Biblio

We build upon the clean-slate, holistic approach to the design of secure protocols for wireless ad-hoc networks proposed in part one. We consider the case when the nodes are not synchronized, but instead have local clocks that are relatively affine. In addition, the network is open in that nodes can enter at arbitrary times. To account for this new behavior, we make substantial revisions to the protocol in part one. We define a game between protocols for open, unsynchronized nodes and the strategies of adversarial nodes. We show that the same guarantees in part one also apply in this game: the protocol not only achieves the max-min utility, but the min-max utility as well. That is, there is a saddle point in the game, and furthermore, the adversarial nodes are effectively limited to either jamming or conforming with the protocol.

Radio-frequency identification (RFID) are becoming a part of our everyday life with a wide range of applications such as labeling products and supply chain management and etc. These smart and tiny devices have extremely constrained resources in terms of area, computational abilities, memory, and power. At the same time, security and privacy issues remain as an important problem, thus with the large deployment of low resource devices, increasing need to provide security and privacy among such devices, has arisen. Resource-efficient cryptographic incipient become basic for realizing both security and efficiency in constrained environments and embedded systems like RFID tags and sensor nodes. Among those primitives, lightweight block cipher plays a significant role as a building block for security systems. In 2014 Manoj Kumar et al proposed a new Lightweight block cipher named as FeW, which are suitable for extremely constrained environments and embedded systems. In this paper, we simulate and synthesize the FeW block cipher. Implementation results of the FeW cryptography algorithm on a FPGA are presented. The design target is efficiency of area and cost.

The exponential growth in the number of mobile devices, combined with the rapid demand for wireless services, has steadily stressed the wireless spectrum, calling for new techniques to improve spectrum utilization. A geo-location database has been proposed as a viable solution for wireless users to determine spectrum availability in cognitive radio networks. The protocol used by secondary users (SU) to request spectral availability for a specific location, time and duration, may reveal confidential information about these users. In this paper, we focus on SUs' location privacy in database-enabled wireless networks and propose a framework to address this threat. The basic tenet of the framework is obfuscation, whereby channel requests for valid locations are interwoven with requests for fake locations. Traffic redirection is also used to deliberately confuse potential query monitors from inferring users' location information. Within this framework, we propose two privacy-preserving schemes. The Master Device Enabled Location Privacy Preserving scheme utilizes trusted master devices to prevent leaking information of SUs' locations to attackers. The Crowd Sourced Location Privacy Preserving scheme builds a guided tour of randomly selected volunteers to deliver users channel availability queries and ensure location privacy. Security analysis and computational and communication overhead of these schemes are discussed.

Protection of information achieves keeping confidentiality, integrity, and availability of the data. These features are essential for the proper operation of modern industrial technologies, like Smart Grid. The complex grid system integrates many electronic devices that provide an efficient way of exploiting the power systems but cause many problems due to their vulnerabilities to attacks. The aim of the work is to propose a solution to the privacy problem in Smart Grid communication network between the customers and Control center. It consists in using the relatively new cryptographic task - quantum key distribution (QKD). The solution is based on choosing an appropriate quantum key distribution method out of all the conventional ones by performing an assessment in terms of several parameters. The parameters are: key rate, operating distances, resources, and trustworthiness of the devices involved. Accordingly, we discuss an answer to the privacy problem of the SG network with regard to both security and resource economy.

Use-After-Free (UAF) vulnerabilities are caused by the program operating on a dangling pointer and can be exploited to compromise critical software systems. While there have been many tools to mitigate UAF vulnerabilities, UAF remains one of the most common attack vectors. UAF is particularly di cult to detect in concurrent programs, in which a UAF may only occur with rare thread schedules. In this paper, we present a novel technique, UFO, that can precisely predict UAFs based on a single observed execution trace with a provably higher detection capability than existing techniques with no false positives. The key technical advancement of UFO is an extended maximal thread causality model that captures the largest possible set of feasible traces that can be inferred from a given multithreaded execution trace. By formulating UAF detection as a constraint solving problem atop this model, we can explore a much larger thread scheduling space than classical happens-before based techniques. We have evaluated UFO on several real-world large complex C/C++ programs including Chromium and FireFox. UFO scales to real-world systems with hundreds of millions of events in their execution and has detected a large number of real concurrency UAFs.

With the rapid technological growth in the present context, Internet of Things (IoT) has attracted the worldwide attention and has become pivotal technology in the smart computing environment of 21st century. IoT provides a virtual view of real-life things in resource-constrained environment where security and privacy are of prime concern. Lightweight cryptography provides security solutions in resource-constrained environment of IoT. Several software and hardware implementation of lightweight ciphers have been presented by different researchers in this area. This paper presents a comparative analysis of several lightweight cryptographic solutions along with their pros and cons, and their future scope. The comparative analysis may further help in proposing a 32-bit ultra-lightweight block cipher security model for IoT enabled applications in the smart environment.

