980 research outputs found

    Identifying attack surfaces in the evolving space industry using reference architectures

    Get PDF
    The space environment is currently undergoing a substantial change and many new entrants to the market are deploying devices, satellites and systems in space; this evolution has been termed as NewSpace. The change is complicated by technological developments such as deploying machine learning based autonomous space systems and the Internet of Space Things (IoST). In the IoST, space systems will rely on satellite-to-x communication and interactions with wider aspects of the ground segment to a greater degree than existing systems. Such developments will inevitably lead to a change in the cyber security threat landscape of space systems. Inevitably, there will be a greater number of attack vectors for adversaries to exploit, and previously infeasible threats can be realised, and thus require mitigation. In this paper, we present a reference architecture (RA) that can be used to abstractly model in situ applications of this new space landscape. The RA specifies high-level system components and their interactions. By instantiating the RA for two scenarios we demonstrate how to analyse the attack surface using attack trees

    Conceptual Systems Security Analysis Aerial Refueling Case Study

    Get PDF
    In today’s highly interconnected and technology reliant environment, systems security is rapidly growing in importance to complex systems such as automobiles, airplanes, and defense-oriented weapon systems. While systems security analysis approaches are critical to improving the security of these advanced cyber-physical systems-of-systems, such approaches are often poorly understood and applied in ad hoc fashion. To address these gaps, first a study of key architectural analysis concepts and definitions is provided with an assessment of their applicability towards complex cyber-physical systems. From this initial work, a definition of cybersecurity architectural analysis for cyber-physical systems is proposed. Next, the System Theory Theoretic Process Analysis approach for Security (STPA Sec) is tailored and presented in three phases which support the development of conceptual-level security requirements, applicable design-level criteria, and architectural-level security specifications. This work uniquely presents a detailed case study of a conceptual-level systems security analysis of a notional aerial refueling system based on the tailored STPA-Sec approach. This work is critically important for advancing the science of systems security engineering by providing a standardized approach for understanding security, safety, and resiliency requirements in complex systems with traceability and testability

    The Forgotten Emerging Technology: The Metaverse and Its Cybersecurity Implications

    Get PDF
    The widespread deployment of 5G devices in the United States will spur widespread use of augmented reality, virtual reality, and mixed reality applications—collectively known as extended reality. The over-commercialization of the term "metaverse" has impeded honest conversations about the implications of an insecure metaverse and the technologies associated with it. While these applications and devices will bring significant benefits, they will be accompanied by numerous cybersecurity challenges. As a result, U.S. policymakers run afoul of repeating past mistakes: failing to secure technology before it ushers in a new era of national security concerns. The U.S. government must work closely with industry, academia, nonprofits, and international partners to begin thinking about these consequential issues

    Architecture and Information Requirements to Assess and Predict Flight Safety Risks During Highly Autonomous Urban Flight Operations

    Get PDF
    As aviation adopts new and increasingly complex operational paradigms, vehicle types, and technologies to broaden airspace capability and efficiency, maintaining a safe system will require recognition and timely mitigation of new safety issues as they emerge and before significant consequences occur. A shift toward a more predictive risk mitigation capability becomes critical to meet this challenge. In-time safety assurance comprises monitoring, assessment, and mitigation functions that proactively reduce risk in complex operational environments where the interplay of hazards may not be known (and therefore not accounted for) during design. These functions can also help to understand and predict emergent effects caused by the increased use of automation or autonomous functions that may exhibit unexpected non-deterministic behaviors. The envisioned monitoring and assessment functions can look for precursors, anomalies, and trends (PATs) by applying model-based and data-driven methods. Outputs would then drive downstream mitigation(s) if needed to reduce risk. These mitigations may be accomplished using traditional design revision processes or via operational (and sometimes automated) mechanisms. The latter refers to the in-time aspect of the system concept. This report comprises architecture and information requirements and considerations toward enabling such a capability within the domain of low altitude highly autonomous urban flight operations. This domain may span, for example, public-use surveillance missions flown by small unmanned aircraft (e.g., infrastructure inspection, facility management, emergency response, law enforcement, and/or security) to transportation missions flown by larger aircraft that may carry passengers or deliver products. Caveat: Any stated requirements in this report should be considered initial requirements that are intended to drive research and development (R&D). These initial requirements are likely to evolve based on R&D findings, refinement of operational concepts, industry advances, and new industry or regulatory policies or standards related to safety assurance

