Biblio

The paper describes a methodology for assessing non-functional requirements, such as trust characteristics for applications running on computationally constrained devices in the Internet of Things. The methodology is demonstrated through an example of a microcontroller-based temperature monitoring system. The concepts of trust and trustworthiness for software and devices of the Internet of Things are complex characteristics for describing the correct and secure operation of such systems and include aspects of operational and information security, reliability, resilience and privacy. Machine learning models, which are increasingly often used for such tasks in recent years, are resource-consuming software implementations. The paper proposes to use a logic circuit model to implement the above algorithms as an additional module for computationally constrained devices for checking the trustworthiness of applications running on them. Such a module could be implemented as a hardware, for example, as an FPGA in order to achieve more effectiveness.

Threats and risks against supply chains are increasing and a framework to add the trustworthiness of supply chain has been considered. In this framework, organisations in the supply chain validate the conformance to the pre-defined requirements. The results of validations are linked each other to achieve the trustworthiness of the entire supply chain. In this paper, we further consider this framework for data supply chains. First, we implement the framework and evaluate the performance. The evaluation shows 500 digital evidences (logs) can be checked in 0.28 second. We also propose five methods to improve the performance as well as five new functionalities to improve usability. With these functionalities, the framework also supports maintaining the certificate chain.

Software trustworthiness includes many attributes. Reasonable weight allocation of trustworthy attributes plays a key role in the software trustworthiness measurement. In practical application, attribute weight usually comes from experts' evaluation to attributes and hidden information derived from attributes. Therefore, when the weight of attributes is researched, it is necessary to consider weight from subjective and objective aspects. Firstly, a novel weight allocation method is proposed by combining the Fuzzy Analytical Hierarchy Process (FAHP) method and the Criteria Importance Though Intercrieria Correlation (CRITIC) method. Secondly, based on the weight allocation method, the trustworthiness measurement models of component-based software are established according to the four combination structures of components. Thirdly, some metric criteria of the model are proved to verify the reasonability. Finally, a case is used to illustrate the practicality of the model.

Little can be achieved in the design of security protocols without trusting at least some participants. This trust should be justified or, at the very least, subject to examination. One way to strengthen trustworthiness is to hold parties accountable for their actions, as this provides a strong incentive to refrain from malicious behavior. This has led to an increased interest in accountability in the design of security protocols. In this work, we combine the accountability definition of Künnemann, Esiyok, and Backes [21] with the notion of case tests to extend its applicability to protocols with unbounded sets of participants. We propose a general construction of verdict functions and a set of verification conditions that achieve soundness and completeness. Expressing the verification conditions in terms of trace properties allows us to extend TAMARIN - a protocol verification tool - with the ability to analyze and verify accountability properties in a highly automated way. In contrast to prior work, our approach is significantly more flexible and applicable to a wider range of protocols.

Smart grids are one of the most important applications of cyber-physical systems. They intelligently transmit energy to customers by information technology, and have replaced the traditional power grid and are widely used. However, smart grids are vulnerable to cyber-attacks. Once attacked, it will cause great losses and lose the trust of customers. Therefore, it is important to evaluate the trustworthiness of smart grids. In order to evaluate the trustworthiness of smart grids, this paper uses a generalized stochastic Petri net (GSPN) to model smart grids. Considering various security threats that smart grids may face, we propose a general GSPN model for smart grids, which evaluates trustworthiness from three metrics of reliability, availability, and integrity by analyzing steady-state and transient probabilities. Finally, we obtain the value of system trustworthiness and simulation results show that the feasibility and effectiveness of our model for smart grids trustworthiness.

In order to analyze the trustworthiness of complex software systems, we propose a model of evidence-based software trustworthiness called trustworthiness derivation tree (TDT). The basic idea of constructing a TDT is to refine main properties into key ingredients and continue the refinement until basic facts such as evidences are reached. The skeleton of a TDT can be specified by a set of rules, which is convenient for automated reasoning in Prolog. We develop a visualization tool that can construct the skeleton of a TDT by taking the rules as input, and allow a user to edit the TDT in a graphical user interface. In a software development life cycle, TDTs can serve as a communication means for different stakeholders to agree on the properties about a system in the requirement analysis phase, and they can be used for deductive reasoning so as to verify whether the system achieves trustworthiness in the product validation phase. We have piloted the approach of using TDTs in more than a dozen real scenarios of software development. Indeed, using TDTs helped us to discover and then resolve some subtle problems.

