Biblio

Wireless Sensor Networks (WSNs) have limited energy resource which requires authentic data transmission at a minimum cost. The major challenge is to deploy WSN with limited energy and lifetime of nodes while taking care of secure data communication. The transmission of data from the wireless channels may cause many losses such as fading, noise, bit error rate increases as well as deplete the energy resource from the nodes. To reduce the adverse effects of losses and to save power usage, error control coding (ECC) techniques are widely used and it also brings coding gain. Since WSN have limited energy resource so the selection of ECC is very difficult as both power consumption, as well as BER, has also taken into consideration. This research paper reviews different types of models, their applications, limitations of the sensor networks, and what are different types of future works going to overcome the limitations.

Visible light communications (VLC) have been the focus of many recent investigations due to its potential for transmitting data at a higher bitrate than conventional communication systems. Alongside the advantages of being energy efficient through the use of LEDs (Light Emitting Diodes), it is imperative that these systems also take in consideration privacy and security measures available. This work highlights the technical aspects of a typical 16-QAM (Quadrature Amplitude Modulation) VLC system incorporating an enhanced privacy feature using an hyperchaotic map to scramble the symbols. The results obtained in this study showed a low dispersion symbol constellation while communicating at 100 Baud and with a 1 m link. Using the measured EVM (Error Vector Magnitude) of the constellation, the BER (Bit Error Rate) of this system was estimated to be bellow 10−12 which is lower than the threshold limit of 3.8.10−3 that corresponds to the 7% hard-decision forward error correction (HD- FEC) for optimal transmission, showing that this technique can be implemented with higher bitrates and with a higher modulation index.

Ternary content addressable memories (TCAMs) widely utilized in network systems to enforce the labeling of packets. For example, they are used for packet forwarding, security, and software-defined networks (SDNs). TCAMs are typically deployed as standalone instruments or as an embedded intellectual property component on application-specific integrated circuits. However, field-programmable gate arrays (FPGAs) do not have TCAM bases. However, FPGAs’ versatility allows them to appeal for SDN deployment, and most FPGA vendors have SDN production kits. Those need to help TCAM features and then simulate TCAMs using the FPGA logic blocks. Several methods to reproduction TCAMs on FPGAs have been introduced in recent years. Some of them use a huge multiple storage blocks within modern FPGAs to incorporate TCAMs. A trouble while remembrances are that soft errors that corrupt stored bits can affect them. Memories may be covered by a parity test to identify errors or by an error correction code, although this involves extra bits in a word frame. This brief considers memory security used to simulate TCAMs. It is shown in particular that by leveraging the assumption its part of potential memory information is true, most single-bit errors can be resolved when memoirs are emulated with a parity bit.

Security of physical layer key generation is based on the randomness and reciprocity of wireless fading channel, which has attracted more and more attention in recent years. This paper proposes a rate adaptive key agreement scheme and utilizes the received signal strength (RSS) of the channel between two wireless devices to generate the key. In conventional information reconciliation process, the bit inconsistency rate is usually eliminated by using the filter method, which increases the possibility of exposing the generated key bit string. Building on the strengths of existing secret key extraction approaches, this paper develops a scheme that uses Reed-Solomon (RS) codes, one of forward error correction channel codes, for information reconciliation. Owing to strong error correction performance of RS codes, the proposed scheme can solve the problem of inconsistent key bit string in the process of channel sensing. At the same time, the composition of RS codes can help the scheme realize rate adaptation well due to the construction principle of error correction code, which can freely control the code rate and achieve the reconciliation method of different key bit string length. Through experiments, we find that when the number of inconsistent key bits is not greater than the maximum error correction number of RS codes, it can well meet the purpose of reconciliation.

PCIe (Peripheral Component Interconnect express) protocol is the de facto protocol to bridge CPU and peripheral devices like GPU, NIC, and SSD drive. There is an increasing demand to install more peripheral devices on a single machine, but the PCIe interfaces offered by Intel CPUs are fixed. To resolve such contention, PCIe switch, PCH (Platform Controller Hub), or virtualization cards are installed on the machine to allow multiple devices to share a PCIe interface. Congestion happens when the collective PCIe traffic from the devices overwhelm the PCIe link capacity, and transmission delay is then introduced.In this work, we found the PCIe delay not only harms device performance but also leaks sensitive information about a user who uses the machine. In particular, as user’s activities might trigger data movement over PCIe (e.g., between CPU and GPU), by measuring PCIe congestion, an adversary accessing another device can infer the victim’s secret indirectly. Therefore, the delay resulted from I/O congestion can be exploited as a side-channel. We demonstrate the threat from PCIe congestion through 2 attack scenarios and 4 victim settings. Specifically, an attacker can learn the workload of a GPU in a remote server by probing a RDMA NIC that shares the same PCIe switch and measuring the delays. Based on the measurement, the attacker is able to know the keystroke timings of the victim, what webpage is rendered on the GPU, and what machine-learning model is running on the GPU. Besides, when the victim is using a low-speed device, e.g., an Ethernet NIC, an attacker controlling an NVMe SSD can launch a similar attack when they share a PCH or virtualization card. The evaluation result shows our attack can achieve high accuracy (e.g., 96.31% accuracy in inferring webpage visited by a victim).