    -ilities Tradespace and Affordability Project – Phase 3

    Get PDF
    One of the key elements of the SERC’s research strategy is transforming the practice of systems engineering and associated management practices – “SE and Management Transformation (SEMT).” The Grand Challenge goal for SEMT is to transform the DoD community’s current systems engineering and management methods, processes, and tools (MPTs) and practices away from sequential, single stovepipe system, hardware-first, document-driven, point- solution, acquisition-oriented approaches; and toward concurrent, portfolio and enterprise- oriented, hardware-software-human engineered, model-driven, set-based, full life cycle approaches.This material is based upon work supported, in whole or in part, by the U.S. Department of Defense through the Office of the Assistant Secretary of Defense for Research and Engineering (ASD(R&E)) under Contract H98230-08- D-0171 (Task Order 0031, RT 046).This material is based upon work supported, in whole or in part, by the U.S. Department of Defense through the Office of the Assistant Secretary of Defense for Research and Engineering (ASD(R&E)) under Contract H98230-08- D-0171 (Task Order 0031, RT 046)

    Key technologies for safe and autonomous drones

    Get PDF
    Drones/UAVs are able to perform air operations that are very difficult to be performed by manned aircrafts. In addition, drones' usage brings significant economic savings and environmental benefits, while reducing risks to human life. In this paper, we present key technologies that enable development of drone systems. The technologies are identified based on the usages of drones (driven by COMP4DRONES project use cases). These technologies are grouped into four categories: U-space capabilities, system functions, payloads, and tools. Also, we present the contributions of the COMP4DRONES project to improve existing technologies. These contributions aim to ease drones’ customization, and enable their safe operation.This project has received funding from the ECSEL Joint Undertaking (JU) under grant agreement No 826610. The JU receives support from the European Union’s Horizon 2020 research and innovation programme and Spain, Austria, Belgium, Czech Republic, France, Italy, Latvia, Netherlands. The total project budget is 28,590,748.75 EUR (excluding ESIF partners), while the requested grant is 7,983,731.61 EUR to ECSEL JU, and 8,874,523.84 EUR of National and ESIF Funding. The project has been started on 1st October 2019

    Internet of Things and Big Data Analytics for Smart and Connected Communities

    Get PDF
    This paper promotes the concept of smart and connected communities SCC, which is evolving from the concept of smart cities. SCC are envisioned to address synergistically the needs of remembering the past (preservation and revitalization), the needs of living in the present (livability), and the needs of planning for the future (attainability). Therefore, the vision of SCC is to improve livability, preservation, revitalization, and attainability of a community. The goal of building SCC for a community is to live in the present, plan for the future, and remember the past. We argue that Internet of Things (IoT) has the potential to provide a ubiquitous network of connected devices and smart sensors for SCC, and big data analytics has the potential to enable the move from IoT to real-time control desired for SCC. We highlight mobile crowdsensing and cyber-physical cloud computing as two most important IoT technologies in promoting SCC. As a case study, we present TreSight, which integrates IoT and big data analytics for smart tourism and sustainable cultural heritage in the city of Trento, Italy

    A DISSERTATION ON THE TESTING APPROACHES OF AUTONOMOUS CYBER-PHYSICAL SYSTEMS

    Get PDF
    Abstract:Testing is among the most critical parts of the development of any system. As technology becomes more advanced, and we continue towards a world defined by integration of advanced features and capabilities (such as being able to think for themselves) in every object, the ability to test these objects becomes infinitely more complicated. This work addresses the testing of autonomous cyber-physical systems (TACPS) by examining current industry best practices as ascertained from interviews with professionals working in the field. Through the interview data provided this work seeks a better understanding of how these systems are tested, the integrated approaches used in testing these systems, and the direction of the industry in the near future. Of interest to readers is investigation of the role of simulation in these testing environments because this work shows how a mix of simulation approaches is combined to overcome development timeline limitations while also addressing a high threshold of safety concerns in a vacuum of clearly defined standards. The results of this work include a series of best practices for professionals performing TACPS and seeks to provide a snapshot of a rapidly evolving landscape defined by emerging technologies that will eventually transform the way all people interact with the physical world. Given the uncertainty and lack of a comprehensive set of defined standards for TACPS, this research seeks to answer the question: How are autonomous cyber-physical systems (ACPS) tested
    • …
    corecore