Many embedded systems have evolved from simple bare-metal control systems to highly complex network-connected systems. These systems increasingly demand rich and feature-full operating-systems (OS) functionalities. Furthermore, the network connectedness offers attack vectors that require stronger security designs. To that end, this paper defines a prototypical RTOS API called Patina that provides services common in featurerich OSes (e.g., Linux) but absent in more trustworthy μ -kernel based systems. Examples of such services include communication channels, timers, event management, and synchronization. Two Patina implementations are presented, one on Composite and the other on seL4, each of which is designed based on the Principle of Least Privilege (PoLP) to increase system security. This paper describes how each of these μ -kernels affect the PoLP based design, as well as discusses security and performance tradeoffs in the two implementations. Results of comprehensive evaluations demonstrate that the performance of the PoLP based implementation of Patina offers comparable or superior performance to Linux, while offering heightened isolation.

This paper emphasizes the implementation of a conditioning circuit specific for an inductive or capacitive sensor. There are some inductive sensors, such as the proximity sensor, for which the inductance is dependent with the distance, or capacitive sensors strongly dependent with the humidity, distance, etc. This category of sensors is suitable for AC domain excitation from the measurement procedure point of view. Taking into consideration the fabrication technology, the measured physical quantity is being encoded as frequency or amplitude. To generate a sinusoidal signal with constant frequency and amplitude, the Colpitts or Hartley oscillators can be used [1], [2]. But the novelty of this paper is a different approach which reveals a microcontroller-based technology where the LC circuit works in an oscillating regime even though there is an underdamped oscillation behavior. For the oscillations’ occurrence, there will be a periodical energy injection using a driving source. One of the main advantages of the mentioned circuit is the small component number. The central unit of the embedded system will fulfil two functions: maintains the oscillating regime and measures the amplitude or frequency of the output signal. In this way, the built embedded system will be robust and easy to use due to its software configuration capabilities. As a plus, such a system can measure additional sensors used in environment parameters’ compensating procedure.

In some single-phase systems, power decoupling is necessary to balance the difference between constant power at load side and double-frequency ripple power at AC side. The application of active power decoupling methods aim to smooth this power oscillatory component, but, in general, these methods require the addition of many semiconductor devices and/or energy storage components, which is not lined up with achieving low cost, high efficiency and high power quality. This paper presents the analysis of a new single-phase rectifier based on zeta topology with power decoupling function and power factor correction using only two active switches and without extra reactive components. Its behavior is based on three stages of operation in a switching period, such that the power oscillating component is stored in one of the inherent zeta inductor. The theoretical foundation that justifies its operation is presented, as well as the simulation and experimental results to validate the applied concepts.

In this paper, we investigated a self-oscillating ring system with variation of the delay time, which demonstrates the phenomenon of laminar chaos. The presence of laminar chaos is demonstrated for various laws of time delay variation - sinusoidal, sawtooth, and triangular. The behavior of coupled systems with laminar chaos and diffusive coupling is investigated. The presence of synchronous behavior is shown.

This paper presents the results of a multifaceted study of the behavior of a novel hydrokinetic energy harvester that utilizes vertical oscillations. Unlike traditional rotating turbines used in hydrokinetic energy, this particular device utilizes the fluid structure interactions of vortex-induced-vibration and gallop. Due to the unique characteristics of this vertical motion, a thorough examination of the proposed system was conducted via a three-pronged approach of simulation, emulation, and field testing. Using a permanent magnet synchronous generator as the electrical power generation source, an electrical power conversion system was simulated, emulated, and tested to achieve appropriate power smoothing for use in microgrid systems present in many Alaskan rural locations.

For systems with order of dynamics higher than two and oscillating loads with low damping, a non-collocation of the sensing and control can deteriorate robustness of the feedback and, in worst case, even bring it to instability. Furthermore, for a contactless sensing of the oscillating mechanical load, like in the system under investigation, the control structure is often restricted to the single proportional feedback only. This paper proposes a novel robust feedback control scheme for a low-damped fourth-order system using solely the measured load displacement. For reference tracking, the loop shaping design relies on a band reject filter, while the plant uncertainties are used as robustness measure for determining the feedback gain. Since prime uncertainties are due to the stiffness of elastic link, correspondingly connecting spring, and due to the gain of actuator transducer, the loop sensitivity function with additive plant variation is used for robustness measure. In order to deal with unknown disturbances, which are inherently exciting the load oscillations independently of the loop shaping performance, an output delay-based compensator is proposed as a second control-degree-of-freedom. That one requires an estimate of the load oscillation frequency only and does not affect the shaped open-loop behavior, correspondingly sensitivity function. An extensive numerical setup of the modeled system, a two-mass oscillator with contactless sensing of the load under gravity and low damping of the connecting spring, is used for the control evaluation and assessment of its robustness.