Agile methods frequently have difficulties with qualities, often specifying quality requirements as stories, e.g., "As a user, I need a safe and secure system." Such projects will generally schedule some capability releases followed by safety and security releases, only to discover user-developer misunderstandings and unsecurable agile code, leading to project failure. Very large agile projects also have further difficulties with project velocity and scalability. Examples are trying to use daily standup meetings, 2-week sprints, shared tacit knowledge vs. documents, and dealing with user-developer misunderstandings. At USC, our Parallel Agile, Executable Architecture research project shows some success at mid-scale (50 developers). We also examined several large (hundreds of developers) TRW projects that had succeeded with rapid, high-quality development. The paper elaborates on their common Critical Quality Factors: a concurrent 3-team approach, an empowered Keeper of the Project Vision, and a management approach emphasizing qualities.

pubcrawl, Network on Chip Security, Scalability, resiliency, resilience, metrics, Tasks on NoC (Network-on-Chip) are less efficient because of long-distance data synchronization. An inefficient task schedule strategy can lead to a large number of remote data accessing that ruins the speedup of parallel execution of multiple tasks. Thus, we propose an energy efficient task schedule to reduce task traffic with a diffusional pattern. The task mapping algorithm can optimize traffic distribution by limit tasks into a small area to reduce NoC activities. Comparing to application-layer optimization, our task mapping can obtain 20% energy saving and 15% latency reduction on average.

The high penetration of third-party intellectual property (3PIP) brings a high risk of malicious inclusions and data leakage in products due to the planted hardware Trojans, and system level security constraints have recently been proposed for MPSoCs protection against hardware Trojans. However, secret communication still can be established in the context of the proposed security constraints, and thus, another type of security constraints is also introduced to fully prevent such malicious inclusions. In addition, fulfilling the security constraints incurs serious overhead of schedule length, and a two-stage performance-constrained task scheduling algorithm is then proposed to maintain most of the security constraints. In the first stage, the schedule length is iteratively reduced by assigning sets of adjacent tasks into the same core after calculating the maximum weight independent set of a graph consisting of all timing critical paths. In the second stage, tasks are assigned to proper IP vendors and scheduled to time periods with a minimization of cores required. The experimental results show that our work reduces the schedule length of a task graph, while only a small number of security constraints are violated.

Demand response analysis in smart grid deployment substantiated itself as an important research area in recent few years. Two-way communication between utility and users makes peak load reduction feasible by delaying the operation of deferrable appliances. Flexible appliance rescheduling is preferred to the users compared to traditional load curtailment. Again, if users' preferences are accounted into appliance transferring process, then customers concede a little discomfort to help the utility in peak reduction. This paper presents a novel Utility-User Cooperative Algorithm (UUCA) to lower total electricity cost and gross peak demand while preserving users' privacy and preferences. Main driving force in UUCA to motivate the consumers is a new cost function for their flexible appliances. As a result, utility will experience low peak and due to electricity cost decrement, users will get reduced bill. However, to maintain privacy, the behaviors of one customer have not be revealed either to other customers or to the central utility. To justify the effectiveness, UUCA is executed separately on residential, commercial and industrial customers of a distribution grid. Harmony search optimization technique has proved itself superior compared to other heuristic search techniques to prove efficacy of UUCA.

Over the past decade, distributed CSMA, which forms the basis for WiFi, has been deployed ubiquitously to provide seamless and high-speed mobile internet access. However, distributed CSMA might not be ideal for future IoT/M2M applications, where the density of connected devices/sensors/controllers is expected to be orders of magnitude higher than that in present wireless networks. In such high-density networks, the overhead associated with completely distributed MAC protocols will become a bottleneck. Moreover, IoT communications are likely to have strict QoS requirements, for which the `best-effort' scheduling by present WiFi networks may be unsuitable. This calls for a clean-slate redesign of the wireless MAC taking into account the requirements for future IoT/M2M networks. In this paper, we propose a reservation-based (for minimal overhead) wireless MAC designed specifically with IoT/M2M applications in mind.

