Secure and efficient data extraction for ubiquitous computing applications

Ubiquitous computing creates a world where computers have blended seamlessly into our physical environment. In this world, a computer is no longer a monitor-and-keyboard setup, but everyday objects such as our clothing and furniture. Unlike current computer systems, most ubiquitous computing systems are built using small, embedded devices with limited computational, storage and communication abilities. A common requirement for many ubiquitous computing applications is to utilize the data from these small devices to perform more complex tasks. For critical applications such as healthcare or medical related applications, there is a need to ensure that only authorized users have timely access to the data found in the small device. In this dissertation, we study the problem of how to securely and efficiently extract data from small devices.;Our research considers two categories of small devices that are commonly used in ubiquitous computing, battery powered sensors and battery free RFID tags. Sensors are more powerful devices equipped with storage and sensing capabilities that are limited by battery power, whereas tags are less powerful devices with limited functionalities, but have the advantage of being operable without battery power. We also consider two types of data access patterns, local and remote access. In local data access, the application will query the tag or the sensor directly for the data, while in remote access, the data is already aggregated at a remote location and the application will query the remote location for the necessary information, The difference between local and remote access is that in local access, the tag or sensor only needs to authenticate the application before releasing the data, but in remote access, the small device may have to perform additional processing to ensure that the data remains secure after being collected. In this dissertation, we present secure and efficient local data access solutions for a single RFID tag, multiple RFID tags, and a single sensor, and remote data access solutions for both RFID tag and sensor

Off-chain Transaction Routing in Payment Channel Networks: A Machine Learning Approach

Blockchain is a foundational technology that has the potential to create new prospects for our economic and social systems. However, the scalability problem limits the capability to deliver a target throughput and latency, compared to the traditional financial systems, with increasing workload. Layer-two is a collective term for solutions designed to help solve the scalability by handling transactions off the main chain, also known as layer one. These solutions have the capability to achieve high throughput, fast settlement, and cost efficiency without sacrificing network security. For example, bidirectional payment channels are utilized to allow the execution of fast transactions between two parties, thus forming the so-called payment channel networks (PCNs). Consequently, an efficient routing protocol is needed to find the payment path from the sender to the receiver, with the lowest transaction fees. This routing protocol needs to consider, among other factors, the unexpected online/offline behavior of the constituent payment nodes as well as payment channel imbalance. This study proposes a novel machine learning-based routing technique for fully distributed and efficient off-chain transactions to be used within the PCNs. For this purpose, the effect of the offline nodes and channel imbalance on the payment channels network are modeled. The simulation results demonstrate a good tradeoff among success ratio, transaction fees, routing efficiency, transaction overhead, and transaction maintenance overhead as compared to other techniques that have been previously proposed for the same purpose

Flash Memory Garbage Collection in Hard Real-Time Systems

Due to advances in capacity, speed, and economics, NAND-based flash memory technology is increasingly integrated into all types of computing systems, ranging from enterprise servers to embedded devices. However, due to its unpredictable up-date behavior and time consuming garbage collection mechanism, NAND-based flash memory is difficult to integrate into hard-real-time embedded systems. In this thesis, I propose a performance model for flash memory garbage collection that can be used in conjunction with a number of different garbage collection strategies. I describe how to model the cost of reactive (lazy) garbage collection and compare it to that of more proactive schemes. I develop formulas to assess the schedulability of hard real- time periodic task sets under simplified memory consumption models. Results show that I prove the proactive schemes achieve the larger maximum schedulable utilization than the traditional garbage collection mechanism for hard real-time systems in flash memory

Cost effective technology applied to domotics and smart home energy management systems

