503,190 research outputs found

    ScaRR: Scalable Runtime Remote Attestation for Complex Systems

    Full text link
    The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as applications fingerprint, and do not handle runtime properties, such as control-flow correctness. This limitation pushed researchers towards the identification of new approaches, called runtime RA. However, those mainly work on embedded devices, which share very few common features with complex systems, such as virtual machines in a cloud. A naive deployment of runtime RA schemes for embedded devices on complex systems faces scalability problems, such as the representation of complex control-flows or slow verification phase. In this work, we present ScaRR: the first Scalable Runtime Remote attestation schema for complex systems. Thanks to its novel control-flow model, ScaRR enables the deployment of runtime RA on any application regardless of its complexity, by also achieving good performance. We implemented ScaRR and tested it on the benchmark suite SPEC CPU 2017. We show that ScaRR can validate on average 2M control-flow events per second, definitely outperforming existing solutions.Comment: 14 page

    Fuzzy Logic Path Planning System for Collision Avoidance by an Autonomous Rover Vehicle

    Get PDF
    Systems already developed at JSC have shown the benefits of applying fuzzy logic control theory to space related operations. Four major issues are addressed that are associated with developing an autonomous collision avoidance subsystem within a path planning system designed for application in a remote, hostile environment that does not lend itself well to remote manipulation of the vehicle involved through Earth-based telecommunication. A good focus for this is unmanned exploration of the surface of Mars. The uncertainties involved indicate that robust approaches such as fuzzy logic control are particularly appropriate. The four major issues addressed are: (1) avoidance of a single fuzzy moving obstacle; (2) back off from a dead end in a static obstacle environment; (3) fusion of sensor data to detect obstacles; and (4) options for adaptive learning in a path planning system

    RADIS: Remote Attestation of Distributed IoT Services

    Get PDF
    Remote attestation is a security technique through which a remote trusted party (i.e., Verifier) checks the trustworthiness of a potentially untrusted device (i.e., Prover). In the Internet of Things (IoT) systems, the existing remote attestation protocols propose various approaches to detect the modified software and physical tampering attacks. However, in an interoperable IoT system, in which IoT devices interact autonomously among themselves, an additional problem arises: a compromised IoT service can influence the genuine operation of other invoked service, without changing the software of the latter. In this paper, we propose a protocol for Remote Attestation of Distributed IoT Services (RADIS), which verifies the trustworthiness of distributed IoT services. Instead of attesting the complete memory content of the entire interoperable IoT devices, RADIS attests only the services involved in performing a certain functionality. RADIS relies on a control-flow attestation technique to detect IoT services that perform an unexpected operation due to their interactions with a malicious remote service. Our experiments show the effectiveness of our protocol in validating the integrity status of a distributed IoT service.Comment: 21 pages, 10 figures, 2 table

    Mobile Phone Based Remote Control System For Furnace Automation

    Get PDF
    Nowadays, an increasing role in various technologies holds electronic devices that automate the various systems to facilitate people's daily life. This publication describes one of those types of automation capabilities, as a control system using mobile phones and mobile communications. Innovative approaches for the modification can be used for various purposes, such as a room or vehicle security alarm systems, remote management for various processes, the heating system furnace firing, the combustion process control, as well as many other remote management and control purposes

    First proof of concept of remote attendance for future observation strategies between Wettzell (Germany) and ConcepciĂłn (Chile)

    Get PDF
    Current VLBI observations are controlled and attended locally at the radio telescopes on the basis of pre-scheduled session files. Operations have to deal with system specific station commands and individual setup procedures. Neither the scheduler nor the correlator nor the data-analyst gets real-time feedback about system parameters during a session. Changes in schedules after the start of a session by remote are impossible or at least quite difficult. For future scientific approaches, a more flexible mechanism would optimize the usage of resources at the sites. Therefore shared-observation control between world-wide telescope s, remote attendance/control as well as completely unattended-observations could be useful, in addition to the classic way to run VLBI observations. To reach these goals, the Geodetic Observatory Wettzell in cooperation with the Max-Planck-Institute for Radio Astronomy (Bonn) have developed a software extension to the existing NASA Field System for remote control. It uses the principle of a remotely accessible, autonomous process cell as server extension to the Field System on the basis of Remote Procedure Calls (RPC). Based on this technology the first completely remote attended and controlled geodetic VLBI session between Wettzell, Germany and ConcepciĂłn, Chile was successfully performed over 24 hours. This first test was extremely valuable for gathering information about the differences between VLBI systems and measuring the performance of internet connections and automatic connection re-establishments. During the 24h-session, the network load, the number of sent/received packages and the transfer speed were monitor ed and captured. It was a first reliable test for the future wishes to control several telescopes with one graphical user interface on different data transfer rates over large distances in an efficient way. In addition, future developments for an authentication and user role management will be realized within the upcoming NEXPReS project