With the development of cloud computing, remote attestation of virtual machines has received extensive attention. However, the current schemes mainly concentrate on the single prover, and the attestation of a large-scale virtualization environment will cause TPM bottleneck and network congestion, resulting in low efficiency of attestation. This paper proposes CloudTA, an extensible remote attestation architecture. CloudTA groups all virtual machines on each cloud server and introduces an integrity measurement group (IMG) to measure virtual machines and generate trusted evidence by a group. Subsequently, the cloud server reports the physical platform and VM group's trusted evidence for group verification, reducing latency and improving efficiency. Besides, CloudTA designs a hybrid high concurrency communication framework for supporting remote attestation of large-scale virtual machines by combining active requests and periodic reports. The evaluation results suggest that CloudTA has good efficiency and scalability and can support remote attestation of ten thousand virtual machines.

With the rapid development of cloud computing, IaaS (Infrastructure as a Service) becomes more and more popular. IaaS customers may not clearly know the actual performance of each cloud platform. Moreover, there are no unified standards in performance evaluation of IaaS VMs (virtual machine). The underlying virtualization technology of IaaS cloud is transparent to customers. In this paper, we will design an automated performance benchmarking platform which can automatically install, configure and execute each benchmarking tool with a configuration center. This platform can easily visualize multidimensional benchmarking parameters data of each IaaS cloud platform. We also rented four IaaS VMs from AliCloud-Beijing, AliCloud-Qingdao, UCloud and Huawei to validate our benchmarking system. Performance comparisons of multiple parameters between multiple platforms were shown in this paper. However, in practice, customers' applications running on VMs are often complex. Performance of complex applications may not depend on single benchmarking parameter (e.g. CPU, memory, disk I/O etc.). We ran a TPC-C test for example to get overall performance in MySQL application scenario. The effects of different benchmarking parameters differ in this specific scenario.

Network function virtualization (NFV) simplies the coniguration and management of security services by migrating the network security functions from dedicated hardware devices to software middle-boxes that run on commodity servers. Under the paradigm of NFV, the service function chain (SFC) consisting of a series of ordered virtual network security functions is becoming a mainstream form to carry network security services. Allocating the underlying physical network resources to the demands of SFCs under given constraints over time is known as the SFC deployment problem. It is a crucial issue for infrastructure providers. However, SFC deployment is facing new challenges in trading off between pursuing the objective of a high revenue-to-cost ratio and making decisions in an online manner. In this paper, we investigate the use of reinforcement learning to guide online deployment decisions for SFC requests and propose a Policy network Assisted Monte Carlo Tree search approach named PACT to address the above challenge, aiming to maximize the average revenue-to-cost ratio. PACT combines the strengths of the policy network, which evaluates the placement potential of physical servers, and the Monte Carlo Tree Search, which is able to tackle problems with large state spaces. Extensive experimental results demonstrate that our PACT achieves the best performance and is superior to other algorithms by up to 30% and 23.8% on average revenue-to-cost ratio and acceptance rate, respectively.

Mobile cloud computing has suggested as a viable technology as a result of the fast growth of mobile applications and the emergence of the cloud computing idea. Mobile cloud computing incorporates cloud computing into the mobile environment and addresses challenges in mobile cloud computing applications like (processing capacity, battery storage capacity, privacy, and security). We discuss the enabling technologies and obstacles that we will face when we transition from mobile computing to mobile cloud computing to develop next-generation mobile cloud applications. This paper provides an overview of the processes and open concerns for mobility in mobile cloud computing for augmented reality service provisioning. This paper outlines the concept, system architecture, and taxonomy of virtualization technology, as well as research concerns related to virtualization security, and suggests future study fields. Furthermore, we highlight open challenges to provide light on the future of mobile cloud computing and future development.

