Cybersecurity in Power Grids: Challenges and Opportunities

Increasing volatilities within power transmission and distribution force power grid operators to amplify their use of communication infrastructure to monitor and control their grid. The resulting increase in communication creates a larger attack surface for malicious actors. Indeed, cyber attacks on power grids have already succeeded in causing temporary, large-scale blackouts in the recent past. In this paper, we analyze the communication infrastructure of power grids to derive resulting fundamental challenges of power grids with respect to cybersecurity. Based on these challenges, we identify a broad set of resulting attack vectors and attack scenarios that threaten the security of power grids. To address these challenges, we propose to rely on a defense-in-depth strategy, which encompasses measures for (i) device and application security, (ii) network security, and (iii) physical security, as well as (iv) policies, procedures, and awareness. For each of these categories, we distill and discuss a comprehensive set of state-of-the art approaches, as well as identify further opportunities to strengthen cybersecurity in interconnected power grids

Resource management for cloud functions with memory tracing, profiling and autotuning

Application software provisioning evolved from monolithic designs towards differently designed abstractions including serverless applications. The promise of that abstraction is that developers are free from infrastructural concerns such as instance activation and autoscaling. Today's serverless architectures based on FaaS are however still exposing developers to explicit low-level decisions about the amount of memory to allocate for the respective cloud functions. In many cases, guesswork and ad-hoc decisions determine the values a developer will put into the configuration. We contribute tools to measure the memory consumption of a function in various Docker, OpenFaaS and GCF/GCR configurations over time and to create trace profiles that advanced FaaS engines can use to autotune memory dynamically. Moreover, we explain how pricing forecasts can be performed by connecting these traces with a FaaS characteristics knowledge base

Ciosy:A collaborative blockchain-based insurance system

The insurance industry is heavily dependent on several processes executed among multiple entities, such as insurer, insured, and third-party services. The increasingly competitive environment is pushing insurance companies to use advanced technologies to address multiple challenges, namely lack of trust, lack of transparency, and economic instability. To this end, blockchain is used as an emerging technology that enables transparent and secure data storage and transmission. In this paper, we propose CioSy, a collaborative blockchain-based insurance system for monitoring and processing the insurance transactions. To the best of our knowledge, the existing approaches do not consider collaborative insurance to achieve an automated, transparent, and tamper-proof solution. CioSy aims at automating the insurance policy processing, claim handling, and payment using smart contracts. For validation purposes, an experimental prototype is developed on Ethereum blockchain. Our experimental results show that the proposed approach is both feasible and economical in terms of time and cost

Middleware Solutions for the Internet of Things: A Survey

The Internet of Things (IoT), along with its wider variants including numerous technologies, things, and people: the Internet of Everything (IoE) and the Internet of Nano Things (IoNT), are considered as part of the Internet of the future and ubiquitous computing allowing the communication among billions of smart devices and objects, and have recently drawn a very significant research attention. In these approaches, there are varieties of heterogeneous devices empowered by new capabilities and interacting with each other to achieve specific applications in different domains. A middleware layer is therefore required to abstract the physical layer details of the smart IoT devices and ease the complex and challenging task of developing multiple backend applications. In this chapter, an overview of IoT technologies, architecture, and main applications is given first and then followed by a comprehensive survey on the most recently used and proposed middleware solutions designed for IoT networks. In addition, open issues in IoT middleware design and future works in the field of middleware development are highlighted

Towards an Accountable Web of Personal Information: the Web-of-Receipts

Consent is a corner stone in any Privacy practice or public policy. Much beyond a simple "accept" button, we show in this paper that obtaining and demonstrating valid Consent can be a complex matter since it is a multifaceted problem. This is important for both Organisations and Users. As shown in recent cases, not only cannot an individual prove what they accepted at any point in time, but also organisations are struggling with proving such consent was obtained leading to inefficiencies and non-compliance. To a large extent, this problem has not obtained sufficient visibility and research effort. In this paper, we review the current state of Consent and tie it to a problem of Accountability. We argue for a different approach to how the Web of Personal Information operates: the need of an accountable Web in the form of Personal Data Receipts which are able to protect both individuals and organisation. We call this evolution the Web-of-Receipts: online actions, from registration to real-time usage, is preceded by valid consent and is auditable (for Users) and demonstrable (for Organisations) at any moment by using secure protocols and locally stored artefacts such as Receipts. The key contribution of this paper is to elaborate on this unique perspective, present proof-of-concept results and lay out a research agenda

On Implementing Autonomic Systems with a Serverless Computing Approach: The Case of Self-Partitioning Cloud Caches

