Encounters across networks: Windows into principles of genomic regulation

Gene regulatory networks account for the ability of the genome to program development in complex multi-cellular organisms. Such networks are based on principles of gene regulation by combinations of transcription factors that bind to specific cis-regulatory DNA sites to activate transcription. These cis-regulatory regions mediate logic processing at each network node, enabling progressive increases in organismal complexity with development. Gene regulatory network explanations of development have been shown to account for patterning and cell type diversification in fly and sea urchin embryonic systems, where networks are characterized by fast coupling between transcriptional inputs and changes in target gene transcription rates, and crucial cis-regulatory elements are concentrated relatively close to the protein coding sequences of the target genes, thus facilitating their identification. Stem cell-based development in post-embryonic mammalian systems also depends on gene networks, but differs from the fly and sea urchin systems. First, the number of regulatory elements per gene and the distances between regulatory elements and the genes they control are considerably larger, forcing searches via genome-wide transcription factor binding surveys rather than functional assays. Second, the intrinsic timing of network state transitions can be slowed considerably by the need to undo stem-cell chromatin configurations, which presumably add stability to stem-cell states but retard responses to transcription factor changes during differentiation. The dispersed, partially redundant cis-regulatory systems controlling gene expression and the slow state transition kinetics in these systems already reveal new insights and opportunities to extend understanding of the repertoire of gene networks and regulatory system logic

Encounters across networks: Windows into principles of genomic regulation

Gene regulatory networks account for the ability of the genome to program development in complex multi-cellular organisms. Such networks are based on principles of gene regulation by combinations of transcription factors that bind to specific cis-regulatory DNA sites to activate transcription. These cis-regulatory regions mediate logic processing at each network node, enabling progressive increases in organismal complexity with development. Gene regulatory network explanations of development have been shown to account for patterning and cell type diversification in fly and sea urchin embryonic systems, where networks are characterized by fast coupling between transcriptional inputs and changes in target gene transcription rates, and crucial cis-regulatory elements are concentrated relatively close to the protein coding sequences of the target genes, thus facilitating their identification. Stem cell-based development in post-embryonic mammalian systems also depends on gene networks, but differs from the fly and sea urchin systems. First, the number of regulatory elements per gene and the distances between regulatory elements and the genes they control are considerably larger, forcing searches via genome-wide transcription factor binding surveys rather than functional assays. Second, the intrinsic timing of network state transitions can be slowed considerably by the need to undo stem-cell chromatin configurations, which presumably add stability to stem-cell states but retard responses to transcription factor changes during differentiation. The dispersed, partially redundant cis-regulatory systems controlling gene expression and the slow state transition kinetics in these systems already reveal new insights and opportunities to extend understanding of the repertoire of gene networks and regulatory system logic

Security and trust in cloud computing and IoT through applying obfuscation, diversification, and trusted computing technologies

