Towards a Secure Smart Grid Storage Communications Gateway

This research in progress paper describes the role of cyber security measures undertaken in an ICT system for integrating electric storage technologies into the grid. To do so, it defines security requirements for a communications gateway and gives detailed information and hands-on configuration advice on node and communication line security, data storage, coping with backend M2M communications protocols and examines privacy issues. The presented research paves the road for developing secure smart energy communications devices that allow enhancing energy efficiency. The described measures are implemented in an actual gateway device within the HORIZON 2020 project STORY, which aims at developing new ways to use storage and demonstrating these on six different demonstration sites.Comment: 6 pages, 2 figure

Platform Architecture for the Diagram Assessment Domain

Using e-learning and e-assessment environments in higher education bears considerable potential for both students and teachers. In this contribution we present an architecture for a comprehensive e-assessment platform for the modeling domain. The platform – currently developed in the KEA-Mod project – features a micro-service architecture and is based on different inter-operable components. Based on this idea, the KEA-Mod platform will provide e-assessment capabilities for various graph-based modeling languages such as Unified Modeling Language (UML), EntityRelationship diagrams (ERD), Petri Nets, Event-driven Process Chains (EPC) and the Business Process Model and Notation (BPMN) and their respective diagram types

Big Data Management Towards Impact Assessment of Level 3 Automated Driving Functions

As industrial research in automated driving is rapidly advancing, it is of paramount importance to analyze field data from extensive road tests. This thesis presents a research work done in L3Pilot, the first comprehensive test of automated driving functions (ADFs) on public roads in Europe. L3Pilot is now completing the test of ADFs in vehicles by 13 companies. The tested functions are mainly of Society of Automotive Engineers (SAE) automation level 3, some of level 4. The overall collaboration among several organizations led to the design and development of a toolchain aimed at processing and managing experimental data sharable among all the vehicle manufacturers to answer a set of 100+ research questions (RQs) about the evaluation of ADFs at various levels, from technical system functioning to overall impact assessment. The toolchain was designed to support a coherent, robust workflow based on Field opErational teSt supporT Action (FESTA), a well-established reference methodology for automotive piloting. Key challenges included ensuring methodological soundness and data validity while protecting the vehicle manufacturers\u2019 intellectual property. Through this toolchain, the project set up what could become a reference architecture for managing research data in automated vehicle tests. In the first step of the workflow, the methodology partners captured the quantitative requirements of each RQ in terms of the relevant data needed from the tests. L3Pilot did not intend to share the original vehicular signal timeseries, both for confidentiality reasons and for the enormous amount of data that would have been shared. As the factual basis for quantitatively answering the RQs, a set of performance indicators (PIs) was defined. The source vehicular signals were translated from their proprietary format into the common data format (CDF), which was defined by L3Pilot to support efficient processing through multiple partners\u2019 tools, and data quality checking. The subsequent vi performance indicator (PI) computation step consists in synthesizing the vehicular time series into statistical syntheses to be stored in the project-shared database, namely the Consolidated Database (CDB). Computation of the PIs is segmented based on experimental condition, road type and driving scenarios, as required to answer the RQs. The supported analysis concerns both objective data, from vehicular sensors, and subjective data from user (test drivers and passengers) questionnaires. The overall L3Pilot toolchain allowed setting up a data management process involving several partners (vehicle manufacturers, research institutions, suppliers, and developers), with different perspectives and requirements. The system was deployed and used by all the relevant partners in the pilot sites. The experience highlights the importance of the reference methodology to theoretically inform and coherently manage all the steps of the project and the need for effective and efficient tools, to support the everyday work of all the involved research teams, from vehicle manufacturers to data analysts

Weaponizing the GDPR: How Flawed Implementations Turn the Gold Standard for Privacy Laws into Fool\u27s Gold

Despite its ambitious goals of protecting personal data and generally being well-received, the General Data Protection Regulation (GDPR) can be exploited for identity theft by weaponizing subject access requests (SARs). To understand this threat and investigate the impact of victims’ privacy awareness and public exposure on its effectiveness, we selected three victims – highly privacy aware person, average user, and semipublic figure – and tasked six realistic attackers with stealing their personal data. Based on 718 submitted SARs, we provide novel insights from a realistic case study of a law being weaponized and advance the understanding of GDPR-based identity theft by demonstrating its practical viability. Further, we derive patterns from common flaws observed in SAR handling processes, and explore threat mitigation options for individuals, organizations, and lawmakers. Generalizing our findings, we uncover approaches for cybersecurity researchers to probe further laws for flaws

HOW DO ENTREPRENEURIAL FIRMS APPROPRIATE VALUE IN BIO DATA INFRASTRUCTURES: AN EXPLORATORY QUALITATIVE STUDY

Recent technological advances such as in genome sequencing have exploded bio data infra-structures including those that comprise of generic - anonymized or pseudonymized - data. As open data, the bio data infrastructures do not constrain the final application context for their data. Rather it is up to complementors, taking the role of digital entrepreneurs, to appropriate value from this data through their revenue streams while at the same time scaling their opera-tions and ventures. We undertake a qualitative explorative study of bio data ventures examining the tension of applying open generic genome data to specific contexts for customers while being able to scale their businesses. The study uses primary data from 26 interviews and secondary data to reveal six strategies that complementors use for value appropriation. We derive three mechanisms of appropriating value at different stages of the value chain for bio data analysis on open data infrastructures: data contextualizing, data decontextualizing, and data recontex-tualizing. The study sheds light to how bio data – which has received limited attention in infor-mation systems research – can be an important source of value appropriation in digital ecosys-tems