Systems of Systems with Security

In this report we present two case studies with Systems of Systems modelling. One model illustrates how Cryptographic parameter consistency can be checked using VDMPP for a System of Systems uses encryption to enforce Digital Right Management. The other model shows how a new formalism (CML) tailored specifically to Systems of Systems can express Multi-Party Computation protocol. The idea of using Canetti simulation proofs from Multi-Party computation as a model for refinement of models in CML is presented. Our goal is modest. We do not aim at proving security through refinement but to assists modellers/developers in maintaining security properties during refinement of a concept to designs

Utilização da Norma JPEG2000 para codificar proteger e comercializar Produtos de Observação Terrestre

Applications like, change detection, global monitoring, disaster detection and management have emerging requirements that need the availability of large amounts of data. This data is currently being capture by a multiplicity of instruments and EO (Earth Observation) sensors originating large volumes of data that needs to be stored, processed and accessed in order to be useful – as an example, ENVISAT accumulates, in a yearly basis, several hundred terabytes of data. This need to recover, store, process and access brings some interesting challenges, like storage space, processing power, bandwidth and security, just to mention a few. These challenges are still very important on today’s technological world. If we take a look for example at the number of subscribers of ISP (Internet Service Providers) broadband services on the developed world today, one can notice that broadband services are still far from being common and dominant. On the underdeveloped countries the picture is even dimmer, not only from a bandwidth point of view but also in all other aspects regarding information and communication technologies (ICTs). All this challenges need to be taken into account if a service is to reach the broadest audience possible. Obviously protection and securing of services and contents is an extra asset that helps on the preservation of possible business values, especially if we consider such a costly business as the space industry. This thesis presents and describes a system which allows, not only the encoding and decoding of several EO products into a JPEG2000 format, but also supports some of the security requirements identified previously that allows ESA (European Space Agency) and related EO services to define and apply efficient EO data access security policies and even to exploit new ways to commerce EO products over the Internet.Aplicações como, detecção de mudanças no terreno, monitorização planetária, detecção e gestão de desastres, têm necessidades prementes que necessitam de vastas quantidades de dados. Estes dados estão presentemente a ser capturados por uma multiplicidade de instrumentos e sensores de observação terrestre, que originam uma enormidade de dados que necessitam de ser armazenados processados e acedidos de forma a se tornarem úteis – por exemplo, a ENVISAT acumula anualmente varias centenas de terabytes de dados. Esta necessidade de recuperar, armazenar, processar e aceder introduz alguns desafios interessantes como o espaço de armazenamento, poder de processamento, largura de banda e segurança dos dados só para mencionar alguns. Estes desafios são muito importantes no mundo tecnológico de hoje. Se olharmos, por exemplo, ao número actual de subscritores de ISP (Internet Service Providers) de banda larga nos países desenvolvidos podemos ficar surpreendidos com o facto do número de subscritores desses serviços ainda não ser uma maioria da população ou dos agregados familiares. Nos países subdesenvolvidos o quadro é ainda mais negro não só do ponto de vista da largura de banda mas também de todos os outros aspectos relacionados com Tecnologias da Informação e Comunicação (TICs). Todos estes aspectos devem ser levados em consideração se se pretende que um serviço se torne o mais abrangente possível em termos de audiências. Obviamente a protecção e segurança dos conteúdos é um factor extra que ajuda a preservar possíveis valores de negócio, especialmente considerando industrias tão onerosas como a Industria Espacial. Esta tese apresenta e descreve um sistema que permite, não só a codificação e descodificação de diversos produtos de observação terrestre para formato JPEG2000 mas também o suporte de alguns requisitos de segurança identificados previamente que permitem, á Agência Espacial Europeia e a outros serviços relacionados com observação terrestre, a aplicação de politicas eficientes de acesso seguro a produtos de observação terrestre, permitindo até o aparecimento de novas forma de comercialização de produtos de observação terrestre através da Internet

Remote sensing-based proxies for urban disaster risk management and resilience: A review