The ongoing trend of moving data and computation to the cloud is met with concerns regarding privacy and protection of intellectual property. Cloud Service Providers (CSP) must be fully trusted to not tamper with or disclose processed data, hampering adoption of cloud services for many sensitive or critical applications. As a result, CSPs and CPU manufacturers are rushing to find solutions for secure and trustworthy outsourced computation in the Cloud. While enclaves, like Intel SGX, are strongly limited in terms of throughput and size, AMD’s Secure Encrypted Virtualization (SEV) offers hardware support for transparently protecting code and data of entire VMs, thus removing the performance, memory and software adaption barriers of enclaves. Through attestation of boot code integrity and means for securely transferring secrets into an encrypted VM, CSPs are effectively removed from the list of trusted entities. There have been several attacks on the security of SEV, by abusing I/O channels to encrypt and decrypt data, or by moving encrypted code blocks at runtime. Yet, none of these attacks have targeted the attestation protocol, the core of the secure computing environment created by SEV. We show that the current attestation mechanism of Zen 1 and Zen 2 architectures has a significant flaw, allowing us to manipulate the loaded code without affecting the attestation outcome. An attacker may abuse this weakness to inject arbitrary code at startup–and thus take control over the entire VM execution, without any indication to the VM’s owner. Our attack primitives allow the attacker to do extensive modifications to the bootloader and the operating system, like injecting spy code or extracting secret data. We present a full end-to-end attack, from the initial exploit to leaking the key of the encrypted disk image during boot, giving the attacker unthrottled access to all of the VM’s persistent data.

Crime is a social problem that after the confinement of COVID-19 has increased significantly worldwide, which is why it is important to know what technological tools can be used to prevent criminal acts. In the present work, a systemic analysis was carried out to determine the importance of how to prevent crime using new information technologies. Fifty research articles were selected between 2015 and 2021. The information was obtained from different databases such as IEEE Xplore, Redalyc, Scopus, SciELO and Medline. Keywords were used to delimit the search and be more precise in our inquiry on the web. The results obtained show specific information on how to prevent crime using new information technologies. We conclude that new information technologies help to prevent crime since several developed countries have implemented their security system effectively, while underdeveloped countries do not have adequate technologies to prevent crime.

The fundamental limits of high-current conduction and response of metal conductors to large, fast current pulses are of interest to high-speed fuses, exploding wires and foils, and magnetically driven dynamic material property and inertial confinement fusion experiments. A collaboration between the University of Nevada, Reno, University of New Mexico, and Sandia National Laboratory has fielded an electrically thick (R 400-μm \textbackslashtextgreater skin-depth) cylindrical metal rod platform in a Z-pinch configuration driven by the Sandia 100-ns, 900-kA Mykonos linear transformer driver 1 . Photonic Doppler velocimetry (PDV) measuring the expansion velocity of the uncoated surface of aluminum rods 2 was used to benchmark equation of state (EOS) and electrical conductivity models used in magnetohydrodynamics simulations using the Los Alamos National Laboratory (LANL) code FLAG 3 . The metal surface was found to expand along the liquid-vapor coexistence curve in density-temperature space for 90 ns of the rod’s expansion for both tabular EOSs with Van der Waals loops and with Maxwell constructions under the vapor dome. As the slope of the coexistence curve varies across EOS models, the metal surface in simulation was found to heat and expand at different rates depending on the model used. The expansion velocities associated with EOS models were then compared against the PDV data to validate the EOS used in simulations of similar systems. Here, the most recent aluminum EOS (SESAME 93722) 4 was found to drive a simulated velocity that best compared with the experimental data due to its relatively steep coexistence curve and high critical point.

Magnetized Liner Inertial Fusion (MagLIF) is a magneto-inertial fusion concept that relies on fuel magnetization, laser preheat, and a magnetically driven implosion to produce fusion conditions. In MagLIF, the target is a roughly 10 mm long, 5 mm diameter, 0.5 mm thick, cylindrical beryllium shell containing 1 mg/cm 3 D 2 gas. An axial magnetic field on the order of 10 T is applied to the target, and several kJ of laser energy is deposited into the fuel. Up to 20 MA of current is driven axially through the beryllium target, causing it to implode over approximately 100 ns. The implosion produces a 100-μm diameter, 8-mm tall fuel column with a burn-averaged ion temperature of several keV, that generates 10 11 -10 13 DD neutrons.

