos de Cabillaud roti  Risotto de légumes verts et bouillon de coquillage 

Vin: Château la Croix de Guillot Rouge

* * *

Gros macarons vanille mascarpone et spéculoos 

 

Vegan meal

Tartare de choux-fleurs, quinoa et légumes racines vinaigrette de légumes et jet de pois gourmand 

Vin : Viré Clessé Blanc

* * *

Risotto de légumes verts 

Feuille de riz craquante et bouillon d’herbes 

Vin : Château la Croix de Guillot Rouge

* * *

Tartare de mangue et sorbet pomme 

 

OUR BEST PARTNERS

This Program, which is financed by the Walloon Region, is organized by IDELUX Development (the Economic Development Agency of Belgian Luxembourg) and under the authority of the scientific committee chaired by Mr Axel Legay, Professor of cybersecurity at the UC Louvain.