Dynamic real-time risk analytics of uncontrollable states in complex internet of things systems, cyber risk at the edge

The Internet of Things (IoT) triggers new types of cyber risks. Therefore, the integration of new IoT devices and services requires a self-assessment of IoT cyber security posture. By security posture this article refers to the cybersecurity strength of an organisation to predict, prevent and respond to cyberthreats. At present, there is a gap in the state of the art, because there are no self-assessment methods for quantifying IoT cyber risk posture. To address this gap, an empirical analysis is performed of 12 cyber risk assessment approaches. The results and the main findings from the analysis is presented as the current and a target risk state for IoT systems, followed by conclusions and recommendations on a transformation roadmap, describing how IoT systems can achieve the target state with a new goal-oriented dependency model. By target state, we refer to the cyber security target that matches the generic security requirements of an organisation. The research paper studies and adapts four alternatives for IoT risk assessment and identifies the goal-oriented dependency modelling as a dominant approach among the risk assessment models studied. The new goal-oriented dependency model in this article enables the assessment of uncontrollable risk states in complex IoT systems and can be used for a quantitative self-assessment of IoT cyber risk posture

The future of computing beyond Moore's Law.

Moore's Law is a techno-economic model that has enabled the information technology industry to double the performance and functionality of digital electronics roughly every 2 years within a fixed cost, power and area. Advances in silicon lithography have enabled this exponential miniaturization of electronics, but, as transistors reach atomic scale and fabrication costs continue to rise, the classical technological driver that has underpinned Moore's Law for 50 years is failing and is anticipated to flatten by 2025. This article provides an updated view of what a post-exascale system will look like and the challenges ahead, based on our most recent understanding of technology roadmaps. It also discusses the tapering of historical improvements, and how it affects options available to continue scaling of successors to the first exascale machine. Lastly, this article covers the many different opportunities and strategies available to continue computing performance improvements in the absence of historical technology drivers. This article is part of a discussion meeting issue 'Numerical algorithms for high-performance computational science'

Discrete event simulation and virtual reality use in industry: new opportunities and future trends

This paper reviews the area of combined discrete event simulation (DES) and virtual reality (VR) use within industry. While establishing a state of the art for progress in this area, this paper makes the case for VR DES as the vehicle of choice for complex data analysis through interactive simulation models, highlighting both its advantages and current limitations. This paper reviews active research topics such as VR and DES real-time integration, communication protocols, system design considerations, model validation, and applications of VR and DES. While summarizing future research directions for this technology combination, the case is made for smart factory adoption of VR DES as a new platform for scenario testing and decision making. It is put that in order for VR DES to fully meet the visualization requirements of both Industry 4.0 and Industrial Internet visions of digital manufacturing, further research is required in the areas of lower latency image processing, DES delivery as a service, gesture recognition for VR DES interaction, and linkage of DES to real-time data streams and Big Data sets

Designing a framework for data populating alarms based on MITRE techniques

In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

Designing a framework for data populating alarms based on mitre techniques

In this paper we aim to develop a proof of concept framework as a step-by-step process for identifying what type of information and log types a SOC analyst needs to analyze and handle an alarm based on the alarms MITRE technique. To solve this, it was decided that using both theoretical and experimental research methodologies could be advantageous. Hence we first used a Systematic Literature Review to search, screen, and select relevant literature. Followed by the usage of Design Science Research method for conducting the research based upon a theoretical basis, and an experimental process. To develop a framework consisting of an easy to understand and independent step-by-step process. The proof of concept framework introduced in this paper, is an eight step process describing how one may proceed when gathering data needed for automating information gathering based on alarms MITRE techniques. In these eight steps it revolves around three main concepts, which are gathering a theoretical foundation by research and discussion, improving the theoretical foundation by testing and adjusting, and ends with a continuous process of maintaining the constructed automations when used in a production setting. This framework produced accurate results when tested during research, and we believe it should be further explored and tested in a larger scale. Also it should be considered a stepping stone into further automating the whole alarm handling process, from gathering data to response

International business encounters organized crime:the case of trafficking in human beings

With increasing globalization, transnational crime in general, and human trafficking in particular, a design of new legal framework is required in order to effectively operationalize interstate law enforcement operations and prosecutions. The development of a transnational criminal legal framework—or frameworks—can build on pre-existing transnational economic frameworks. There is also the need to extend the application of domestic law beyond national borders to influence transnational corporate behavior. Regulations based on reflexive law are one possible approach. Teubner’s idea of reflexive law has been informing developments in this area. This approach uses traditional national law to inform corporate governance strategies in order to achieve effects on the market. A few jurisdictions have already adopted measures modeled on this approach to tackle human trafficking and slavery-like conditions in global supply chains. Weaknesses in the approaches adopted by the UK and the State of California have already been identified. If strengthened, this approach could be adopted in more jurisdictions—including the EU—and also to combat more areas of transnational crime—such as money laundering. This paper will examine the resulting challenges using human trafficking as a case study