Biblio

Due to the computing capability limitation of the Internet of things devices in the perception layer, the traditional security solutions are difficult to be used directly. How to design a new lightweight, secure and reliable protocol suitable for the Internet of Things application environment, and realize the secure transmission of information among many sensing checkpoints is an urgent problem to be solved. In this paper, we propose a decentralized lightweight authentication key protocol based on the combination of public key and trusted computing technology, which is used to establish secure communication between nodes in the perception layer. The various attacks that the protocol may suffer are analyzed, and the formal analysis method is used to verify the security of the protocol. To verify the validity of the protocol, the computation and communication cost of the protocol are compared with the existing key protocols. And the results show that the protocol achieved the promised performance.

Combinatorial designs are powerful structures for key management in wireless sensor networks to address good connectivity and also security against external attacks in large scale networks. Symmetric key foundation is the most appropriate model for secure exchanges in WSNs among the ideal models. The core objective is to enhance and evaluate certain issues like attack on the nodes, to provide better key strength, better connectivity, security in interaction among the nodes. The keys distributed by the base station to cluster head are generated using Symmetric Balanced Incomplete Block Design (SBIBD). The keys distributed by cluster head to its member nodes are generated using Symmetric Balanced Incomplete Block Design (SBIBD) and Keys are refreshed periodically to avoid stale entries. Compromised sensor nodes can be used to insert false reports (spurious reports) in wireless sensor networks. The idea of interaction between the sensor nodes utilizing keys and building up a protected association helps in making sure the network is secure. Compared with similar existing schemes, our approach can provide better security.

The circulating current in the D-winding may cause primary current waveform distortion, and the reliability of the restraint criterion based on the typical magnetizing inrush current characteristics will be affected. The magnetizing inrush current with typical characteristics is the sum of primary current and circulating current. Using the circulating current to compensate the primary current can improve the reliability of the differential protection. When the phase is not saturated, the magnetizing inrush current is about zero. Therefore, the primary current of unsaturated phase can be replaced by the opposite of the circulating current. Based on this, an engineering practical calculation method for circulating current is proposed. In the method, the segmented primary currents are used to replace the circulating current. Phasor analysis is used to demonstrate the application effect of this method when remanence coefficients are different. The method is simple and practical, and has strong applicability and high reliability. Simulation and recorded waveforms have verified the effectiveness of the method.

The behavior of the Current Transformer (CTs) is of utmost importance for protection engineers to ensure reliable operation of power system. CT magnetic saturation is a well-known phenomenon when analyzing its performance characteristics. Nevertheless, transient conditions in the system might be different every time. A good understanding of the magnetic saturation of different CT designs and the effect of saturation on the protection schemes is imperative for developing a robust and dependable protection system. In this paper, various factors that affect CT saturation like X/R ratio, large current magnitudes, DC offset, burden and magnetization remanence are discussed. Analysis of CT saturation based on changes to burden and remanence is performed. In addition to that, the effect of saturation due to these factors on distance protection are presented with test results and analysis. Saturation conditions are analyzed on mho distance elements during phase to ground and three phase faults. Finally, a practical approach to efficiently test the performance of protection schemes under CT saturation conditions is proposed using COMTRADE play back. COMTRADE play back files for various scenarios of CT saturation conditions are generated and used for testing the performance of the protection scheme.

Machine learning (ML) models are now a key component for many applications. However, machine learning based systems (MLBSs), those systems that incorporate them, have proven vulnerable to various new attacks as a result. Currently, there exists no systematic process for eliciting security requirements for MLBSs that incorporates the identification of adversarial machine learning (AML) threats with those of a traditional non-MLBS. In this research study, we explore the applicability of traditional threat modeling and existing attack libraries in addressing MLBS security in the requirements phase. Using an example MLBS, we examined the applicability of 1) DFD and STRIDE in enumerating AML threats; 2) Microsoft SDL AI/ML Bug Bar in ranking the impact of the identified threats; and 3) the Microsoft AML attack library in eliciting threat mitigations to MLBSs. Such a method has the potential to assist team members, even with only domain specific knowledge, to collaboratively mitigate MLBS threats.