The DES is a symmetric cryptosystem which encrypts data in blocks of 64 bits using 48 bit keys in 16 rounds. It comprises a key schedule, encryption and decryption components. The key schedule, in particular, uses three static component units, the PC-1, PC-2 and rotation tables. However, can these three static components of the key schedule be altered? The DES development team never explained most of these component units. Understanding the DES key schedule is, thus, hard. In addition, reproducing the DES model with unknown component units is challenging, making it hard to adapt and bring implementation of the DES model closer to novice developers' context. We propose an alternative approach for re-implementing the DES key schedule using, rather, dynamic instead of static tables. We investigate the design features of the DES key schedule and implement the same. We then propose a re-engineering view towards a more white-box design. Precisely, generation of the PC-1, rotation and PC-2 tables is revisited to random dynamic tables created at run time. In our views, randomly generated component units eliminate the feared concerns regarding perpetrators' possible knowledge of the internal structures of the static component units. Comparison of the performances of the hybrid DES key schedule to that of the original DES key schedule shows closely related outcomes, connoting the hybrid version as a good alternative to the original model. Memory usage and CPU time were measured. The hybrid insignificantly out-performs the original DES key schedule. This outcome may inspire further researches on possible alterations to other DES component units as well, bringing about completely white-box designs to the DES model.

Block ciphers are one of the most fundamental building blocks for information and network security. In recent years, the need for lightweight ciphers has dramatically been increased due to their wide use in low-cost cryptosystems, wireless networks and resource-constrained embedded devices including RFIDs, sensor nodes, smart cards etc. In this paper, an efficient lightweight architecture for RECTANGLE block cipher has been proposed. The architecture is suitable for extremely hardware-constrained environments and multiple platforms due to its support of bit-slice technique. The proposed architecture has been synthesized and implemented on Xilinx Virtex-5 xc5vlx110t-1ff1136 field programmable gate array (FPGA) device. Implementation results have been presented and compared with the existing architectures and have shown commensurable performance. Also, an application-specific integrated circuit (ASIC) implementation of the architecture is done on SCL 180 nm CMOS technology where it consumes 2362 gate equivalent (GE).

The following topics are dealt with: formal verification; formal specification; cyber-physical systems; program verification; mobile robots; control engineering computing; temporal logic; security of data; Internet of Things; traffic engineering computing.

Local flexibility markets are a concept to integrate distributed flexibilities such as power-to-gas, power-to-heat systems, electric vehicles, and battery storage systems into congestion management of distribution and transmission grids. However, the activation of the flexibility of storage systems changes their state-of-charge and thus reduces their available flexibility. Counter-trading or compensation of activated flexibility in later points of time lets storage operators regain flexibility. However, this compensation might create or amplify congestions when not supervised by system operators. Therefore, we propose the inclusion of compensation within the flexibility market clearing process by system operators. We further develop a linear formulation of flexibility market bids by storage systems that takes the need for compensation into account. For this, first, the operational planning formulation of a storage system is expanded by flexibility market participation. Subsequently, the linear formulation of bids is derived and demonstrated.

Demand-side management (DSM) plays a significant function in the smart distribution system to make informed decisions from both the consumer and supplier side with regards to energy consumption to redesign the load profile and to decrease the peak load demand. This study extensively reviews the demand-side management (DSM) strategies along with both demand response and energy efficiency policies. The major objective of this paper is to enumerate the relevant features responsible to strengthen the DSM effectively, particularly for residential energy demand and the limits to energy indicators. Secondly, the large untapped and hidden potential and the associated barriers to energy efficiency enhancement are focused and surveyed for formulating a better number of potential policy responses. This further explores the portfolio approach with bundled strategies to reflect on the power market through enhancing the strength of individual residential measures through complementary policies to reduce the weaknesses. This concludes at last with the findings of possible holistic measures related to various approaches and attributes findings that reinforce the DSM strategies to enhance energy management and cost-effectiveness. Apart from that the architecture, formulation of optimization problems, and various approaches are presented to help the readers to develop research in this direction to maximize the total system peak demand, overall load factor, and utility revenue with the minimized customer electric bill.

Concurrency programs often induce buggy results due to the unexpected interaction among threads. The detection of these concurrency bugs costs a lot because they usually appear under a specific execution trace. How to virtually explore different thread schedules to detect concurrency bugs efficiently is an important research topic. Many techniques have been proposed, including lightweight techniques like adaptive randomized scheduling (ARS) and heavyweight techniques like maximal causality reduction (MCR). Compared to heavyweight techniques, ARS is efficient in exploring different schedulings and achieves state-of-the-art performance. However, it will lead to explore large numbers of redundant thread schedulings, which will reduce the efficiency. Moreover, it suffers from the “cold start” issue, when little information is available to guide the distance calculation at the beginning of the exploration. In this work, we propose a Heuristic-Enhanced Adaptive Randomized Scheduling (HARS) algorithm, which improves ARS to detect concurrency bugs guided with novel distance metrics and heuristics obtained from existing research findings. Compared with the adaptive randomized scheduling method, it can more effectively distinguish the traces that may contain concurrency bugs and avoid redundant schedules, thus exploring diverse thread schedules effectively. We conduct an evaluation on 45 concurrency Java programs. The evaluation results show that our algorithm performs more stably in terms of effectiveness and efficiency in detecting concurrency bugs. Notably, HARS detects hard-to-expose bugs more effectively, where the buggy traces are rare or the bug triggering conditions are tricky.

