Teaching Concurrent Software Design: A Case Study Using Android

In this article, we explore various parallel and distributed computing topics from a user-centric software engineering perspective. Specifically, in the context of mobile application development, we study the basic building blocks of interactive applications in the form of events, timers, and asynchronous activities, along with related software modeling, architecture, and design topics.Comment: Submitted to CDER NSF/IEEE-TCPP Curriculum Initiative on Parallel and Distributed Computing - Core Topics for Undergraduate

ACFA: Secure Runtime Auditing & Guaranteed Device Healing via Active Control Flow Attestation

Low-end embedded devices are increasingly used in various smart applications and spaces. They are implemented under strict cost and energy budgets, using microcontroller units (MCUs) that lack security features available in general-purpose processors. In this context, Remote Attestation (RA) was proposed as an inexpensive security service to enable a verifier (Vrf) to remotely detect illegal modifications to a software binary installed on a low-end prover MCU (Prv). Since attacks that hijack the software's control flow can evade RA, Control Flow Attestation (CFA) augments RA with information about the exact order in which instructions in the binary are executed, enabling detection of control flow attacks. We observe that current CFA architectures can not guarantee that Vrf ever receives control flow reports in case of attacks. In turn, while they support exploit detection, they provide no means to pinpoint the exploit origin. Furthermore, existing CFA requires either binary instrumentation, incurring significant runtime overhead and code size increase, or relatively expensive hardware support, such as hash engines. In addition, current techniques are neither continuous (only meant to attest self-contained operations) nor active (offer no secure means to remotely remediate detected compromises). To jointly address these challenges, we propose ACFA: a hybrid (hardware/software) architecture for Active CFA. ACFA enables continuous monitoring of all control flow transfers in the MCU and does not require binary instrumentation. It also leverages the recently proposed concept of Active Roots-of-Trust to enable secure auditing of vulnerability sources and guaranteed remediation when a compromise is detected. We provide an open-source reference implementation of ACFA on top of a commodity low-end MCU (TI MSP430) and evaluate it to demonstrate its security and cost-effectiveness

Towards Aggregating Time-Discounted Information in Sensor Networks

Sensor networks are deployed to monitor a seemingly endless list of events in a multitude of application domains. Through data collection and aggregation enhanced with data mining and machine learning techniques, many static and dynamic patterns can be found by sensor networks. The aggregation problem is complicated by the fact that the perceived value of the data collected by the sensors is affected by many factors such as time, location and user valuation. In addition, the value of information deteriorates often dramatically over time. Through our research, we already achieved some results: A formal algebraic analysis of information discounting, especially affected by time. A general model and two specific models are developed for information discounting. The two specific models formalize exponetial time-discount and linear time-discount. An algebraic analysis of aggregation of values that decay with time exponentially. Three types of aggregators that offset discounting effects are formalized and analyzed. A natural synthesis of these three aggregators is discovered and modeled. We apply our theoretical models to emergency response with thresholding and confirm with extensive simulation. For long-term monitoring tasks, we laid out a theoretical foundation for discovering an emergency through generations of sensors, analysed the achievability of a long-term task and found an optimum way to distribute sensors in a monitored area to maximize the achievability. We proposed an implementation for our alert system with state-of-art wireless microcontrollers, sensors, real-time operating systems and embedded internet protocols. By allowing aggregation of time-discounted information to proceed in an arbitrary, not necessarily pairwise manner, our results are also applicable to other similar homeland security and military application domains where there is a strong need to model not only timely aggregation of data collected by individual sensors, but also the dynamics of this aggregation. Our research can be applied to many real-world scenarios. A typical scenario is monitoring wildfire in the forest: A batch of first-generation sensors are deployed by UAVs to monitor a forest for possible wildfire. They monitor various weather quantities and recognize the area with the highest possibility of producing a fire --- the so-called area of interest (AoI). Since the environment changes dynamically, so after a certain time, the sensors re-identify the AoI. The value of the knowledge they learned about the previous AoI decays with time quickly, our methods of aggregation of time-discounted information can be applied to get update knowledge. Close to depletion of their energy of the current generation of sensors, a new generation of sensors are deployed and inherit the knowledge from the current generation. Through this way, monitoring long-term tasks becomes feasible. At the end of this thesis, we propose some extensions and directions from our current research: Generalize and extend the special classes of Type 1 and Type 2 aggregation operators; Analyze aggregation operator of Type 3 and Type 4, find some special applicable candidates; Data aggregation across consecutive generations of sensors in order to learn about events with discounting that take a long time to manifest themselves; Network implications of various aggregation strategies; Algorithms for implementation of some special classes of aggregators. Implement wireless sensor network that can autonomously learn and recognize patterns of emergencies, predict incidents and trigger alarms through machine learning

Dynamic Virtual Network Reconfiguration Over SDN Orchestrated Multitechnology Optical Transport Domains