The research community has made significant advances towards realizing self-tuning cloud caches; notwithstanding, existing products still require manual expert tuning to maximize performance. Cloud (software) caches are built to swiftly serve requests; thus, avoiding costly functionality additions not directly related to the request-serving control path is critical. We show that serverless computing cloud services can be leveraged to solve the complex optimization problems that arise during self-tuning loops and can be used to optimize cloud caches for free. To illustrate that our approach is feasible and useful, we implement SPREDS (Self-Partitioning REDiS), a modified version of Redis that optimizes memory management in the multi-instance Redis scenario. A cost analysis shows that the serverless computing approach can lead to significant cost savings: The cost of running the controller as a serverless microservice is 0.85% of the cost of the always-on alternative. Through this case study, we make a strong case for implementing the controller of autonomic systems using a serverless computing approach

A mixed-method empirical study of Function-as-a-Service software development in industrial practice

Function-as-a-Service (FaaS) describes cloud computing services that make infrastructure components transparent to application developers, thus falling in the larger group of “serverless” computing models. When using FaaS offerings, such as AWS Lambda, developers provide atomic and short-running code for their functions, and FaaS providers execute and horizontally scale them on-demand. Currently, there is no systematic research on how developers use serverless, what types of applications lend themselves to this model, or what architectural styles and practices FaaS-based applications are based on. We present results from a mixed-method study, combining interviews with practitioners who develop applications and systems that use FaaS, a systematic analysis of grey literature, and a Web-based survey. We find that successfully adopting FaaS requires a different mental model, where systems are primarily constructed by composing pre-existing services, with FaaS often acting as the “glue” that brings these services together. Tooling availability and maturity, especially related to testing and deployment, remains a major difficulty. Further, we find that current FaaS systems lack systematic support for function reuse, and abstractions and programming models for building non-trivial FaaS applications are limited. We conclude with a discussion of implications for FaaS providers, software developers, and researchers

Decision Analytics Using Permissioned Blockchain “Commledger”

The advent of Blockchain has introduced a paradigm shift in the area of Scientific Computing. The decision analytics embodiment in current technology fabric has introduced a need of incorporating Blockchain with industrial technology ecosystem. The utilization of Blockchain has introduced gaps in terms of standard business processes, while the data is being processed using the concept of traditional RDBMS and NoSQL data formats. The lag of permissioned and permissionless Blockchain is the problem area which is dealt with in this doctoral dissertation to provide a Proof of Permission (PoP) protocol for any organization or entity to tailor according to their environmental constraints. There has been a need of an opensource protocol that organizations can customize according to their needs, which is not bound of using only REST interactions. The research presented in this thesis provides such a solution for the industry. The provided propositions are the use of Tiered Asynchronous Locking Algorithm (TALA) to generate a key for securing an Authenticated Data Acceptance Marker (ADAM) block for a permissioned Blockchain Community Ledger (CommLedger)

A mixed-method empirical study of Function-as-a-Service software development in industrial practice

Function-as-a-Service (FaaS) describes cloud computing services that make infrastructure components transparent to application developers, thus falling in the larger group of “serverless” computing mod- els. When using FaaS offerings, such as AWS Lambda, developers provide atomic and short-running code for their functions, and FaaS providers execute and horizontally scale them on-demand. Currently, there is nosystematic research on how developers use serverless, what types of applications lend themselves to this model, or what architectural styles and practices FaaS-based applications are based on. We present results from a mixed-method study, combining interviews with practitioners who develop applications and systems that use FaaS, a systematic analysis of grey literature, and a Web-based survey. We find that successfully adopting FaaS requires a different mental model, where systems are primarily constructed by composing pre-existing services, with FaaS often acting as the “glue” that brings these services to- gether. Tooling availability and maturity, especially related to testing and deployment, remains a major difficulty. Further, we find that current FaaS systems lack systematic support for function reuse, and ab- stractions and programming models for building non-trivial FaaS applications are limited. We conclude with a discussion of implications for FaaS providers, software developers, and researchers

Adaptive Quality of Service Control for MQTT-SN

Internet of Things and wireless sensor networks applications are becoming more and more popular nowadays, supported by new communication technologies and protocols tailored to their specific requirements. This paper focuses on improving the performance of a Wireless Sensor Network operated by the MQTT-SN protocol, one of the most popular publish/subscribe protocols for IoT applications. In particular, we propose a dynamic Quality of Service (QoS) controller for the MQTT-SN protocol, capable of evaluating the status of the underlying network in terms of end-to-end delay and packet error rate, reacting consequently by assigning to a node the best QoS value. We design and implement the QoS controller in a simulated environment based on the ns-3 network emulator and we perform extensive experiments to prove its effectiveness compared to a non-controlled scenario. The reported results show that, by controlling the Quality of Service, it is possible to manage effectively the number of packets successfully received by each device and their average latency, to improve the quality of the communication of each end node