The electron mobility μ exhibits oscillatory behavior with gate electric field F in an asymmetrically doped double V-shaped AlxGa1-xAs quantum well field effect transistor structure. By changing F, single-double-single subband occupancy of the system is obtained. We show that μ oscillates within double subband occupancy as a function of F near resonance of subband states due to the relocation of subband wave functions between the wells through intersubband effects.

This work demonstrates an ultra-compact low power oscillating micromechanical active pixel array based on a 0.35 μm back-end of line (BEOL)-embedded CMOS-MEMS technology. Each pixel consists of a 3-MHz clamped-clamped beam (CCB) MEMS resonator and a power scalable transimpedance amplifier (TIA) that occupies a small area of 70 × 60 μm2 and draws only 85 μW/pixel. The MEMS resonator is placed next to the TIA with less than 10 μm spacing thanks to the well-defined etch stops in the titanium nitride composite (TiN-C) CMOS-MEMS platform. A multiplexing phase-locked loop (PLL)-driven oscillator is employed to demonstrate the chip functionality. In particular, a nonlinear operation of the resonator tank is used to optimize the phase noise (PN) performance and Allan deviation (ADEV) behavior. The ADEV of 420 ppb averaged over best 3-pixels is exhibited based on such a nonlinear vibration operation.

Experimental implementation of phase-locked loop (PLL) with bandpass filter is proposed. Such PLL is noteworthy for neuron-like dynamics. It generates both regular and chaotic spikes and bursts. Previously proposed hardware implementation of this system has significant disadvantage – absence of excitable (non-oscillating) mode that is vital for brain neurons. The proposed electronic neuron-like generator is modified and could be used for hardware implementation of spiking neural networks.

This research covers the problem related to user behavior and its relationship with the protection of computer assets in terms of confidentiality, integrity, and availability. The main objective was to evaluate the relationship between the dimensions of awareness, compliance and appropriation of the information security culture and the asset protection variable, the ISCA diagnostic instrument was applied, and social engineering techniques were incorporated for this process. The results show the levels of awareness, compliance and appropriation of the university that was considered as a case study, these oscillate between the second and third level of four levels. Similarly, the performance regarding asset protection ranges from low to medium. It was concluded that there is a significant relationship between the variables of the investigation, verifying that of the total types of incidents registered in the study case, approximately 69% are associated with human behavior. As a contribution, an information security culture model was formulated whose main characteristic is a complementary diagnostic process between surveys and social engineering techniques, the model also includes the information security management system, risk management and security incident handling as part of the information security culture ecosystem in an enterprise.

Blockchain technology is the need of an hour for ensuring security and data privacy. However, very limited tools and documentation are available, therefore, the traditional code-centric implementation of Blockchain is challenging for programmers and developers due to inherent complexities. To overcome these challenges, in this article, a novel and efficient framework is proposed that is based on the Model-Driven Architecture. Particularly, a Meta-model (M2 level Ecore Model) is defined that contains the concepts of Blockchain technology. As a part of tool support, a tree editor (developed using Eclipse Modeling Framework) and a Sirius based graphical modeling tool with a drag-drop palette have been provided to allow modeling and visualization of simple and complex Blockchain-based scenarios for security labs in a very user-friendly manner. A Model to Text (M2T) transformation code has also been written using Acceleo language that transforms the modeled scenarios into java code for Blockchain application in the security lab. The validity of the proposed framework has been demonstrated via a case study. The results prove that our framework can be reliably used and further extended for automation and development of Blockchain-based application for security labs with simplicity.

Continuous development of Internet of Things, big data and other emerging technologies has brought new challenges to the reliability of security-critical system products in various industries. Fault detection and evaluation in the early stage of software plays an important role in improving the reliability of software. However, fault prediction and evaluation, which are currently focused on the early stage of software, hardly provide high guidance for actual project development. In this study, a fault diagnosis method based on object-oriented Bayesian network (OOBN) is proposed. Starting from the time dimension and internal logic, a two-dimensional metric fault propagation model is established to calculate the failure rate of each early stage of software respectively, and the fault relationship of each stage is analyzed to find out the key fault units. In particular, it explores and validates the relationship between the failure rate of code phase and the failure caused by faults in requirement analysis stage and design stage in a train control system, to alert the developer strictly accordance with the industry development standards for software requirements analysis, design and coding, so as to reduce potential faults in the early stage. There is evidence that the study plays a crucial role to optimize the cost of software development and avoid catastrophic consequences.