© 2018 by the authors. Rapid increase in population and growing concentration of capital in urban areas has escalated both the severity and longer-term impact of natural disasters. As a result, Disaster Risk Management (DRM) and reduction have been gaining increasing importance for urban areas. Remote sensing plays a key role in providing information for urban DRM analysis due to its agile data acquisition, synoptic perspective, growing range of data types, and instrument sophistication, as well as low cost. As a consequence numerous methods have been developed to extract information for various phases of DRM analysis. However, given the diverse information needs, only few of the parameters of interest are extracted directly, while the majority have to be elicited indirectly using proxies. This paper provides a comprehensive review of the proxies developed for two risk elements typically associated with pre-disaster situations (vulnerability and resilience), and two post-disaster elements (damage and recovery), while focusing on urban DRM. The proxies were reviewed in the context of four main environments and their corresponding sub-categories: built-up (buildings, transport, and others), economic (macro, regional and urban economics, and logistics), social (services and infrastructures, and socio-economic status), and natural. All environments and the corresponding proxies are discussed and analyzed in terms of their reliability and sufficiency in comprehensively addressing the selected DRM assessments. We highlight strength and identify gaps and limitations in current proxies, including inconsistencies in terminology for indirect measurements. We present a systematic overview for each group of the reviewed proxies that could simplify cross-fertilization across different DRM domains and may assist the further development of methods. While systemizing examples from the wider remote sensing domain and insights from social and economic sciences, we suggest a direction for developing new proxies, also potentially suitable for capturing functional recovery

Code Renewability for Native Software Protection

Software protection aims at safeguarding assets embedded in software by preventing and delaying reverse engineering and tampering attacks. This paper presents an architecture and supporting tool flow to renew parts of native applications dynamically. Renewed and diversified code and data belonging to either the original application or to linked-in protections are delivered from a secure server to a client on demand. This results in frequent changes to the software components when they are under attack, thus making attacks harder. By supporting various forms of diversification and renewability, novel protection combinations become available, and existing combinations become stronger. The prototype implementation is evaluated on a number of industrial use cases

An Efficient and Secure Energy Trading Approach with Machine Learning Technique and Consortium Blockchain

In this paper, a secure energy trading mechanism based on blockchain technology is proposed. The proposed model deals with energy trading problems such as insecure energy trading and inefficient charging mechanisms for electric vehicles (EVs) in a vehicular energy network (VEN). EVs face two major problems: finding an optimal charging station and calculating the exact amount of energy required to reach the selected charging station. Moreover, in traditional trading approaches, centralized parties are involved in energy trading, which leads to various issues such as increased computational cost, increased computational delay, data tempering and a single point of failure. Furthermore, EVs face various energy challenges, such as imbalanced load supply and fluctuations in voltage level. Therefore, a demand-response (DR) pricing strategy enables EV users to flatten load curves and efficiently adjust electricity usage. In this work, communication between EVs and aggregators is efficiently performed through blockchain. Moreover, a branching concept is involved in the proposed system, which divides EV data into two different branches: a Fraud Chain (F-chain) and an Integrity Chain (I-chain). The proposed branching mechanism helps solve the storage problem and reduces computational time. Moreover, an attacker model is designed to check the robustness of the proposed system against double-spending and replay attacks. Security analysis of the proposed smart contract is also given in this paper. Simulation results show that the proposed work efficiently reduces the charging cost and time in a VEN.publishedVersio

Efficient allocation for downlink multi-channel NOMA systems considering complex constraints

To enable an efficient dynamic power and channel allocation (DPCA) for users in the downlink multi-channel non-orthogonal multiple access (MC-NOMA) systems, this paper regards the optimization as the combinatorial problem, and proposes three heuristic solutions, i.e., stochastic algorithm, two-stage greedy randomized adaptive search (GRASP), and two-stage stochastic sample greedy (SSD). Additionally, multiple complicated constraints are taken into consideration according to practical scenarios, for instance, the capacity for per sub-channel, power budget for per sub-channel, power budget for users, minimum data rate, and the priority control during the allocation. The effectiveness of the algorithms is compared by demonstration, and the algorithm performance is compared by simulations. Stochastic solution is useful for the overwhelmed sub-channel resources, i.e., spectrum dense environment with less data rate requirement. With small sub-channel number, i.e., spectrum scarce environment, both GRASP and SSD outperform the stochastic algorithm in terms of bigger data rate (achieve more than six times higher data rate) while having a shorter running time. SSD shows benefits with more channels compared with GRASP due to the low computational complexity (saves 66% running time compared with GRASP while maintaining similar data rate outcomes). With a small sub-channel number, GRASP shows a better performance in terms of the average data rate, variance, and time consumption than SSG