Auto-magnetizing (AutoMag) liners 1 have demonstrated strong precompressed axial magnetic field production (\textbackslashtextgreater100 T) and remarkable cylindrical implosion uniformity during experiments 2 on the Z accelerator. However, both axial field production and implosion uniformity require further optimization to support use of AutoMag targets in magnetized liner inertial fusion (MagLIF) experiments. Recent experimental study on the Mykonos accelerator has provided data on the initiation and evolution of dielectric flashover in AutoMag targets; these results have directly enabled advancement of magnetohydrodynamic (MHD) modeling protocols used to simulate AutoMag liner implosions. Using these modeling protocols, we executed three-dimensional MHD simulations focused on improving AutoMag target designs, specifically seeking to optimize axial magnetic field production and enhance cylindrical implosion uniformity for MagLIF. By eliminating the previously used driver current prepulse and reducing the helical gap widths in AutoMag liners, simulations indicate that the optimal 30-50 T range of precompressed axial magnetic field for MagLIF can be accomplished concurrently with improved cylindrical implosion uniformity, thereby enabling an optimally premagnetized magneto-inertial fusion implosion with high cylindrical uniformity.

The Z machine is a pulsed power generator located at Sandia National Laboratories in Albuquerque, New Mexico. It is capable of producing a \textbackslashtextgreater20 MA current pulse that is directed onto an experimental load. While a diverse array of experiments are conducted on the Z machine, including x-ray production and dynamic materials science experiments, the focus of this presentation are the Magnetic Liner Inertial Fusion (MagLIF) experiments. In these experiments, an axial magnetic field is applied to the load region, where a cylindrical, fuel-filled metal liner is imploded. We explore the effects of this field on the ability to efficiently couple the generator current to the load, and the extent to which this field interrupts the magnetic insulation of the inner-most transmission line. We find that at the present-day applied field values, the effects of the applied field on current coupling are negligible. Estimates of the potential impact on current coupling of the larger applied field values planned for future experiments are also given. Shunted current is measured with B-dot probes and flyer velocimetry techniques. Analytical calculations, 2D particle-in-cell simulations, and experimental measurements will be presented.

The focus of this work is the transient modelling of the DC-arc voltage on a Hybrid Switch (a mechanical switch in parallel with a static switch) of a key protection component called Fast Discharge Unit (FDU) in the Divertor Tokamak Test (DTT). The DTT facility is an experimental tokamak in advanced design and realization phase, which will be built in the ENEA Research Centre in Frascati (Italy). The FDU allows the safe discharge of the Toroidal Field (TF) superconducting magnets when a quench is detected or a failure occurs in the power supply or in the cryogenic system. In this work, the arc conductance of the mechanical By-Pass Switch (BPS) of the Hybrid Switch is modelled using the well-known Mayr-Cassie equations and the Paukert arc parameters. The simulations show a good agreement with the expected results in terms of voltage and current transient from the mechanical switch to the static switch.

X-ray radiography has been used to diagnose a wide variety of experiments at the Z facility including inertial confinement fusion capsule implosions, the growth of the magneto-Rayleigh-Taylor instability in solid liners, and the development of helical structures in axially magnetized liner implosions. In these experiments, the Z Beamlet laser (1 kJ, 1 ns) was used to generate the x-ray source. An alternate x-ray source is desirable in experiments where the Z Beamlet laser is used for another purpose (e.g., preheating the fuel in magnetized liner inertial fusion experiments) or when multiple radiographic lines of sight are necessary.

Third party mobile applications are dominating the business strategies of organisations and have become an integral part of personal life of individuals. These applications are used for financial transactions, sharing of sensitive data etc. The recent breaches in Android clearly indicate that use of third party applications have become a serious security threat. By design, Android framework keeps all these applications in untrusted domain. Due to this a common policy of resource control exists for all such applications. Further, user discretion in granting permissions to specific applications is not effective because users are not always aware of deep functionalities, mala fide intentions (in case of spywares) and bugs/flaws in these third-party applications. In this regard, we propose a security scheme to mitigate unauthorised access of resources by third party applications. Our proposed scheme is based on SEAndroid policies and achieves fine grained confinement with respect to access control for the third party applications. To the best of our knowledge, the proposed scheme is unique and first of its kind. The proposed scheme is integrated with Android Oreo 8.1.0 for performance and security analysis. It is compatible with any Android device with AOSP support.

Magnetized Liner Inertial Fusion (MagLIF) is a magneto-inertial fusion (MIF) concept being studied on the Z-machine at Sandia National Laboratories. MagLIF relies on quasi-adiabatic heating of a gaseous deuterium (DD) fuel and flux compression of a background axially oriented magnetic field to achieve fusion relevant plasma conditions. The magnetic flux per fuel radial extent determines the confinement of charged fusion products and is thus of fundamental interest in understanding MagLIF performance. It was recently shown that secondary DT neutron spectra and yields are sensitive to the magnetic field conditions within the fuel, and thus provide a means by which to characterize the magnetic confinement properties of the fuel. 1 , 2 , 3 We utilize an artificial neural network to surrogate the physics model of Refs. [1] , [2] , enabling Bayesian inference of the magnetic confinement parameter for a series of MagLIF experiments that systematically vary the laser preheat energy deposited in the target. This constitutes the first ever systematic experimental study of the magnetic confinement properties as a function of fundamental inputs on any neutron-producing MIF platform. We demonstrate that the fuel magnetization decreases with deposited preheat energy in a fashion consistent with Nernst advection of the magnetic field out of the hot fuel and diffusion into the target liner.