Premio extraordinario de Trabajo Fin de Máster curso 2019/2020. Máster en Energías Renovables DistribuidasIn this document is presented the state of art for domotics cost effective technologies available on market nowadays, and how to apply them in Smart Home Energy Management Systems (SHEMS) allowing peaks shaving, renewable management and home appliance controls, always in cost effective context in order to be massively applied. Additionally, beyond of SHEMS context, it will be also analysed how to apply this technology in order to increase homes energy efficiency and monitoring of home appliances. Energy management is one of the milestones for distributed renewable energy spread; since renewable energy sources are not time-schedulable, are required control systems capable of the management for exchanging energy between conventional sources (power grid), renewable sources and energy storage sources. With the proposed approach, there is a first block dedicated to show an overview of Smart Home Energy Management Systems (SMHEMS) classical architecture and functional modules of SHEMS; next step is to analyse principles which has allowed some devices to become a cost-effective technology. Once the technology has been analysed, it will be reviewed some specific resources (hardware and software) available on marked for allowing low cost SHEMS. Knowing the “tools” available; it will be shown how to adapt classical SHEMS to cost effective technology. Such way, this document will show some specific applications of SHEMS. Firstly, in a general point of view, comparing the proposed low-cost technology with one of the main existing commercial proposals; and secondly, developing the solution for a specific real case.En este documento se aborda el estado actual de la domótica de bajo coste disponible en el mercado actualmente y cómo aplicarlo en los sistemas inteligentes de gestión energética en la vivienda (SHEMS) permitiendo el recorte de las puntas de demanda, gestión de energías renovables y control de electrodomésticos, siempre en el contexto del bajo coste, con el objetivo de lograr la máxima difusión de los SHEMS. Adicionalmente, más allá del contexto de la tecnología SHEMS, se analizará cómo aplicar esta tecnología para aumentar la eficiencia energética de los hogares y para la supervisión de los electrodomésticos. La gestión energética es uno de los factores principales para lograr la difusión de las energías renovables distribuidas; debido a que las fuentes de energía renovable no pueden ser planificadas, se requieren sistemas de control capaces de gestionar el intercambio de energía entre las fuentes convencionales (red eléctrica de distribución), energías renovables y dispositivos de almacenamiento energético. Bajo esta perspectiva, este documento presenta un primer bloque en el que se exponen las bases de la arquitectura y módulos funcionales de los sistemas inteligentes de gestión energética en la vivienda (SHEMS); el siguiente paso será analizar los principios que han permitido a ciertos dispositivos convertirse en dispositivos de bajo coste. Una vez analizada la tecnología, nos centraremos en los recursos (hardware y software) existentes que permitirán la realización de un SHEMS a bajo coste. Conocidas las “herramientas” a nuestra disposición, se mostrará como adaptar un esquema SHEMS clásico a la tecnología de bajo coste. Primeramente, comparando de modo genérico la tecnología de bajo coste con una de las principales propuestas comerciales de SHEMS, para seguidamente desarrollar la solución de bajo coste a un caso específico real

Energy-aware Sensor Data Collection for Mobile Users

Tänapäeval levib järjest rohkem rakendusi, mis tajuvad ümbritsevat keskkonda ning pakuvad sellele põhinevalt kasutajale lisavõimalusi. Selliste võimaluste pakkumiseks on arendatud prototüüp, mis kogub keskkonna kohta andmeid kasutades Arduino platvormil põhinevad sensorite moodulit ning keskset andmet kogumise serverit. Käesolevas töös arendati antud prototüüpi edasi, et tõsta aku vastupidavust ning seeläbi parandada lahenduse kasutatavust. Selleks loodi varieeruva sensoriandmete saatmise intervalliga lahendus, mis koosneb hägusloogikat kasutavast kontrollsüsteemist ning lihtsa lineaarse regressiooni mudelist. Lisaks loodi lahendus, mis lubab sensorite moodulil vabadel hetkedel minna puhkerežiimi. Töö käigus asendati seni kasutuselolev XMPP protokoll HTTP protokolli vastu, et parandada ühenduse loomise ajakulu ning lubada sensorite moodulil kauem puhkerežiimis olla. Parandatud lahenduse tulemusi mõõdeti mitme testi käigus. Kaks põhilist testi, mille käigus sensorite moodul sai voolu 9-voldiselt patareilt, andsid vastavalt tulemusteks 80 ja 110 \% pikema eluea. Sellest tulenevalt saab eeldada, et pakutud puhkerežiimi ja muutuva intervalliga andmete kogumist kasutav lahendus parandab aku vastupidavust ning seega ka prototüübi kasulikkust.Nowadays, mobile applications are becoming more context aware due to technological achievements which enable the applications to anticipate users’ intentions. This is achieved through using the device’s own micromechanical artifacts that can be used to perceive the environment. However, this is constrained to the hardware limitations of devices as not all devices provide the same options. Moreover, perceiving the environment strains the battery and therefore has its impact on devices' everyday usage. To remedy this, a proposed solution has been made in the thesis “Context Sensor Data on Demand for Mobile Users Supported by XMPP” by Kaarel Hanson. The solution is to gather environmental data by specialized sensor modules and store it in a data server. Afterwards, devices can query the data from the server and thus gain access to information beyond the capabilities of their own hardware. The solution uses XMPP for transporting sensor data from Arduino microcontrollers (sensor modules) to the cloud. Arduino provides low-cost hardware, while the cloud offers the reliable and high- availability means for storing and processing sensor data. However, the developed prototype shows that running on a 9V battery the microcontroller lasts for 101 minutes when using an Ethernet module and 161,5 minutes with a WiFi module. These results are not good enough for remote data collection with limited access as the maintenance cost would be too high when the batteries need to be replaced frequently. This thesis proposes an optimisation for the system so that instead of reading and sending sensor data every 10 seconds, the cloud server would notify the controller when to start sending data and when to stop. This means implementing an algorithm for detecting similar sensor data readings and notifying the microcontroller of needed operations. With similar readings, the microcontroller could be put to an idle state to limit power consumption, which would prolong battery life. The aim is to optimise the sensor reading process enough to prolong Arduino microcontroller’s battery life on a 9V battery

