Federated Embedded Systems – a review of the literature in related fields

This report is concerned with the vision of smart interconnected objects, a vision that has attracted much attention lately. In this paper, embedded, interconnected, open, and heterogeneous control systems are in focus, formally referred to as Federated Embedded Systems. To place FES into a context, a review of some related research directions is presented. This review includes such concepts as systems of systems, cyber-physical systems, ubiquitous computing, internet of things, and multi-agent systems. Interestingly, the reviewed fields seem to overlap with each other in an increasing number of ways

Governing autonomous vehicles: emerging responses for safety, liability, privacy, cybersecurity, and industry risks

The benefits of autonomous vehicles (AVs) are widely acknowledged, but there are concerns about the extent of these benefits and AV risks and unintended consequences. In this article, we first examine AVs and different categories of the technological risks associated with them. We then explore strategies that can be adopted to address these risks, and explore emerging responses by governments for addressing AV risks. Our analyses reveal that, thus far, governments have in most instances avoided stringent measures in order to promote AV developments and the majority of responses are non-binding and focus on creating councils or working groups to better explore AV implications. The US has been active in introducing legislations to address issues related to privacy and cybersecurity. The UK and Germany, in particular, have enacted laws to address liability issues, other countries mostly acknowledge these issues, but have yet to implement specific strategies. To address privacy and cybersecurity risks strategies ranging from introduction or amendment of non-AV specific legislation to creating working groups have been adopted. Much less attention has been paid to issues such as environmental and employment risks, although a few governments have begun programmes to retrain workers who might be negatively affected.Comment: Transport Reviews, 201

Mechatronics & the cloud

Conventionally, the engineering design process has assumed that the design team is able to exercise control over all elements of the design, either directly or indirectly in the case of sub-systems through their specifications. The introduction of Cyber-Physical Systems (CPS) and the Internet of Things (IoT) means that a design team’s ability to have control over all elements of a system is no longer the case, particularly as the actual system configuration may well be being dynamically reconfigured in real-time according to user (and vendor) context and need. Additionally, the integration of the Internet of Things with elements of Big Data means that information becomes a commodity to be autonomously traded by and between systems, again according to context and need, all of which has implications for the privacy of system users. The paper therefore considers the relationship between mechatronics and cloud-basedtechnologies in relation to issues such as the distribution of functionality and user privacy

Governing cyber security through networks : an analysis of cyber security coordination in Belgium

While governments develop formal and informal structures or 'networks' to promote collaboration between governmental departments and agencies, there remains uncertainty on how to set up and develop cyber security networks. The latter is demonstrated when taking recent developments in the field of cyber security in Belgium into consideration. The 2012 decision to create the Belgian cyber security centre seems to entail a move towards a 'Weberian' hierarchical network coordination approach rather than the development of a cyber security network organisation. This article claims that - as the threats of cyber are becoming more complex - there is a growing need for governmental agencies to expand horizontal coordination mechanisms. From this follows, the growing demand for criminological research into the managerial aspects of cyber security networks. Generating knowledge on how to manage networks is required as the latter is not only decisive for the effectiveness and efficiency of cyber security networks but also contributes to the overall network cyber security governance

Governing cyber security through networks : an analysis of cyber security coordination in Belgium

While governments develop formal and informal structures or 'networks' to promote collaboration between governmental departments and agencies, there remains uncertainty on how to set up and develop cyber security networks. The latter is demonstrated when taking recent developments in the field of cyber security in Belgium into consideration. The 2012 decision to create the Belgian cyber security centre seems to entail a move towards a 'Weberian' hierarchical network coordination approach rather than the development of a cyber security network organisation. This article claims that - as the threats of cyber are becoming more complex - there is a growing need for governmental agencies to expand horizontal coordination mechanisms. From this follows, the growing demand for criminological research into the managerial aspects of cyber security networks. Generating knowledge on how to manage networks is required as the latter is not only decisive for the effectiveness and efficiency of cyber security networks but also contributes to the overall network cyber security governance

A Graphical Adversarial Risk Analysis Model for Oil and Gas Drilling Cybersecurity

Oil and gas drilling is based, increasingly, on operational technology, whose cybersecurity is complicated by several challenges. We propose a graphical model for cybersecurity risk assessment based on Adversarial Risk Analysis to face those challenges. We also provide an example of the model in the context of an offshore drilling rig. The proposed model provides a more formal and comprehensive analysis of risks, still using the standard business language based on decisions, risks, and value.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

Cyber-crime Science = Crime Science + Information Security

Cyber-crime Science is an emerging area of study aiming to prevent cyber-crime by combining security protection techniques from Information Security with empirical research methods used in Crime Science. Information security research has developed techniques for protecting the confidentiality, integrity, and availability of information assets but is less strong on the empirical study of the effectiveness of these techniques. Crime Science studies the effect of crime prevention techniques empirically in the real world, and proposes improvements to these techniques based on this. Combining both approaches, Cyber-crime Science transfers and further develops Information Security techniques to prevent cyber-crime, and empirically studies the effectiveness of these techniques in the real world. In this paper we review the main contributions of Crime Science as of today, illustrate its application to a typical Information Security problem, namely phishing, explore the interdisciplinary structure of Cyber-crime Science, and present an agenda for research in Cyber-crime Science in the form of a set of suggested research questions