Cloud computing and Internet of Things (IoT) are very widely spread and commonly used technologies nowadays. The advanced services offered by cloud computing have made it a highly demanded technology. Enterprises and businesses are more and more relying on the cloud to deliver services to their customers. The prevalent use of cloud means that more data is stored outside the organization’s premises, which raises concerns about the security and privacy of the stored and processed data. This highlights the significance of effective security practices to secure the cloud infrastructure. The number of IoT devices is growing rapidly and the technology is being employed in a wide range of sectors including smart healthcare, industry automation, and smart environments. These devices collect and exchange a great deal of information, some of which may contain critical and personal data of the users of the device. Hence, it is highly significant to protect the collected and shared data over the network; notwithstanding, the studies signify that attacks on these devices are increasing, while a high percentage of IoT devices lack proper security measures to protect the devices, the data, and the privacy of the users. In this dissertation, we study the security of cloud computing and IoT and propose software-based security approaches supported by the hardware-based technologies to provide robust measures for enhancing the security of these environments. To achieve this goal, we use obfuscation and diversification as the potential software security techniques. Code obfuscation protects the software from malicious reverse engineering and diversification mitigates the risk of large-scale exploits. We study trusted computing and Trusted Execution Environments (TEE) as the hardware-based security solutions. Trusted Platform Module (TPM) provides security and trust through a hardware root of trust, and assures the integrity of a platform. We also study Intel SGX which is a TEE solution that guarantees the integrity and confidentiality of the code and data loaded onto its protected container, enclave. More precisely, through obfuscation and diversification of the operating systems and APIs of the IoT devices, we secure them at the application level, and by obfuscation and diversification of the communication protocols, we protect the communication of data between them at the network level. For securing the cloud computing, we employ obfuscation and diversification techniques for securing the cloud computing software at the client-side. For an enhanced level of security, we employ hardware-based security solutions, TPM and SGX. These solutions, in addition to security, ensure layered trust in various layers from hardware to the application. As the result of this PhD research, this dissertation addresses a number of security risks targeting IoT and cloud computing through the delivered publications and presents a brief outlook on the future research directions.Pilvilaskenta ja esineiden internet ovat nykyään hyvin tavallisia ja laajasti sovellettuja tekniikkoja. Pilvilaskennan pitkälle kehittyneet palvelut ovat tehneet siitä hyvin kysytyn teknologian. Yritykset enenevässä määrin nojaavat pilviteknologiaan toteuttaessaan palveluita asiakkailleen. Vallitsevassa pilviteknologian soveltamistilanteessa yritykset ulkoistavat tietojensa käsittelyä yrityksen ulkopuolelle, minkä voidaan nähdä nostavan esiin huolia taltioitavan ja käsiteltävän tiedon turvallisuudesta ja yksityisyydestä. Tämä korostaa tehokkaiden turvallisuusratkaisujen merkitystä osana pilvi-infrastruktuurin turvaamista. Esineiden internet -laitteiden lukumäärä on nopeasti kasvanut. Teknologiana sitä sovelletaan laajasti monilla sektoreilla, kuten älykkäässä terveydenhuollossa, teollisuusautomaatiossa ja älytiloissa. Sellaiset laitteet keräävät ja välittävät suuria määriä informaatiota, joka voi sisältää laitteiden käyttäjien kannalta kriittistä ja yksityistä tietoa. Tästä syystä johtuen on erittäin merkityksellistä suojata verkon yli kerättävää ja jaettavaa tietoa. Monet tutkimukset osoittavat esineiden internet -laitteisiin kohdistuvien tietoturvahyökkäysten määrän olevan nousussa, ja samaan aikaan suuri osuus näistä laitteista ei omaa kunnollisia teknisiä ominaisuuksia itse laitteiden tai niiden käyttäjien yksityisen tiedon suojaamiseksi. Tässä väitöskirjassa tutkitaan pilvilaskennan sekä esineiden internetin tietoturvaa ja esitetään ohjelmistopohjaisia tietoturvalähestymistapoja turvautumalla osittain laitteistopohjaisiin teknologioihin. Esitetyt lähestymistavat tarjoavat vankkoja keinoja tietoturvallisuuden kohentamiseksi näissä konteksteissa. Tämän saavuttamiseksi työssä sovelletaan obfuskaatiota ja diversifiointia potentiaalisiana ohjelmistopohjaisina tietoturvatekniikkoina. Suoritettavan koodin obfuskointi suojaa pahantahtoiselta ohjelmiston takaisinmallinnukselta ja diversifiointi torjuu tietoturva-aukkojen laaja-alaisen hyödyntämisen riskiä. Väitöskirjatyössä tutkitaan luotettua laskentaa ja luotettavan laskennan suoritusalustoja laitteistopohjaisina tietoturvaratkaisuina. TPM (Trusted Platform Module) tarjoaa turvallisuutta ja luottamuksellisuutta rakentuen laitteistopohjaiseen luottamukseen. Pyrkimyksenä on taata suoritusalustan eheys. Työssä tutkitaan myös Intel SGX:ää yhtenä luotettavan suorituksen suoritusalustana, joka takaa suoritettavan koodin ja datan eheyden sekä luottamuksellisuuden pohjautuen suojatun säiliön, saarekkeen, tekniseen toteutukseen. Tarkemmin ilmaistuna työssä turvataan käyttöjärjestelmä- ja sovellusrajapintatasojen obfuskaation ja diversifioinnin kautta esineiden internet -laitteiden ohjelmistokerrosta. Soveltamalla samoja tekniikoita protokollakerrokseen, työssä suojataan laitteiden välistä tiedonvaihtoa verkkotasolla. Pilvilaskennan turvaamiseksi työssä sovelletaan obfuskaatio ja diversifiointitekniikoita asiakaspuolen ohjelmistoratkaisuihin. Vankemman tietoturvallisuuden saavuttamiseksi työssä hyödynnetään laitteistopohjaisia TPM- ja SGX-ratkaisuja. Tietoturvallisuuden lisäksi nämä ratkaisut tarjoavat monikerroksisen luottamuksen rakentuen laitteistotasolta ohjelmistokerrokseen asti. Tämän väitöskirjatutkimustyön tuloksena, osajulkaisuiden kautta, vastataan moniin esineiden internet -laitteisiin ja pilvilaskentaan kohdistuviin tietoturvauhkiin. Työssä esitetään myös näkemyksiä jatkotutkimusaiheista

A DNA Repair Complex Functions as an Oct4/Sox2 Coactivator in Embryonic Stem Cells

SummaryThe transcriptional activators Oct4, Sox2, and Nanog cooperate with a wide array of cofactors to orchestrate an embryonic stem (ES) cell-specific gene expression program that forms the molecular basis of pluripotency. Here, we report using an unbiased in vitro transcription-biochemical complementation assay to discover a multisubunit stem cell coactivator complex (SCC) that is selectively required for the synergistic activation of the Nanog gene by Oct4 and Sox2. Purification, identification, and reconstitution of SCC revealed this coactivator to be the trimeric XPC-nucleotide excision repair complex. SCC interacts directly with Oct4 and Sox2 and is recruited to the Nanog and Oct4 promoters as well as a majority of genomic regions that are occupied by Oct4 and Sox2. Depletion of SCC/XPC compromised both pluripotency in ES cells and somatic cell reprogramming of fibroblasts to induced pluripotent stem (iPS) cells. This study identifies a transcriptional coactivator with diversified functions in maintaining ES cell pluripotency and safeguarding genome integrity.PaperCli