This position paper presents and illustrates the concept of security requirements as code – a novel approach to security requirements specification. The aspiration to minimize code duplication and maximize its reuse has always been driving the evolution of software development approaches. Object-Oriented programming (OOP) takes these approaches to the state in which the resulting code conceptually maps to the problem that the code is supposed to solve. People nowadays start learning to program in the primary school. On the other hand, requirements engineers still heavily rely on natural language based techniques to specify requirements. The key idea of this paper is: artifacts produced by the requirements process should be treated as input to the regular object-oriented analysis. Therefore, the contribution of this paper is the presentation of the major concepts for the security requirements as the code method that is illustrated with a real industry example from the VeriDevOps project.

Large open-source systems generate and operate on a plethora of sensitive enterprise data. Thus, security threats or vulnerabilities must not be present in open-source systems and must be resolved as early as possible in the development phases to avoid catastrophic consequences. One way to recognize security vulnerabilities is to predict them while developers write code to minimize costs and resources. This study examines the effectiveness of machine learning algorithms to predict potential security vulnerabilities by analyzing the source code of a system. We obtained the security vulnerabilities dataset from Apache Tomcat security reports for version 4.x to 10.x. We also collected the source code of Apache Tomcat 4.x to 10.x to compute 43 object-oriented metrics. We assessed four traditional supervised learning algorithms, i.e., Naive Bayes (NB), Decision Tree (DT), K-Nearest Neighbors (KNN), and Logistic Regression (LR), to understand their efficacy in predicting security vulnerabilities. We obtained the highest accuracy of 80.6% using the KNN. Thus, the KNN classifier was demonstrated to be the most effective of all the models we built. The DT classifier also performed well but under-performed when it came to multi-class classification.

Human behavior analysis is the process that consists of activity monitoring and behavior recognition and has become the core component of intelligent applications such as security surveillance and fall detection. Generally, the techniques involved in behavior recognition include sensor and vision-based processing. During the process, the activity information is typically required to ensure a good recognition performance. On the other hand, the privacy issue attracts much attention and requires a limited range of activity monitoring accordingly. We study behavior analysis for such privacy-oriented applications. A local object tracking (LOT) technique based on an infrared sensor array is developed in a limited monitoring range and is further realized to a practical bed-exit system in the clinical test environment. The experimental results show a correct recognition rate of 99% for 6 bedside activities. In addition, 89% of participants in a satisfaction survey agree on its effectiveness.

Information system security is very important and very complicated, security is to prevent potential crisis. To detect both from external invasion behavior, also want to check the internal unauthorized behavior. Presented here ABHIDS hybrid intrusion detection system model, designed a component Agent, controller, storage, filter, manager component (database), puts forward a new detecting DDoS attacks (trinoo) algorithm and the implementation. ABHIDS adopts object-oriented design method, a study on intrusion detection can be used as a working mechanism of the algorithms and test verification platform.

Internet Exchange Points (IXPs) are critical components of the Internet infrastructure that affect its performance, evolution, security and economy. In this work, we introduce a technique to improve the well-known TraIXroute tool with its ability to identify IXPs. TraIXroute is a tool written in python3. It always encounters problems during its installation by network administrators and researchers. This problem remains unchanged in the field of internet ixp measurement tools. Our paper aims to make a critical analysis of TraIXroute tool which has some malfunctions. Furthermore, our main objective is to implement an improved tool for detecting ixps on the traceroute path with ipv4 and ipv6. The tool will have options for Geolocation of ixps as well as ASs. Our tool is written in C\# (C sharp) and python which are object oriented programming languages.

Object-oriented program (OOP) is very popular in these years for its advantages, but the testing method for OOP is still not mature enough. To deal with the problem that it is impossible to generate the probability density function by simply numeralizing a point in the test case caused by the complex structure of the object-oriented test case, we propose the Adaptive Random Testing through Test Profile for Object-Oriented software (ARTTP-OO). It generates a test case at the edge of the input field and calculates the distance between object-oriented test cases using Object and Method Invocation Sequence Similarity (OMISS) metric formula. And the probability density function is generated by the distance to select the test cases, thereby realizing the application of ARTTP algorithm in OOP. The experimental results indicate the proposed ARTTP-OO consumes less time cost without reducing the detection effectiveness.

We propose an automated pipeline for analyzing privacy leaks in Android applications. By using a combination of dynamic and static analysis, we validate the results from each other to improve accuracy. Compare to the state-of-the-art approaches, we not only capture the network traffic for analysis, but also look into the data flows inside the application. We particularly focus on the privacy leakage caused by third-party services and high-risk permissions. The proposed automated approach will combine taint analysis, permission analysis, network traffic analysis, and dynamic function tracing during run-time to identify private information leaks. We further implement an automatic validation and complementation process to reduce false positives. A small-scale experiment has been conducted on 30 Android applications and a large-scale experiment on more than 10,000 Android applications is in progress.