True Random number Generator (TRNG) is critical for secure communications. In this work, we explain in details regarding our recent solution on TRNG using random telegraph noise (RTN) including the benefits and the disadvantages. Security check is performed using the NIST randomness tests for both the RTN-based TRNG and various conventional pseudo random umber generator. The newly-proposed design shows excellent randomness, power consumption, low design complexity, small area and high speed, making it a suitable candidate for future cryptographically secured applications within the internet of things.

The Internet Transport Protocol (ITP) is introduced to support reliable end-to-end transport services in the IP Internet without the need for end-to-end connections, changes to the Internet routing infrastructure, or modifications to name-resolution services. Results from simulation experiments show that ITP outperforms the Transmission Control Protocol (TCP) and the Named Data Networking (NDN) architecture, which requires replacing the Internet Protocol (IP). In addition, ITP allows transparent content caching while enforcing privacy.

In a world with computation at the epicenter of every activity, computing systems must be highly resilient to errors even if miniaturization makes the underlying hardware unreliable. Techniques able to guarantee high reliability are associated to high costs. Early resilience analysis has the potential to support informed design decisions to maximize system-level reliability while minimizing the associated costs. This tutorial focuses on early cross-layer (hardware and software) resilience analysis considering the full computing continuum (from IoT/CPS to HPC applications) with emphasis on soft errors.

This paper proposes a method that offers much higher security for Iseki's fully homomorphic encryption (FHE), a recently proposed secure computation scheme. The key idea is re-encrypting already encrypted data. This second encryption is executed using new common keys, whereby two or more encryptions offer much stronger security.

The current evaluation of API recommendation systems mainly focuses on correctness, which is calculated through matching results with ground-truth APIs. However, this measurement may be affected if there exist more than one APIs in a result. In practice, some APIs are used to implement basic functionalities (e.g., print and log generation). These APIs can be invoked everywhere, and they may contribute less than functionally related APIs to the given requirements in recommendation. To study the impacts of correct-but-useless APIs, we use utility to measure them. Our study is conducted on more than 5,000 matched results generated by two specification-based API recommendation techniques. The results show that the matched APIs are heavily overlapped, 10% APIs compose more than 80% matched results. The selected 10% APIs are all correct, but few of them are used to implement the required functionality. We further propose a heuristic approach to measure the utility and conduct an online evaluation with 15 developers. Their reports confirm that the matched results with higher utility score usually have more efforts on programming than the lower ones.

Congestion diffusion resulting from the coupling by resource competing is a kind of typical failure propagation in network systems. The existing models of failure propagation mainly focused on the coupling by direct physical connection between nodes, the most efficiency path, or dependence group, while the coupling by resource competing is ignored. In this paper, a model of network congestion diffusion with resource competing is proposed. With the analysis of the similarities to resource competing in biomolecular network, the model describing the dynamic changing process of biomolecule concentration based on titration mechanism provides reference for our model. Then the innovation on titration mechanism is proposed to describe the dynamic changing process of link load in networks, and a novel congestion model is proposed. By this model, the global congestion can be evaluated. Simulations show that network congestion with resource competing can be obtained from our model.

The increasing demand and the use of mobile ad hoc network (MANET) in recent days have attracted the attention of researchers towards pursuing active research work largely related to security attacks in MANET. Gray hole attack is one of the most common security attacks observed in MANET. The paper focuses on gray hole attack analysis in Ad hoc on demand distance vector(AODV) routing protocol based MANET with reliability as a metric. Simulation is performed using ns-2.35 simulation software under varying number of network nodes and varying number of gray hole nodes. Results of simulation indicates that increasing the number of gray hole node in the MANET will decrease the reliability of MANET.

A significant number of the generation, transmission and distribution facilities in the North America were designed and configured for serving electric loads and economic activities under certain reliability and resiliency requirements over 30 years ago. With the changing generation mix, the electric grid is tasked to deliver electricity made by fuel uncertain and energy limited resources. How adequate are the existing facilities to meet the industry expectations on reliability? What level of grid resiliency should be designed and built to sustain reliable electric services given the increasing exposure to frequent and lasting severe weather conditions? There is a need to review the modeling assumptions, operating and maintenance records before we can answer these questions.

