8,553 research outputs found
Recommended from our members
Novel processes for smart grid information exchange and knowledge representation using the IEC common information model
This thesis was submitted for the degree of Doctor of Philosophy and awarded by Brunel University.The IEC Common Information Model (CIM) is of central importance in enabling smart grid interoperability. Its continual development aims to meet the needs of the smart grid for semantic understanding and knowledge
representation for a widening domain of resources and processes. With smart grid evolution the importance of information and data management has become an increasingly pressing issue not only because far more data is being generated using modern sensing, control and measuring devices but
also because information is now becoming recognised as the âintegral componentâ that facilitates the optimal flexibility required of the smart grid. This thesis looks at the impacts of CIM implementation upon the landscape of smart grid issues and presents research from within National Grid
contributing to three key areas in support of further CIM deployment. Taking the issue of Enterprise Information Management first, an information management framework is presented for CIM deployment at National Grid. Following this the development and demonstration of a novel secure cloud
computing platform to handle such information is described. Power system application (PSA) models of the grid are partial knowledge representations of a shared reality. To develop the completeness of our understanding of this reality it is necessary to combine these representations.
The second research contribution reports on a novel methodology for a CIM-based
model repository to align PSA representations and provide a
knowledge resource for building utility business intelligence of the grid.
The third contribution addresses the need for greater integration of information relating to energy storage, an essential aspect of smart energy management. It presents the strategic rationale for integrated energy modeling and a novel extension to the existing CIM standards for modeling grid-scale energy storage. Significantly, this work has already contributed to a larger body of work on modeling Distributed Energy Resources currently under development at the Electric Power Research Institute (EPRI) in the
USA.Dr. Martin Bradley on behalf of National Grid Plc. and the Engineering and Physical
Sciences Research Council (EPSRC
NEGOSEIO: framework for the sustainability of model-oriented enterprise interoperability
Dissertation to obtain the degree of Doctor of Philosophy in Electrical and Computer Engineering(Industrial Information Systems)This dissertation tackles the problematic of Enterprise Interoperability in the current globally connected world. The evolution of the Information and Communication Technologies has endorsed the establishment of fast, secure and robust data exchanges, promoting the development of networked solutions. This allowed the specialisation of enterprises (particularly SMEs) and favoured the development of complex and heterogeneous provider systems. Enterprises are abandoning their self-centrism and working together on the development of more complete solutions. Entire business solutions are built integrating several enterprises (e.g., in supply chains, enterprise nesting) towards a common objective. Additionally, technologies, platforms, trends, standards and regulations keep evolving and demanding enterprises compliance. This evolution needs to be continuous, and is naturally followed by a constant update of each networked enterpriseâs interfaces, assets, methods and processes. This unstable environment of perpetual change is causing major concerns in both SMEs and customers as the current interoperability grounds are frail, easily leading to periods of downtime, where business is not possible. The pressure to restore interoperability rapidly often leads to patching and to the adoption of immature solutions, contributing to deteriorate even more the interoperable environment. This dissertation proposes the adoption of NEGOSEIO, a framework that tackles interoperability issues by developing strong model-based knowledge assets and promoting continuous improvement and adaptation for increasing the sustainability of interoperability on enterprise systems. It presents the research motivations and the developed frameworkâs main blocks, which include model-based knowledge management, collaboration service-oriented architectures implemented over a cloud-based solution, and focusing particularly on its negotiation core mechanism to handle inconsistencies and solutions for the detected interoperability problems. It concludes by validating the research and the proposed framework, presenting its application in a real business case of aerospace mission design on the European Space Agency (ESA).FP7 ENSEMBLE, UNITE, MSEE and IMAGINE project
Security Management Framework for the Internet of Things
The increase in the design and development of wireless communication technologies
offers multiple opportunities for the management and control of cyber-physical systems
with connections between smart and autonomous devices, which provide the delivery
of simplified data through the use of cloud computing. Given this relationship with the
Internet of Things (IoT), it established the concept of pervasive computing that allows
any object to communicate with services, sensors, people, and objects without human
intervention. However, the rapid growth of connectivity with smart applications through
autonomous systems connected to the internet has allowed the exposure of numerous
vulnerabilities in IoT systems by malicious users.
This dissertation developed a novel ontology-based cybersecurity framework to
improve security in IoT systems using an ontological analysis to adapt appropriate
security services addressed to threats. The composition of this proposal explores
two approaches: (1) design time, which offers a dynamic method to build security
services through the application of a methodology directed to models considering
existing business processes; and (2) execution time, which involves monitoring the IoT
environment, classifying vulnerabilities and threats, and acting in the environment,
ensuring the correct adaptation of existing services.