The increase of size, capabilities, and speed of FPGAs enables the shared usage of reconfigurable resources by multiple applications and even operating systems. While research on FPGA virtualization in HPC-datacenters and cloud is already well advanced, it is a rather new concept for embedded systems. The necessity for FPGA virtualization of embedded systems results from the trend to integrate multiple environments into the same hardware platform. As multiple guest operating systems with different requirements, e.g., regarding real-time, security, safety, or reliability share the same resources, the focus of research lies on isolation under the constraint of having minimal impact on the overall system. Drivers for this development are, e.g., computation intensive AI-based applications in the automotive or medical field, embedded 5G edge computing systems, or the consolidation of electronic control units (ECUs) on a centralized MPSoC with the goal to increase reliability by reducing complexity. This survey outlines key concepts of hypervisor-based virtualization of embedded reconfigurable systems. Hypervisor approaches are compared and classified into FPGA-based hypervisors, MPSoC-based hypervisors and hypervisors for distributed embedded reconfigurable systems. Strong points and limitations are pointed out and future trends for virtualization of embedded reconfigurable systems are identified.

Modern embedded systems need to cater for several needs depending upon the application domain in which they are deployed. For example, mixed-critically needs to be considered for real-time and safety-critical systems and energy for battery-operated systems. At the same time, many of these systems demand for their reliability and security as well. With electronic systems being used for increasingly varying type of applications, novel challenges have emerged. For example, with the use of embedded systems in increasingly complex applications that execute tasks with varying priorities, mixed-criticality systems present unique challenges to designing reliable systems. The large design space involved in implementing cross-layer reliability in heterogeneous systems, particularly for mixed-critical systems, poses new research problems. Further, malicious security attacks on these systems pose additional extraordinary challenges in the system design. In this paper, we cover both the industry and academia perspectives of the challenges posed by these emergent aspects of system design towards designing highperformance, energy-efficient, reliable and/or secure embedded systems. We also provide our views on paths forward.

The semaphore mechanism is an important part of the embedded operating system. Therefore, it is very necessary to ensure its safety. Traditional software testing methods are difficult to ensure 100% coverage of the program. Therefore, it is necessary to adopt a formal verfication method which proves the correctness of the program theoretically. This paper proposes a proof framework based on the theorem proof tool Coq: modeling the semaphore mechanism, extracting important properties from the requirement documents, and finally verifying that the semaphore mechanism can meet these properties, which means the correctness of the semaphore mechanism is proved and also illustrates the feasibility of the verification framework proposed in this paper, which lays a foundation for the verification of other modules of operating systems.

Mobile embedded terminals widely applied in individual lives, but its security threats become more and more serious. Malicious attacker can steal sensitive information such as user’s phonebook, credit card information by instrumenting malicious programs, or compromising vulnerable software. Against these problems, this paper proposes a scheme for trusted protection system on the embedded platform. The system uses SM algorithms and hardware security chip as the root of trust to establish security mechanisms, including trusted boot of system image, trusted monitoring of the system running environment, disk partition encryption and verification, etc. These security mechanisms provide comprehensive protection to embedded system boot, runtime and long-term storage devices. This paper introduces the architecture and principles of the system software, design system security functions and implement prototype system for protection of embedded OS. The experiments results indicates the promotion of embedded system security and the performance test shows that encryption performance can meet the practical application.

Security has become a significant factor of Internet of Things (IoT) and Cyber Physical Systems (CPS) wherein the devices usually vary in computing power and intrinsic hardware features. It is necessary to use security-by-design method in the development of these systems. This paper focuses on the security design issue about this sort of heterogeneous embedded systems and proposes a systematic approach aiming to achieve optimal security design objective.

The load margin due to voltage instability and small-signal instability can be a valuable measure for the operator of the power system to ensure a continuous and safe supply of electricity. However, if this load margin was calculated without considering system operating requirements, then this margin may not be adequate. This article proposes an algorithm capable of providing the power system load margin considering the requirements of voltage stability, small-signal stability, and operational requirements, as limits of reactive power generation of synchronous generators in dynamic security assessment. Case studies were conducted in the 107-bus reduced order Brazilian system considering a list of contingencies and directions of load growth.