This Since the past century, the digital design industry has performed an outstanding role in the development of electronics. Hence, a great variety of designs are developed daily, these designs must be submitted to high standards of verification in order to ensure the 100% of reliability and the achievement of all design requirements. The Universal Verification Methodology (UVM) is the current standard at the industry for the verification process due to its reusability, scalability, time-efficiency and feasibility of handling high-level designs. This research proposes a functional verification framework using UVM for an AES encryption module based on a very detailed and robust verification plan. This document describes the complete verification process as done in the industry for a popular module used in information-security applications in the field of cryptography, defining the basis for future projects. The overall results show the achievement of the high verification standards required in industry applications and highlight the advantages of UVM against System Verilog-based functional verification and direct verification methodologies previously developed for the AES module.

There are only a few visualisations targeting the communication of trust statements. Even though there are some advanced and scientifically founded visualisations-like, for example, the opinion triangle, the human trust interface, and T-Viz-the stars interface known from e-commerce platforms is by far the most common one. In this paper, we propose two trust visualisations based on T-Viz, which was recently proposed and successfully evaluated in large user studies. Despite being the most promising proposal, its design is not primarily based on findings from human-computer interaction or cognitive psychology. Our visualisations aim to integrate such findings and to potentially improve decision making in terms of correctness and efficiency. A large user study reveals that our proposed visualisations outperform T-Viz in these factors.

Security cases-which document the rationale for believing that a system is adequately secure-have not been sufficiently used for a lack of practical construction method. This paper presents a hierarchical software security case development method to address this issue. We present a security concept relationship model first, then come up with a hierarchical asset-threat-control measure argument strategy, together with the consideration of an asset classification and threat classification for software security case. Lastly, we propose 11 software security case patterns and illustrate one of them.

Today's control systems such as smart environments have the ability to adapt to their environment in order to achieve a set of objectives (e.g., comfort, security and energy savings). This is done by changing their behaviour upon the occurrence of specific events. Building such a system requires to design and implement autonomic loops that collect events and measurements, make decisions and execute the corresponding actions.The design and the implementation of such loops are made difficult by several factors: the complexity of systems with multiple objectives, the risk of conflicting decisions between multiple loops, the inconsistencies that can result from communication errors and hardware failures and the heterogeneity of the devices.In this paper, we propose a design framework for reliable and self-adaptive systems, where multiple autonomic loops can be composed into complex managers, and we consider its application to smart environments. We build upon the proposed framework a generic autonomic loop which combines an automata-based controller that makes correct and coherent decisions, a transactional execution mechanism that avoids inconsistencies, and an abstraction layer that hides the heterogeneity of the devices.We propose patterns for composition of such loops, in parallel, coordinated, and hierarchically, with benefits from the leveraging of automata-based modular constructs, that provides for guarantees on the correct behaviour of the controlled system. We implement our framework with the transactional middleware LINC, the reactive language Heptagon/BZR and the abstraction framework PUTUTU. A case study in the field of building automation is presented to illustrate the proposed framework.

The recent trend of mobile ad hoc network increases the ability and impregnability of communication between the mobile nodes. Mobile ad Hoc networks are completely free from pre-existing infrastructure or authentication point so that all the present mobile nodes which are want to communicate with each other immediately form the topology and initiates the request for data packets to send or receive. For the security perspective, communication between mobile nodes via wireless links make these networks more susceptible to internal or external attacks because any one can join and move the network at any time. In general, Packet dropping attack through the malicious node (s) is one of the possible attack in the mobile ad hoc network. This paper emphasized to develop an intrusion detection system using fuzzy Logic to detect the packet dropping attack from the mobile ad hoc networks and also remove the malicious nodes in order to save the resources of mobile nodes. For the implementation point of view Qualnet simulator 6.1 and Mamdani fuzzy inference system are used to analyze the results. Simulation results show that our system is more capable to detect the dropping attacks with high positive rate and low false positive.