Directing neuronal cell fate in vitro: achievements and challenges

Human pluripotent stem cell (PSC) technology and direct somatic cell reprogramming have opened up a promising new avenue in the field of neuroscience. These recent advances allow researchers to obtain virtually any cell type found in the human brain, making it possible to produce and study functional neurons in laboratory conditions for both scientific and medical purposes. Although distinct approaches have shown to be successful in directing neuronal cell fate in vitro, their refinement and optimization, as well as the search for alternative approaches, remains necessary to help realize the full potential of the eventually derived neuronal populations. Furthermore, we are currently limited in the number of neuronal subtypes whose induction is fully established, and different cultivation protocols for each subtype exist, making it challenging to increase the reproducibility and decrease the variances that are observed between different protocols. In this review, we summarize the progress that has been made in generating various neuronal subtypes from PSCs and somatic cells, with special emphasis on chemically defined systems, transcription factor-mediated reprogramming and epigenetic-based approaches. We also discuss the efforts that are being made to increase the efficiency of current protocols and address the potential for the use of these cells in disease modelling, drug discovery and regenerative medicine

Towards a Boolean network-based Computational Model for Cell Differentiation and its applications to Robotics

Living organisms are the ultimate product of a series of complex processes that take place within—and among—biological cells. Most of these processes, such as cell differentiation, are currently poorly understood. Cell differentiation is the process by which cells progressively specialise. Being a fundamental process within cells, its dysregulations have dramatic implications in biological organisms ranging from developmental issues to cancer formation. The thesis objective is to contribute to the progress in the understanding of cell differentiation and explore the applications of its properties for designing artificial systems. The proposed approach, which relies on Boolean networks based modelling and on the theory of dynamical systems, aims at investigating the general mechanisms underlying cell differentiation. The results obtained contribute to taking a further step towards the formulation of a general theoretical framework—so far missing—for cellular differentiation. We conducted an in-depth analysis of the impact of self-loops in random Boolean networks ensembles. We proposed a new model of differentiation driven by a simplified bio-inspired methylation mechanism in Boolean models of genetic regulatory networks. On the artificial side, by introducing the conceptual metaphor of the “attractor landscape” and related proofs of concept that support its potential, we paved the way for a new research direction in robotics called behavioural differentiation robotics: a branch of robotics dealing with the designing of robots capable of expressing different behaviours in a way similar to that of biological cells that undergo differentiation. The implications of the results achieved may have beneficial effects on medical research. Indeed, the proposed approach can foster new questions, experiments and in turn, models that hopefully in the next future will take us to cure differentiation-related diseases such as cancer. Our work may also contribute to address questions concerning the evolution of complex behaviours and to help design robust and adaptive robots

Epigenomes in Cardiovascular Disease.

If unifying principles could be revealed for how the same genome encodes different eukaryotic cells and for how genetic variability and environmental input are integrated to impact cardiovascular health, grand challenges in basic cell biology and translational medicine may succumb to experimental dissection. A rich body of work in model systems has implicated chromatin-modifying enzymes, DNA methylation, noncoding RNAs, and other transcriptome-shaping factors in adult health and in the development, progression, and mitigation of cardiovascular disease. Meanwhile, deployment of epigenomic tools, powered by next-generation sequencing technologies in cardiovascular models and human populations, has enabled description of epigenomic landscapes underpinning cellular function in the cardiovascular system. This essay aims to unpack the conceptual framework in which epigenomes are studied and to stimulate discussion on how principles of chromatin function may inform investigations of cardiovascular disease and the development of new therapies

Automotive firmware extraction and analysis techniques

An intricate network of embedded devices, called Electronic Control Units (ECUs), is responsible for the functionality of a modern vehicle. Every module processes a myriad of information and forwards it on to other nodes on the network, typically an automotive bus such as the Controller Area Network (CAN). Analysing embedded device software, and automotive in particular, brings many challenges. The analyst must, especially in the notoriously secretive automotive industry, first lift the ECU firmware from the hardware, which typically prevents unauthorised access. In this thesis, we address this problem in two ways: - We detail and bypass the access control mechanism used in diagnostic protocols in ECU firmware. Using existing diagnostic functionality, we present a generic technique to download code to RAM and execute it, without requiring physical access to the ECU. We propose a generic firmware readout framework on top of this, which only requires access to the CAN bus. - We analyse various embedded bootloaders and combine dynamic analysis with low-level hardware fault attacks, resulting in several fault-injection attacks which bypass on-chip readout protection. We then apply these firmware extraction techniques to acquire immobiliser firmware by two different manufacturers, from which we reverse engineer the DST80 cipher and present it in full detail here. Furthermore, we point out flaws in the key generation procedure, also recovered from the ECU firmware, leading to a full key recovery based on publicly readable transponder pages