The validation approach was used to demonstrate the feasibility of implementing the
proposed cybersecurity framework. It implies the evaluation of the ontology to offer
a qualitative evaluation based on the analysis of several criteria and also a proof of
concept implemented and tested using specific industrial scenarios. This dissertation
has been verified by adopting a methodology that follows the acceptance in the research
community through technical validation in the application of the concept in an industrial
setting.O aumento no projeto e desenvolvimento de tecnologias de comunicação sem fio oferece
mĂșltiplas oportunidades para a gestĂŁo e controle de sistemas ciber-fĂsicos com conexĂ”es
entre dispositivos inteligentes e autĂŽnomos, os quais proporcionam a entrega de dados
simplificados através do uso da computação em nuvem. Diante dessa relação com
a Internet das Coisas (IoT) estabeleceu-se o conceito de computação pervasiva que
permite que qualquer objeto possa comunicar com os serviços, sensores, pessoas e objetos
sem intervenção humana. Entretanto, o råpido crescimento da conectividade com as
aplicaçÔes inteligentes através de sistemas autÎnomos conectados com a internet permitiu
a exposição de inĂșmeras vulnerabilidades dos sistemas IoT para usuĂĄrios maliciosos.
Esta dissertação desenvolveu um novo framework de cibersegurança baseada em
ontologia para melhorar a segurança em sistemas IoT usando uma anålise ontológica
para a adaptação de serviços de segurança apropriados endereçados para as ameaças. A
composição dessa proposta explora duas abordagens: (1) tempo de projeto, o qual oferece
um método dinùmico para construir serviços de segurança através da aplicação de uma
metodologia dirigida a modelos, considerando processos empresariais existentes; e (2)
tempo de execução, o qual envolve o monitoramento do ambiente IoT, a classificação de
vulnerabilidades e ameaças, e a atuação no ambiente garantindo a correta adaptação dos
serviços existentes.
Duas abordagens de validação foram utilizadas para demonstrar a viabilidade da
implementação do framework de cibersegurança proposto. Isto implica na avaliação da
ontologia para oferecer uma avaliação qualitativa baseada na anålise de diversos critérios
e tambĂ©m uma prova de conceito implementada e testada usando cenĂĄrios especĂficos.
Esta dissertação foi validada adotando uma metodologia que segue a validação na
comunidade cientĂfica atravĂ©s da validação tĂ©cnica na aplicação do nosso conceito em
um cenĂĄrio industrial
Framework for Security Transparency in Cloud Computing
The migration of sensitive data and applications from the on-premise data centre to a cloud environment increases cyber risks to users, mainly because the cloud environment is managed and maintained by a third-party. In particular, the partial surrender of sensitive data and application to a cloud environment creates numerous concerns that are related to a lack of security transparency. Security transparency involves the disclosure of information by cloud service providers about the security measures being put in place to protect assets and meet the expectations of customers. It establishes trust in service relationship between cloud service providers and customers, and without evidence of continuous transparency, trust and confidence are affected and are likely to hinder extensive usage of cloud services. Also, insufficient security transparency is considered as an added level of risk and increases the difficulty of demonstrating conformance to customer requirements and ensuring that the cloud service providers adequately implement security obligations.
The research community have acknowledged the pressing need to address security transparency concerns, and although technical aspects for ensuring security and privacy have been researched widely, the focus on security transparency is still scarce. The relatively few literature mostly approach the issue of security transparency from cloud providersâ perspective, while other works have contributed feasible techniques for comparison and selection of cloud service providers using metrics such as transparency and trustworthiness. However, there is still a shortage of research that focuses on improving security transparency from cloud usersâ point of view. In particular, there is still a gap in the literature that (i) dissects security transparency from the lens of conceptual knowledge up to implementation from organizational and technical perspectives and; (ii) support continuous transparency by enabling the vetting and probing of cloud service providersâ conformity to specific customer requirements. The significant growth in moving business to the cloud â due to its scalability and perceived effectiveness â underlines the dire need for research in this area.
This thesis presents a framework that comprises the core conceptual elements that constitute security transparency in cloud computing. It contributes to the knowledge domain of security transparency in cloud computing by proposing the following. Firstly, the research analyses the basics of cloud security transparency by exploring the notion and foundational concepts that constitute security transparency. Secondly, it proposes a framework which integrates various concepts from requirement engineering domain and an accompanying process that could be followed to implement the framework. The framework and its process provide an essential set of conceptual ideas, activities and steps that can be followed at an organizational level to attain security transparency, which are based on the principles of industry standards and best practices. Thirdly, for ensuring continuous transparency, the thesis proposes an essential tool that supports the collection and assessment of evidence from cloud providers, including the establishment of remedial actions for redressing deficiencies in cloud provider practices. The tool serves as a supplementary component of the proposed framework that enables continuous inspection of how predefined customer requirements are being satisfied.
The thesis also validates the proposed security transparency framework and tool in terms of validity, applicability, adaptability, and acceptability using two different case studies. Feedbacks are collected from stakeholders and analysed using essential criteria such as ease of use, relevance, usability, etc. The result of the analysis illustrates the validity and acceptability of both the framework and tool in enhancing security transparency in a real-world environment
- âŠ