In contrast to traditional physical servers, a custom-built system utilizing a bare-metal hypervisor virtual server environment provides advantages of both cost savings and flexibility in terms of systems configuration. This system is designed to facilitate hands-on experience for Computer Science students, particularly those specializing in systems administration and computer networking. This multi-purpose and functional system uses an automatic advanced virtual server reservation system (AAVSRsv), written in C++, to schedule and manage virtual servers. The use of such a system could be extended to additional courses focusing on such topics as cloud computing, database systems, information assurance, as well as ethical hacking and system defense. The design can also be replicated to offer training sessions to other information technology professionals.

The software industry is dominating many are like health care, finance, agriculture and entertainment. Software security has become an essential issue-outsider libraries, which assume a significant part in programming. The finding weaknesses in the binary code is a significant issue that presently cannot seem to be handled, as showed by numerous weaknesses wrote about an everyday schedule. Software seller sells the software to the client if the client wants to check the software's vulnerability it is a cumbersome task. Presently many deep learning-based methods also introduced to find the security weakness in the binary code. This paper present the merits and demerits of binary code analysis used by a different method.

The secure functioning of automotive systems is vital to the safety of their passengers and other roadway users. One of the critical functions for safety is the controller area network (CAN), which interconnects the safety-critical electronic control units (ECUs) in the majority of ground vehicles. Unfortunately CAN is known to be vulnerable to several attacks. One such attack is the bus-off attack, which can be used to cause a victim ECU to disconnect itself from the CAN bus and, subsequently, for an attacker to masquerade as that ECU. A limitation of the bus-off attack is that it requires the attacker to achieve tight synchronization between the transmission of the victim and the attacker's injected message. In this paper, we introduce a schedule-based attack framework for the CAN bus-off attack that uses the real-time schedule of the CAN bus to predict more attack opportunities than previously known. We describe a ranking method for an attacker to select and optimize its attack injections with respect to criteria such as attack success rate, bus perturbation, or attack latency. The results show that vulnerabilities of the CAN bus can be enhanced by schedule-based attacks.

Modern day grid operation requires multiple interlinked applications and many automated processes at control center for monitoring and operation of grid. Information technology integrated with operational technology plays a critical role in grid operation. Computing resource requirements of these software applications varies widely and includes high processing applications, high Input/Output (I/O) sensitive applications and applications with low resource requirements. Present day grid operation control center uses various applications for load despatch schedule management, various real-time analytics & optimization applications, post despatch analysis and reporting applications etc. These applications are integrated with Operational Technology (OT) like Data acquisition system / Energy management system (SCADA/EMS), Wide Area Measurement System (WAMS) etc. This paper discusses various design considerations and implementation of converged infrastructure through virtualization technology by consolidation of servers and storages using multi-cluster approach to meet high availability requirement of the applications and achieve desired objectives of grid control center of north eastern region in India. The process involves weighing benefits of different architecture solution, grouping of application hosts, making multiple clusters with reliability and security considerations, and designing suitable infrastructure to meet all end objectives. Reliability, enhanced resource utilization, economic factors, storage and physical node selection, integration issues with OT systems and optimization of cost are the prime design considerations. Modalities adopted to minimize downtime of critical systems for grid operation during migration from the existing infrastructure and integration with OT systems of North Eastern Regional Load Despatch Center are also elaborated in this paper.

