Security in Open Model Software with Hardware Virtualisation – The Railway Control System Perspective

Using the openETCS initiative as a starting point, we describe how open software can be applied in combination with platform-specific, potentially closed source extensions, in the development, verification, validation and certification of safety-critical railway control systems. We analyse the safety and security threats presented by this approach and discuss conventional operating system partitioning mechanisms, as well as virtualisation methods with respect to their potential to overcome these problems. Furthermore, we advocate a shift from open source to open models, in order to increase the development efficiency of combined open and proprietary solutions

Performance Improvement Based Authentication Protocol for Intervessel Traffic Service Data Exchange Format Protocol Based on U-Navigation System in WoT Environment

International Association of Lighthouse Authorities (IALA) is developing the standard intersystem VTS exchange format (IVEF) protocol for exchange of navigation and vessel information between VTS systems and between VTS and vessels. VTS (vessel traffic system) is an important marine traffic monitoring system which is designed to improve the safety and efficiency of navigation and the protection of the marine environment. And the demand of Inter-VTS networking has been increased for realization of e-Navigation as shore side collaboration for maritime safety. And IVEF (inter-VTS data exchange format) for inter-VTS network has become a hot research topic of VTS system. Currently, the IVEF developed by the International Association of Lighthouse Authorities (IALA) does not include any highly trusted certification technology for the connectors. The output of standardization is distributed as the IALA recommendation V-145, and the protocol is implemented with an open source. The IVEF open source, however, is the code used to check the functions of standard protocols. It is too slow to be used in the field and requires a large memory. And the vessel traffic information requires high security since it is highly protected by the countries. Therefore, this paper suggests the authentication protocol to increase the security of the VTS systems using the main certification server and IVEF

Open Source and Electronic Voting: A New Strategy Toward Technical Procurement for Voting Systems

Direct Recording Electronic Voting Systems (DRE) are some of the most popular forms of electronic voting and yet they are riddled with problems. Current voting systems are poorly designed and migration to newer software can be costly. Inadequate software solutions in voting systems have led to security flaws, bad tabulation, and partisan software design. As government proceeds into an increasingly sophisticated era of voting technology, it needs to consider a better platform. This thesis explores the government procurement strategy associated with modern Direct Recording Electronic Voting Systems. The thesis argues that governments should adopt an open source solution (OSS) for future IT acquisition of voting systems. Adopting an open source solution not only provides practical advantages such as better software design, cheaper implementation, and avoidance of vendor lock-in, but also proposes that OSS provides a strong foundation for future IT policy. Open source’s strength in transparency provides a key factor in voting system design. The thesis recommends that governments adopt a four part strategy for future OSS adoption with voting system. 1) Approve an independent, pro-OSS certification organization that works closely with the U.S Election Assistance Commission, National Institute of Standards and Technology, and other system organizations to create the optimal voting systems guidelines. 2) Update FAR requirements to greater accommodate open source procurement policy. 3) Assist local and state jurisdictions to acquire OSS for DRE machines. 4) Promote open source business strategy by hiring vendors for system integration and analysis This thesis contends that these four policies will improve the electronic voting experience and allow for better future innovation and adoption IT strategies

Model-Driven Cyber Range Training: A Cyber Security Assurance Perspective

Security demands are increasing for all types of organisations, due to the ever-closer integration of computing infrastructures and smart devices into all aspects of the organisational operations. Consequently, the need for security-aware employees in every role of an organisation increases in accordance. Cyber Range training emerges as a promising solution, allowing employees to train in both realistic environments and scenarios and gaining hands-on experience in security aspects of varied complexity, depending on their role and level of expertise. To that end, this work introduces a model-driven approach for Cyber Range training that facilitates the generation of tailor-made training scenarios based on a comprehensive model-based description of the organisation and its security posture. Additionally, our approach facilitates the auto- mated deployment of such training environments, tailored to each defined scenario, through simulation and emulation means. To further highlight the usability of the proposed approach, this work also presents scenarios focusing on phishing threats, with increasing level of complexity and difficulty

MultiPARTES: Multicore Virtualization for Mixed-Criticality Systems

Modern embedded applications typically integrate a multitude of functionalities with potentially different criticality levels into a single system. Without appropriate preconditions, the integration of mixed-criticality subsystems can lead to a significant and potentially unacceptable increase of engineering and certification costs. A promising solution is to incorporate mechanisms that establish multiple partitions with strict temporal and spatial separation between the individual partitions. In this approach, subsystems with different levels of criticality can be placed in different partitions and can be verified and validated in isolation. The MultiPARTES FP7 project aims at supporting mixed- criticality integration for embedded systems based on virtualization techniques for heterogeneous multicore processors. A major outcome of the project is the MultiPARTES XtratuM, an open source hypervisor designed as a generic virtualization layer for heterogeneous multicore. MultiPARTES evaluates the developed technology through selected use cases from the offshore wind power, space, visual surveillance, and automotive domains. The impact of MultiPARTES on the targeted domains will be also discussed. In a number of ongoing research initiatives (e.g., RECOMP, ARAMIS, MultiPARTES, CERTAINTY) mixed-criticality integration is considered in multicore processors. Key challenges are the combination of software virtualization and hardware segregation and the extension of partitioning mechanisms to jointly address significant non-functional requirements (e.g., time, energy and power budgets, adaptivity, reliability, safety, security, volume, weight, etc.) along with development and certification methodology

E-voting discourses in the UK and the Netherlands

A qualitative case study of the e-voting discourses in the UK and the Netherlands was performed based on the theory of strategic niche management. In both countries, eight e-voting experts were interviewed on their expectations, risk estimations, cooperation and learning experiences. The results show that differences in these variables can partly explain the variations in the embedding of e-voting in the two countries, from a qualitative point of view