A Region-based Business Ecosystem for Industrial Upgrading: Evidence from the Electronics Industry of Shenzhen

This dissertation explores the underlying mechanisms for the upgrading process of the electronics industry in Shenzhen. Industrial upgrading has been an international phenomenon since the globalisation of manufacturing in the late 1970s but to date no comprehensive framework has been proposed for the industrial upgrading in a region. In recent decades, the trend of manufacturing regionalisation and growing uncertainties associated with electronics products in the global market have driven regions that specialise in electronics manufacturing, such as the Chinese city of Shenzhen, to continuously adjust its industrial systems. Such adjustments are mainly based on the evolving business ecosystem they inhabit, which comprises region-specific resources that can be flexibly leveraged by players such as local firms and the government. To elucidate the interactive mechanisms among actors that facilitate industrial upgrading within the regional business ecosystem, this research integrates and extends the existing literature on industrial upgrading from global and local perspectives and applies a business ecosystem framework to address the main research question and sub-questions: How does a region act as a business ecosystem to facilitate the upgrading of a region- specific industry? 1. What is the evolutionary pattern of a regional resource pool? 2. How to understand the upgrading of a region-specific industry? 3. How does a regional resource pool interact with regional industrial systems to facilitate industrial upgrading? In order to answer these questions, a qualitative study on the Shenzhen-based business ecosystem with two streams of embedded cases – electronics companies that have experienced upgrading in Shenzhen and milestone events in Shenzhen’s industrial development – was conducted following an inductive approach. After detailed individual and cross-case analyses, the research revealed three main findings. Firstly, the evolution of the regional resource pool is driven by both milestone events throughout the industrial development of the region and local firms’ feedback impacts. Secondly, the regional industrial upgrading is an iterative and dynamic process and should be interpreted by adding the regional dimension. At the regional level, there co-exist established industrial systems transformation and new industrial systems emergence throughout the upgrading journey of a region-specific industry. Thirdly, the underlying mechanisms for regional industrial upgrading are enabled by the region-based business ecosystem. A total of eight interactive mechanisms between the regional resource pool and regional industrial systems – four transformation impacts from the resource pool on the industrial system and four feedback impacts from the industrial system on the resource pool – result in an iterative and dynamic co-evolution model that defines the region-based business ecosystem. Theoretically, these findings fill the current scholarly neglect of the fact that a region as a whole can function as a business ecosystem to enhance long-term regional growth through industrial upgrading. In addition to these three main theoretical findings, this PhD research project has a number of practical implications. A mapping tool can be developed for firms or regional governments to use in decision making for industrial development. In addition to the tool development, firms and local government should collaborate following an ecosystem logic to enhance resource strengthening and creation, so as to sustain the regional industrial upgrading. In summary, this dissertation contributes to industrial systems and business ecosystem literatures in its re-conceptualisation of region-based business ecosystems. By introducing the regional dimension into the research of industrial upgrading, the integrative region-based business ecosystem model enriches our understanding of the co-evolution between the industrial systems and resources in a developing region

Capability Memory Protection for Embedded Systems

This dissertation explores the use of capability security hardware and software in real-time and latency-sensitive embedded systems, to address existing memory safety and task isolation problems as well as providing new means to design a secure and scalable real-time system. In addition, this dissertation looks into how practical and high-performance temporal memory safety can be achieved under a capability architecture. State-of-the-art memory protection schemes for embedded systems typically present limited and inflexible solutions to memory protection and isolation, and fail to scale as embedded devices become more capable and ubiquitous. I investigate whether a capability architecture is able to provide new angles to address memory safety issues in an embedded scenario. Previous CHERI capability research focuses on 64-bit architectures in UNIX operating systems, which does not translate to typical 32-bit embedded processors with low-latency and real-time requirements. I propose and implement the CHERI CC-64 encoding and the CHERI-64 coprocessor to construct a feasible capability-enabled 32-bit CPU. In addition, I implement a real-time kernel for embedded systems atop CHERI-64. On this hardware and software platform, I focus on exploring scalable task isolation and fine-grained memory protection enabled by capabilities in a single flat physical address space, which are otherwise difficult or impossible to achieve via state-of-the-art approaches. Later, I present the evaluation of the hardware implementation and the software run-time overhead and real-time performance. Even with capability support, CHERI-64 as well as other CHERI processors still expose major attack surfaces through temporal vulnerabilities like use-after-free. A naive approach that sweeps memory to invalidate stale capabilities is inefficient and incurs significant cycle overhead and DRAM traffic. To make sweeping revocation feasible, I introduce new architectural mechanisms and micro-architectural optimisations to substantially reduce the cost of memory sweeping and capability revocation. Another factor of the cost is the frequency of memory sweeping. I explore tradeoffs of memory allocator designs that use quarantine buffers and shadow space tags to prevent frequent unnecessary sweeping. The evaluation shows that the optimisations and new allocator designs reduce the cost of capability sweeping revocation by orders of magnitude, making it already practical for most applications to adopt temporal safety under CHERI.CSC Cambridge Scholarshi