Objective measures are ubiquitous in the formulation, design and implementation of deep space missions. Tour durations, flyby altitudes, propellant budgets, power consumption, and other metrics are essential to developing and managing NASA missions. But beyond the simple metrics of cost and workforce, it has been difficult to identify objective, quantitative measures that assist in evaluating choices made during formulation or implementation phases in terms of their impact on flight operations. As part of the development of the Europa Clipper Mission system, a set of operations metrics have been defined along with the necessary design information and software tooling to calculate them. We have applied these methods and metrics to help assess the impact to the flight team on the six options for the Clipper Tour that are currently being vetted for selection in the fall of 2021. To generate these metrics, the Clipper MOS team first designed the set of essential processes by which flight operations will be conducted, using a standard approach and template to identify (among other aspects) timelines for each process, along with their time constraints (e.g., uplinks for sequence execution). Each of the resulting 50 processes is documented in a common format and concurred by stakeholders. Process timelines were converted into generic schedules and workforce-loaded using COTS scheduling software, based on the inputs of the process authors and domain experts. Custom code was generated to create an operations schedule for a specific portion of Clipper's prime mission, with instances of a given process scheduled based on specific timing rules (e.g., process X starts once per week on Thursdays) or relative to mission events (e.g., sequence generation process begins on a Monday, at least three weeks before each Europa closest approach). Over a 5-month period, and for each of six Clipper candidate tours, the result was a 20,000+ line, workforce-loaded schedule that documents all of the process-driven work effort at the level of individual roles, along with a significant portion of the level-of-effort work. Post-processing code calculated the absolute and relative number of work hours during a nominal 5 day / 40 hour work week, the work effort during 2nd and 3rd shift, as well as 1st shift on weekends. The resultant schedules and shift tables were used to generate objective measures that can be related to both human factors and to operational risk and showed that Clipper tours which utilize 6:1 resonant (21.25 day) orbits instead of 4:1 resonant (14.17 day) orbits during the first dozen or so Europa flybys are advantageous to flight operations. A similar approach can be extended to assist missions in more objective assessments of a number of mission issues and trades, including tour selection and spacecraft design for operability.

In the world of information technology and the Internet, which has become a part of human life today and is constantly expanding, Attention to the users' requirements such as information security, fast processing, dynamic and instant access, and costs savings has become essential. The solution that is proposed for such problems today is a technology that is called cloud computing. Today, cloud computing is considered one of the most essential distributed tools for processing and storing data on the Internet. With the increasing using this tool, the need to schedule tasks to make the best use of resources and respond appropriately to requests has received much attention, and in this regard, many efforts have been made and are being made. To this purpose, various algorithms have been proposed to calculate resource allocation, each of which has tried to solve equitable distribution challenges while using maximum resources. One of these calculation methods is the DRF algorithm. Although it offers a better approach than previous algorithms, it faces challenges, especially with time-consuming resource allocation computing. These challenges make the use of DRF more complex than ever in the low number of requests with high resource capacity as well as the high number of simultaneous requests. This study tried to reduce the computations costs associated with the DRF algorithm for resource allocation by introducing a new approach to using this DRF algorithm to automate calculations by machine learning and artificial intelligence algorithms (Autonomic Dominant Resource Fairness or A-DRF).

KYC or Know Your Customer is the procedure to verify the individuality of its consumers & evaluating the possible dangers of illegitimate trade relations. A few problems with the existing KYC manual process are that it is less secure, time-consuming and expensive. With the advent of Blockchain technology, its structures such as consistency, security, and geographical diversity make them an ideal solution to such problems. Although marketing solutions such as KYC-chain.co, K-Y-C. The legal right to enable blockchain-based KYC authentication provides a way for documents to be verified by a trusted network participant. This project uses an ETHereum based Optimised KYC Block-chain system with uniform A-E-S encryption and compression built on the LZ method. The system publicly verifies a distributed encryption, is protected by cryptography, operates by pressing the algorithm and is all well-designed blockchain features. The suggested scheme is a novel explanation based on Distributed Ledger Technology or Blockchain technology that would cut KYC authentication process expenses of organisations & decrease the regular schedule for completion of the procedure whilst becoming easier for clients. The largest difference in the system in traditional methods is the full authentication procedure is performed in just no time for every client, regardless of the number of institutions you desire to be linked to. Furthermore, since DLT is employed, validation findings may be securely distributed to consumers, enhancing transparency. Based on this method, a Proof of Concept (POC) is produced with Ethereum's API, websites as endpoints and the android app as the front office, recognising the viability and efficacy of this technique. Ultimately, this strategy enhances consumer satisfaction, lowers budget overrun & promotes transparency in the customer transport network.

Demand response has emerged as one of the most promising methods for the deployment of sustainable energy systems. Attempts to democratize demand response and establish programs for residential consumers have run into scalability issues and risks of leaking sensitive consumer data. In this work, we propose a privacy-friendly, incentive-based demand response market, where consumers offer their flexibility to utilities in exchange for a financial compensation. Consumers submit encrypted offer which are aggregated using Computation Over Encrypted Data to ensure consumer privacy and the scalability of the approach. The optimal allocation of flexibility is then determined via double-auctions, along with the optimal consumption schedule for the users with respect to the day-ahead electricity prices, thus also shielding participants from high electricity prices. A case study is presented to show the effectiveness of the proposed approach.