693,101 research outputs found
Towards Secure and Safe Appified Automated Vehicles
The advancement in Autonomous Vehicles (AVs) has created an enormous market
for the development of self-driving functionalities,raising the question of how
it will transform the traditional vehicle development process. One adventurous
proposal is to open the AV platform to third-party developers, so that AV
functionalities can be developed in a crowd-sourcing way, which could provide
tangible benefits to both automakers and end users. Some pioneering companies
in the automotive industry have made the move to open the platform so that
developers are allowed to test their code on the road. Such openness, however,
brings serious security and safety issues by allowing untrusted code to run on
the vehicle. In this paper, we introduce the concept of an Appified AV platform
that opens the development framework to third-party developers. To further
address the safety challenges, we propose an enhanced appified AV design schema
called AVGuard, which focuses primarily on mitigating the threats brought about
by untrusted code, leveraging theory in the vehicle evaluation field, and
conducting program analysis techniques in the cybersecurity area. Our study
provides guidelines and suggested practice for the future design of open AV
platforms
In my Wish List, an Automated Tool for Fail-Secure Design Analysis: an Alloy-Based Feasibility Draft
A system is said to be fail-secure, sometimes confused with fail-safe, if it
maintains its security requirements even in the event of some faults.
Fail-secure analyses are required by some validation schemes, such as some
Common Criteria or NATO certifications. However, it is an aspect of security
which as been overlooked by the community. This paper attempts to shed some
light on the fail-secure field of study by: giving a definition of fail-secure
as used in those certification schemes, and emphasizing the differences with
fail-safe; and exhibiting a first feasibility draft of a fail-secure design
analysis tool based on the Alloy model checker.Comment: In Proceedings ESSS 2014, arXiv:1405.055
Software implementation of a secure firmware update solution in an IoT context
The present paper is concerned with the secure delivery of firmware updates to Internet of Things (IoT) devices. Additionally, it deals with the design of a safe and secure bootloader for a UHF RFID reader. A software implementation of a secure firmware update solution is performed. The results show there is space to integrate even more security features into existing devices
FASTRA – SAFE AND SECURE
The innovative congestion control algorithm named FASTRA (Fast Active Stability TCP) is aimed for high-speed long-latency networks. Four major difficulties in FASTRA are highlighted at both packet and flow levels. The architecture and characterization of equilibrium and stability properties of FASTRA are robust. Experimental results of FASTRA outsmart TCP Reno, HSTCP, and STCP in terms of throughput, fairness, stability, and responsiveness. FASTRA aims to rapidly stabilize high-speed long-latency networks into steady, efficient and fair operating points, in dynamic sharing environments, and the preliminary results are produced as output of our project. The Proposed architecture is explained with the help of an existing real-time example as to explain why FASTRA download is chosen rather than FTP download. The Paper is concluded with the results of the new congestion control algorithm aided with the graphs obtained during its simulation in NS2. On proper implementation, many safe, FASTRA downloads and data transfers can be carried over a high speed internet network
How Insurers Benefit from the Housing Rehabilitation Efforts of NeighborWorks Organizations
Insurance companies have a vested interest in communities and homes that are safe and secure. Through their successful but underutilized housing rehabilitation expertise, NeighborWorks organizations seek to improve the quality of older, unsafe and/or vacant and abandoned properties in the communities they serve
e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices
To facilitate monitoring and management, modern Implantable Medical Devices
(IMDs) are often equipped with wireless capabilities, which raise the risk of
malicious access to IMDs. Although schemes are proposed to secure the IMD
access, some issues are still open. First, pre-sharing a long-term key between
a patient's IMD and a doctor's programmer is vulnerable since once the doctor's
programmer is compromised, all of her patients suffer; establishing a temporary
key by leveraging proximity gets rid of pre-shared keys, but as the approach
lacks real authentication, it can be exploited by nearby adversaries or through
man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one
of the most important design goals, few schemes explore to lower the
communication and computation overhead all at once. Finally, how to safely
record the commands issued by doctors for the purpose of forensics, which can
be the last measure to protect the patients' rights, is commonly omitted in the
existing literature. Motivated by these important yet open problems, we propose
an innovative scheme e-SAFE, which significantly improves security and safety,
reduces the communication overhead and enables IMD-access forensics. We present
a novel lightweight compressive sensing based encryption algorithm to encrypt
and compress the IMD data simultaneously, reducing the data transmission
overhead by over 50% while ensuring high data confidentiality and usability.
Furthermore, we provide a suite of protocols regarding device pairing,
dual-factor authentication, and accountability-enabled access. The security
analysis and performance evaluation show the validity and efficiency of the
proposed scheme
- …