    Transmission of natural scene images through a multimode fibre

    Get PDF
    The optical transport of images through a multimode fibre remains an outstanding challenge with applications ranging from optical communications to neuro-imaging. State of the art approaches either involve measurement and control of the full complex field transmitted through the fibre or, more recently, training of artificial neural networks that however, are typically limited to image classes belong to the same class as the training data set. Here we implement a method that statistically reconstructs the inverse transformation matrix for the fibre. We demonstrate imaging at high frame rates, high resolutions and in full colour of natural scenes, thus demonstrating general-purpose imaging capability. Real-time imaging over long fibre lengths opens alternative routes to exploitation for example for secure communication systems, novel remote imaging devices, quantum state control processing and endoscopy

    Assessing and augmenting SCADA cyber security: a survey of techniques

    Get PDF
    SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability

    Distributed voltage control in electrical power systems

    Get PDF
    Voltage instability stems from the attempt of load dynamics to restore power consumption beyond the capability of the combined transmission and generation system. Discrete event controllers such as load tap changing transformers (LTCs), electronically controlled HVDC lines and switched capacitor banks can locally maintain the voltage but following a major disturbance that causes a strong decrease in the voltages, there are some interaction between LTCs action and up to now there has been relatively little attention paid to coordination between important components in voltage stability using message exchange between them and applying distributed control and taking discrete events into account. So, this study aims at voltage stability enhancement by using coordinated control of the discrete event controllers by using message exchange between the different local control agents. Various approaches for coordinating local controllers (e.g. distributed model predictive controllers) will be investigated. The influence of the discrete event driven local voltage controllers on remote locations of the network has to be investigated in a hybrid systems model framework

    Symmetries, Horizons, and Black Hole Entropy

    Full text link
    Black holes behave as thermodynamic systems, and a central task of any quantum theory of gravity is to explain these thermal properties. A statistical mechanical description of black hole entropy once seemed remote, but today we suffer an embarrassment of riches: despite counting very different states, many inequivalent approaches to quantum gravity obtain identical results. Such ``universality'' may reflect an underlying two-dimensional conformal symmetry near the horizon, which can be powerful enough to control the thermal characteristics independent of other details of the theory. This picture suggests an elegant description of the relevant degrees of freedom as Goldstone-boson-like excitations arising from symmetry breaking by the conformal anomaly.Comment: 6 pages; first prize essay, 2007 Gravity Research Foundation essay contes

    Cyber security training strategy: dealing with maritime SCADA risks

    Get PDF
    Control systems on board ships collect sensor measurements and data from various operational activities and display all the relevant information; they also facilitate relaying of control commands to local or remote equipment. Distributed control systems (DCS) are typically used within a single process or generating plant; supervisory control and data acquisition (SCADA) systems are used for larger-scale environments. The SCADA system communications infrastructure tends to be slower and less reliable, and so the remote terminal unit in a SCADA system has local control schemes to handle that eventuality. Security in general and cyber security specifically were not the major concerns of early standalone maritime SCADA systems. Security was primarily achieved by controlling physical access to system components, which were unique and used proprietary communication protocols. For years, security in SCADA systems was viewed as just an implication of safety. Over the last decade, however, the situation has changed, and numerous standards/directives dealing with the cyber security of SCADA systems have emerged. Characteristics of maritime SCADA cyber security are discussed; related training needs are identified next. The pedagogical approaches are also presented in order to train seafarers in risk assessment, prevention and mitigation strategies related with maritime SCADA cyber security risks
    • …
    corecore