Biblio

With the development of 5G communication technology, the status of the Internet of Vehicles in people's lives is greatly improved in the general trend of intelligent transportation. The combination of vehicles and Radio Frequency Identification (RFID) makes the application prospects of vehicle networking gradually expand. However, the wireless network of the Internet of Vehicles is open and mobile, so it can be easily stolen or tampered with by attackers. Moreover, it will cause serious traffic security problems and even threat people's lives. In this paper, we propose a lightweight authentication protocol for the Internet of Vehicles based on a mobile RFID system and give corresponding security requirements for modeling potential attacks. The protocol is based on the three-party mutual authentication, and uses bit-operated left-cycle shift operations and hetero-oriented operations to generate encrypted data. The simultaneous inclusion of triparty shared key information and random numbers makes the protocol resistant to counterfeit attacks, violent attacks, replay attacks and desynchronization attacks. Finally, a simulation analysis of the security protocol using the ProVerif tool shows that the protocol secures is not accessible to attackers during the data transfer, and achieve the three-party authentication between sensor nodes (SN), vehicle nodes (Veh) and backend servers.

This paper is related to dissemination and exploitation of the InFoCPS PhD research project: Failure of Cyber-Physical Systems (CPS) may cause extensive damage. Safety standards emphasize the use of formal analysis in CPS development processes. Performance degradation assessment and estimation of lifetime of energy storage (electric batteries) are vital in supporting maintenance decisions and guaranteeing CPS reliability. Existing formal analysis techniques mainly focus on specifying energy constraints in simplified manners and checking whether systems operate within given energy bounds. Leading to overlooked energy features that impede development of trustworthy CPS. Prognostics and health management (PHM) estimate energy uncertainty and predict remaining life of systems. We aim to utilize PHM techniques to rigorously model dynamic energy behaviors; resulting models are amenable to formal analysis. This project will increase the degree of maintenance of CPS while (non)-functional requirements are preserved correctly.

Direct Anonymous Attestation (DAA) is a cryptographic scheme that provides Trusted Platform Module TPM-backed anonymous credentials. We develop Tamarin modelling of the ECC-based version of the protocol as it is standardised and provide the first mechanised analysis of this standard. Our analysis confirms that the scheme is secure when all TPMs are assumed honest, but reveals a break in the protocol's expected authentication and secrecy properties for all TPMs even if only one is compromised. We propose and formally verify a minimal fix to the standard. In addition to developing the first formal analysis of ECC-DAA, the paper contributes to the growing body of work demonstrating the use of formal tools in supporting standardisation processes for cryptographic protocols.

Mobile communication networks connect much of the world's population. The security of users' calls, SMSs, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose. We provide the first comprehensive formal model of a protocol from the AKA family: 5G AKA. We also extract precise requirements from the 3GPP standards defining 5G and we identify missing security goals. Using the security protocol verification tool Tamarin, we conduct a full, systematic, security evaluation of the model with respect to the 5G security goals. Our automated analysis identifies the minimal security assumptions required for each security goal and we find that some critical security goals are not met, except under additional assumptions missing from the standard. Finally, we make explicit recommendations with provably secure fixes for the attacks and weaknesses we found. 

Wind energy is one of the major sources of renewable energy. Countries around the world are increasingly deploying large wind farms that can generate a significant amount of clean energy. A wind farm consists of many turbines, often spread across a large geographical area. Modern wind turbines are equipped with meteorological sensors. The wind farm control center monitors the turbine sensors and adjusts the power generation parameters for optimal power production. The turbine sensors are prone to cyberattacks and with the evolving of large wind farms and their share in the power generation, it is crucial to analyze such potential cyber threats. In this paper, we present a formal framework to verify the impact of false data injection attack on the wind farm meteorological sensor measurements. The framework designs this verification as a maximization problem where the adversary's goal is to maximize the wind farm power production loss with its limited attack capability. Moreover, the adversary wants to remain stealthy to the wind farm bad data detection mechanism while it is launching its cyberattack on the turbine sensors. We evaluate the proposed framework for its threat analysis capability as well as its scalability by executing experiments on synthetic test cases.

Fast, accurate three dimensional reconstructions of plasma equilibria, crucial for physics interpretation of fusion data generated within confinement devices like stellarators/ tokamaks, are computationally very expensive and routinely require days, even weeks, to complete using serial approaches. Here, we present a parallel implementation of the three dimensional plasma reconstruction code, V3FIT. A formal analysis to identify the performance bottlenecks and scalability limits of this new parallel implementation, which combines both task and data parallelism, is presented. The theoretical findings are supported by empirical performance results on several thousands of processor cores of a Cray XC30 supercomputer. Parallel V3FIT is shown to deliver over 40X speedup, enabling fusion scientists to carry out three dimensional plasma equilibrium reconstructions at unprecedented scales in only a few hours (instead of in days/weeks) for the first time.

Blockchain is an integrated technology to ensure keeping record and process transactions with decentralized manner. It is thought as the foundation of future decentralized ecosystem, and collects much attention. However, the maturity of this technology including security of the fundamental protocol and its applications is not enough, thus we need more research on the security evaluation and verification of Blockchain technology This tutorial explains the current status of the security of this technology, its security layers and possibility of application of formal analysis and verification.

We discuss the use of formal modeling to discover potential attacks on Cyber-Physical systems, in particular Industrial Control Systems. We propose a general approach to achieve that goal considering physical-layer interactions, time and state discretization of the physical process and logic, and the use of suitable attacker profiles. We then apply the approach to model a real-world water treatment testbed using ASLan++ and analyze the resulting transition system using CL-AtSe, identifying four attack classes. To show that the attacks identified by our formal assessment represent valid attacks, we compare them against practical attacks on the same system found independently by six teams from industry and academia. We find that 7 out of the 8 practical attacks were also identified by our formal assessment. We discuss limitations resulting from our chosen level of abstraction, and a number of modeling shortcuts to reduce the runtime of the analysis.

This paper presents a possible solution to a fundamental limitation facing all blockchain-based systems; scalability. We propose a temporal rolling blockchain which solves the problem of its current exponential growth, instead replacing it with a constant fixed-size blockchain. We conduct a thorough analysis of related work and present a formal analysis of the new rolling blockchain, comparing the results to a traditional blockchain model to demonstrate that the deletion of data from the blockchain does not impact on the security of the proposed blockchain model before concluding our work and presenting future work to be conducted.