treNch: Ultra-Low Power Wireless Communication Protocol for IoT and Energy Harvesting

Although the number of Internet of Things devices increases every year, efforts to decrease hardware energy demands and to improve efficiencies of the energy-harvesting stages have reached an ultra-low power level. However, no current standard of wireless communication protocol (WCP) can fully address those scenarios. Our focus in this paper is to introduce treNch, a novel WCP implementing the cross-layer principle to use the power input for adapting its operation in a dynamic manner that goes from pure best-effort to nearly real time. Together with the energy-management algorithm, it operates with asynchronous transmissions, synchronous and optional receptions, short frame sizes and a light architecture that gives control to the nodes. These features make treNch an optimal option for wireless sensor networks with ultra-low power demands and severe energy fluctuations. We demonstrate through a comparison with different modes of Bluetooth Low Energy (BLE) a decrease of the power consumption in 1 to 2 orders of magnitude for different scenarios at equal quality of service. Moreover, we propose some security optimizations, such as shorter over-the-air counters, to reduce the packet overhead without decreasing the security level. Finally, we discuss other features aside of the energy needs, such as latency, reliability or topology, brought again against BLE.ECSEL Joint Undertaking through CONNECT project 737434Federal Ministry of Education & Research (BMBF)European Union's Horizon 2020 research and innovation programSpanish Ministry of Education, Culture and Sport (MECD)/FEDER-EU FPU18/01376BBVA FoundationUniversity of Granad

Designing Digital Forensics Challenges for Multinational Cyber Defense Exercises

Töös püütakse kujundada ja hinnata digitaalse kohtuekspertiisi väljakutset, mida kasutada rahvusvahelisel küberkaitse õppusel. Eesmärk on fokusseerida põhioskustele, mida üks riiklik organisatsioon oma digitaalse kohtuekspertiisi ekspertidelt vajab ja disainida ning integreerida tehnilisi ülesandeid, mis adekvaatselt testivad neid oskusi suuremal küberkaitse õppusel. See töö kasutab NATO Locked Shields küberkaitse õppust test-näitena, mille jaoks väitekirja autor liitus digitaalse kohtuekspertiisi disainimeeskonnaga, NATO Cyber Defense Centre of Excellence juures, kui nad kavandasid ja rakendasid kolme-päevast digitaalse kohtuekspertiisi väljakutset. See lõputöö kehtestab rea tehnilisi ja protseduurilisi oskuseid, mida riiklikud organisatsioonid vajavad oma ekspertidelt, määrab viisid, kuidas testida neid oskusi ja arendab stsenaariumipõhist digitaalse kohtuekspertiisi väljakutset. Kasutades vahetult saadud tähelepanekuid, osaleja tagasisidet ja väljakutse tulemusi, et hinnata väljakutse efektiivsust, lõputöös leitakse, et stsenaarium testis piisavalt enamus oskusi õigel raskustasemel ja vajab parendamist ajastuses ning aruandlusstandardites. Lõpetuseks uuritakse erinevaid viise, kuidas parendada valitud meetodeid ja ülesandeid tuleviku õppusteks.This thesis seeks to design and evaluate a digital forensics challenge for inclusion in a multinational cyber defense exercise. The intent is to narrow down the key skills a state-based organization requires of its digital forensics experts and design and integrate technical tasks that adequately test these skills into a larger cyber defense exercise. It uses the NATO Locked Shields cyber defense exercise as a test case, for which the thesis author joined the digital forensics design team at the NATO Cyber Defense Centre of Excellence in designing and implementing a three day digital forensics challenge. This thesis establishes a series of technical and procedural skills state-based organizations require of their experts, determines ways to test these skills, and develops a scenario-based digital forensics challenge. Using first hand observations, participant feedback, and challenge scores to evaluate the effectiveness of the challenge, it finds that the scenario adequately tested a majority of the skills at the appropriate difficulty level and needs improvement in timing and reporting standards. Finally, it explores ways to improve upon the selected methods and tasks for future exercises