Network virtualization is an emerging technique that enables multiple tenants to share an underlying physical infrastructure, isolating the traffic running over different virtual infrastructures/tenants. This technique aims to improve network utilization, while reducing the complexities in terms of network management for operators. Applied to this context, software defined networking (SDN) paradigm can ease network configurations by enabling network programmability and automation, which reduces the amount of operations required from both service and infrastructure providers. SDN techniques are decreasing vendor lock-in issues due to specific configuration methods or protocols. Application-based Network Operations (ABNO) is a toolbox of key network functional components with the goal of offering application-driven network management. Service provisioning using ABNO may involve direct configuration of data plane elements or delegate it to several control plane modules. We validate the applicability of ABNO to multi-tenant virtual networks in multi-technology optical domains based on two scenarios, in which multiple control plane instances are orchestrated by the architecture. Congestion Detection and Failure Recovery, are chosen to demonstrate fast recalculation and reconfiguration, while hiding the configurations in the physical layer from the upper layer.Grant numbers : supported by the Spanish Ministry of Economy and Competitiveness through the project FARO (TEC2012-38119)

PLC Code Vulnerabilities Through SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems are widely used in automated manufacturing and in all areas of our nation\u27s infrastructure. Applications range from chemical processes and water treatment facilities to oil and gas production and electric power generation and distribution. Current research on SCADA system security focuses on the primary SCADA components and targets network centric attacks. Security risks via attacks against the peripheral devices such as the Programmable Logic Controllers (PLCs) have not been sufficiently addressed. Our research results address the need to develop PLC applications that are correct, safe and secure. This research provides an analysis of software safety and security threats. We develop countermeasures that are compatible with the existing PLC technologies. We study both intentional and unintentional software errors and propose methods to prevent them. The main contributions of this dissertation are: 1). Develop a taxonomy of software errors and attacks in ladder logic 2). Model ladder logic vulnerabilities 3). Develop security design patterns to avoid software vulnerabilities and incorrect practices 4). Implement a proof of concept static analysis tool which detects the vulnerabilities in the PLC code and recommend corresponding design patterns

FTT-Ethernet: A Flexible Real-Time Communication Protocol that Supports Dynamic QoS Management on Ethernet-based Systems

Ethernet was not originally developed to meet the requirements of real-time industrial automation systems and it was commonly considered unsuited for applications at the field level. Hence, several techniques were developed to make this protocol exhibit real-time behavior, some of them requiring specialized hardware, others providing soft-real-time guarantees only, or others achieving hard real-time guarantees with different levels of bandwidth efficiency. More recently, there has been an effort to support quality-of-service (QoS) negotiation and enforcement but there is not yet an Ethernet-based data link protocol capable of providing dynamic QoS management to further exploit the variable requirements of dynamic applications. This paper presents the FTT-Ethernet protocol, which efficiently supports hard-real-time operation in a flexible way, seamlessly over shared or switched Ethernet. The FTT-Ethernet protocol employs an efficient master/multislave transmission control technique and combines online scheduling with online admission control, to guarantee continued real-time operation under dynamic communication requirements, together with data structures and mechanisms that are tailored to support dynamic QoS management. The paper includes a sample application, aiming at the management of video streams, which highlights the protocol’s ability to support dynamic QoS management with real-time guarantees

Integrated Systems Health Management as an Enabler for Condition Based Maintenance and Autonomic Logistics

Health monitoring systems have demonstrated the ability to detect potential failures in components and predict how long until a critical failure is likely to occur. Implementing these systems on fielded structures, aircraft, or other vehicles is often a struggle to prove cost savings or operational improvements beyond improved safety. A system architecture to identify how the health monitoring systems are integrated into fielded aircraft is developed to assess cost, operations, maintenance, and logistics trade-spaces. The efficiency of a health monitoring system is examined for impacts to the operation of a squadron of cargo aircraft revealing sensitivity to and tolerance for false alarms as a key factor in total system performance. The research focuses on the impacts of system-wide changes to several key metrics: materiel availability, materiel reliability, ownership cost, and mean downtime. Changes to theses system-wide variables include: diagnostic and prognostic error, false alarm sensitivity, supply methods and timing, maintenance manning, and maintenance repair window. Potential cost savings in maintenance and logistics processes are identified as well as increases in operational availability. The result of this research is the development of a tool to conduct trade-space analyses on the effects of health monitoring techniques on system performance and operations and maintenance costs

Digital provenance - models, systems, and applications

Data provenance refers to the history of creation and manipulation of a data object and is being widely used in various application domains including scientific experiments, grid computing, file and storage system, streaming data etc. However, existing provenance systems operate at a single layer of abstraction (workflow/process/OS) at which they record and store provenance whereas the provenance captured from different layers provide the highest benefit when integrated through a unified provenance framework. To build such a framework, a comprehensive provenance model able to represent the provenance of data objects with various semantics and granularity is the first step. In this thesis, we propose a such a comprehensive provenance model and present an abstract schema of the model. ^ We further explore the secure provenance solutions for distributed systems, namely streaming data, wireless sensor networks (WSNs) and virtualized environments. We design a customizable file provenance system with an application to the provenance infrastructure for virtualized environments. The system supports automatic collection and management of file provenance metadata, characterized by our provenance model. Based on the proposed provenance framework, we devise a mechanism for detecting data exfiltration attack in a file system. We then move to the direction of secure provenance communication in streaming environment and propose two secure provenance schemes focusing on WSNs. The basic provenance scheme is extended in order to detect packet dropping adversaries on the data flow path over a period of time. We also consider the issue of attack recovery and present an extensive incident response and prevention system specifically designed for WSNs